r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11024
Expires: Sat, 04 Feb 2023 09:46:41 GMT
Date: Sat, 04 Feb 2023 06:42:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8845
Expires: Sat, 04 Feb 2023 09:10:22 GMT
Date: Sat, 04 Feb 2023 06:42:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 06:36:14 GMT
content-type: application/json
age: 403
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10687
Expires: Sat, 04 Feb 2023 09:41:04 GMT
Date: Sat, 04 Feb 2023 06:42:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PXMi4+yBvKCYSBaAsMrakRvkxrwJ8gxdRtJf3zx0R3r7/GW7I/e/YQcYvGqSSyGXNLDr0bJ2jYY=
x-amz-request-id: 51W20BGX53AEX19C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 05:52:43 GMT
age: 3014
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:42:57 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 06:07:19 GMT
age: 2138
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9617
Expires: Sat, 04 Feb 2023 09:23:14 GMT
Date: Sat, 04 Feb 2023 06:42:57 GMT
Connection: keep-alive
12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
200 OK 6.4 kB URL HTTP/1.1 12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (304), with CRLF, LF line terminators
Hash f4621f3f6e6d1761ac83af1ac637a291
0489953ec5d81b3c30159d57a4f3cb6789ac2df2
4619f513196c603eece12823d3502588824860d955f19d9a5afd55320f5ef396
Analyzer Verdict Alert fortinet Malware
GET /down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:42:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ShbLlQcjMkpJKjzUGNOAQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hfsQqf8xJhDEAL32viab/B8ZWKI=
12228.url.tudown.com/template/company/42xz/css/common.css
200 OK 1.9 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/css/common.css
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5
GET /template/company/42xz/css/common.css HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Sat, 04 Feb 2023 18:42:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12228.url.tudown.com/js/orsxg5a.script
200 OK 531 B URL HTTP/1.1 12228.url.tudown.com/js/orsxg5a.script
IP
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12228.url.tudown.com/template/company/42xz/css/soft.css
200 OK 6.6 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/css/soft.css
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356
GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Sat, 04 Feb 2023 18:42:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12228.url.tudown.com/template/company/42xz/js/soft.js
200 OK 3.6 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/js/soft.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d
GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Sat, 04 Feb 2023 18:42:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12228.url.tudown.com/uploads/images/598053.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/598053.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/598053.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1205739495,1245237169&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
12228.url.tudown.com/uploads/images/943495.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/943495.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/943495.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3204007935,2412746479&fm=253&app=120&f=JPEG?w=1280&h=800
12228.url.tudown.com/template/company/42xz/images/tab_line.png
200 OK 1.2 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/images/tab_line.png
IP
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 190 x 7\012- data
Hash 4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06
GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes
12228.url.tudown.com/uploads/images/870108.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/870108.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/870108.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=32268543,1227960868&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400
12228.url.tudown.com/uploads/images/536312.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/536312.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/536312.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2192575335,212195486&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec46kj7z4jvht2pepgrkaonhej5gmzb2fuupslxo7fqwwold5y&w=250
200 OK 3.8 kB URL HTTP/1.1 12228.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec46kj7z4jvht2pepgrkaonhej5gmzb2fuupslxo7fqwwold5y&w=250
IP
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash ed02213cb5a8b9c435beff942aec886e
c3a2d3504ff7f6c9c6d887179496a3b5c468d429
f803288101d17e59978ccda9a47c411643ef2639a7455cbbcd571d10e06e3634
GET /uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec46kj7z4jvht2pepgrkaonhej5gmzb2fuupslxo7fqwwold5y&w=250 HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12228.url.tudown.com/template/company/42xz/images/dian1.png
200 OK 1.1 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/images/dian1.png
IP
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685
GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes
12228.url.tudown.com/template/company/42xz/js/jquery.js
200 OK 46 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/js/jquery.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash 49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be
GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:42:58 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Sat, 04 Feb 2023 18:42:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash c45b5d23d78c603a4f679957cc907c55
c0c6131e462224b19bf52c269ffda26be7dcc3ce
7acbb574f2c3ce64da98b8bf9e8af19ba063535e4cbf9fadaf803c34381178dd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:09:39 GMT
ETag: "c0c6131e462224b19bf52c269ffda26be7dcc3ce"
Last-Modified: Sat, 04 Feb 2023 04:09:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1878
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79416df0ac0bb509-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10284
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 06:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10284
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 06:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10284
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 06:42:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 30746
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 30300
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 30569
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 30758
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 30860
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 32095
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12228.url.tudown.com/uploads/images/417511.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/417511.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/417511.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=431132824,3658836172&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
12228.url.tudown.com/uploads/images/214569.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/214569.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/214569.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
12228.url.tudown.com/uploads/images/602728.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/602728.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/602728.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=161860582,680699949&fm=253&fmt=auto&app=138&f=GIF?w=500&h=889
12228.url.tudown.com/uploads/images/436370.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/436370.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/436370.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1602637317,2040556932&fm=253&fmt=auto?w=720&h=1280
12228.url.tudown.com/uploads/images/618791.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/618791.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/618791.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3072183745,1875768798&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
12228.url.tudown.com/uploads/images/644675.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/644675.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/644675.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1542852855,4048179013&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/987582.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/987582.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/987582.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=292709299,324422611&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500
12228.url.tudown.com/uploads/images/457202.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/457202.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/457202.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1852215905,124408758&fm=253&app=120&f=JPEG?w=1280&h=800
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc91044ea257e54846f8dd907b48d29e
6d2231e05dabe5ee55f8dbf8687d7b7a92c25d64
8e77e1a87ab035ed1affd01159d1c899e46d7c247d0bc085dd57d1b1c6fed830
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E77E1A87AB035ED1AFFD01159D1C899E46D7C247D0BC085DD57D1B1C6FED830"
Last-Modified: Thu, 02 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2891
Expires: Sat, 04 Feb 2023 07:31:10 GMT
Date: Sat, 04 Feb 2023 06:42:59 GMT
Connection: keep-alive
12228.url.tudown.com/uploads/images/651623.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/651623.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/651623.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3103854683,3713152495&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500
12228.url.tudown.com/uploads/images/731871.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/731871.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/731871.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=518394472,1008597378&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
12228.url.tudown.com/uploads/images/44814.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/44814.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/44814.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2387301952,2631856890&fm=253&app=138&f=JPEG?w=889&h=500
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 06:42:59 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 06:42:59 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=AB5BCF927005B5D5F1E25D19C878A270:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 06:42:59 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12228.url.tudown.com/uploads/images/769989.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/769989.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/769989.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:42:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=868208017,2986334908&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/616525.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/616525.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/616525.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=840827710,1308760029&fm=224&app=112&f=JPEG?w=422&h=422
12228.url.tudown.com/uploads/images/490282.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/490282.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/490282.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3760551908,4089021835&fm=253&fmt=auto&app=138&f=JPEG?w=658&h=465
12228.url.tudown.com/uploads/images/837479.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/837479.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/837479.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3321200371,2904499352&fm=224&app=112&f=JPEG?w=500&h=333
ocsp2.globalsign.com/gsorganizationvalsha2g2
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
Hash ef71312ddbf6b5f1570940c7d6235ec3
78bbc880e6a401954c4ff0f0a730aebc7a17290e
d64f0d63361f8149c01ce419826eb2f2edca86154c80ae5a49d359943f770e3f
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 05:07:59 GMT
ETag: "78bbc880e6a401954c4ff0f0a730aebc7a17290e"
Last-Modified: Sat, 04 Feb 2023 05:08:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 179
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79416df78efcb4eb-OSL
12228.url.tudown.com/uploads/images/698226.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/698226.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/698226.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800
12228.url.tudown.com/uploads/images/403029.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/403029.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/403029.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=669373584,1842169601&fm=253&fmt=auto?w=1280&h=800
12228.url.tudown.com/uploads/images/85906.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/85906.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/85906.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=4188928638,2115159921&fm=253&app=138&f=JPEG?w=800&h=500
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 5affd6cf382f74fbbc9f445cfd6788b1
e55afbdb4c7eb8d12b156897ccb2fdd44aaec495
7a1cc3e96ea413dc195d389f28e062c96315a07d03971a6888ec0e69a6a4f1d7
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12228.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 06:42:59 GMT
Etag: 3e18613ff842db79ab453cf79819e40f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B8FB84CFD25CAA80; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
api.share.baidu.com/s.gif?l=http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 06:43:00 GMT
12228.url.tudown.com/template/company/42xz/images/dian2.png
200 OK 1.1 kB URL HTTP/1.1 12228.url.tudown.com/template/company/42xz/images/dian2.png
IP
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash 3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1
GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes
12228.url.tudown.com/uploads/images/819810.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/819810.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/819810.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1154901079,1811853825&fm=253&fmt=auto&app=138&f=JPEG?w=529&h=500
12228.url.tudown.com/uploads/images/374.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/374.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/374.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2019091815,1726498777&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
12228.url.tudown.com/uploads/images/953729.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/953729.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/953729.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1215389927,3694096317&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/626459.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/626459.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/626459.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3941512157,2811093960&fm=253&fmt=auto&app=138&f=GIF?w=500&h=194
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=930391092&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=25205&r=0&ww=1280&u=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&tt=%E5%BC%80%E4%BA%91%E6%B3%A8%E5%86%8C(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=930391092&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=25205&r=0&ww=1280&u=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&tt=%E5%BC%80%E4%BA%91%E6%B3%A8%E5%86%8C(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=930391092&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=25205&r=0&ww=1280&u=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&tt=%E5%BC%80%E4%BA%91%E6%B3%A8%E5%86%8C(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12228.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 06:43:00 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=31C3B465E9BD193C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
12228.url.tudown.com/uploads/images/592399.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/592399.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/592399.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1982270299,2434319169&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
12228.url.tudown.com/uploads/images/513814.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/513814.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/513814.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4001606587,1112325907&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12228.url.tudown.com/uploads/images/769827.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/769827.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/769827.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447
12228.url.tudown.com/uploads/images/291243.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/291243.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/291243.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3162919453,102928450&fm=253&fmt=auto?w=1422&h=800
12228.url.tudown.com/uploads/images/884381.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/884381.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/884381.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3281095219,608912849&fm=253&fmt=auto&app=138&f=JPEG?w=421&h=540
12228.url.tudown.com/uploads/images/604360.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/604360.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/604360.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2663934296,4236063241&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
12228.url.tudown.com/uploads/images/36084.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/36084.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/36084.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1178444266,632526794&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=426
img2.baidu.com/it/u=1154901079,1811853825&fm=253&fmt=auto&app=138&f=JPEG?w=529&h=500
200 OK 9.5 kB URL HTTP/1.1 img2.baidu.com/it/u=1154901079,1811853825&fm=253&fmt=auto&app=138&f=JPEG?w=529&h=500
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 529x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44d06e90735efb104f35456b861f8b13
d01b9f4a273630819196c1c5d92a94c31e707a7d
66b60dc32f4d4acfbe27eb6ed56fa58f10678bda117c8401b050e8d023739efb
GET /it/u=1154901079,1811853825&fm=253&fmt=auto&app=138&f=JPEG?w=529&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/webp
Content-Length: 9546
Connection: keep-alive
Expires: Tue, 21 Feb 2023 00:53:21 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 44d06e90735efb104f35456b861f8b13
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 00:53:21 GMT
Ohc-Cache-HIT: cd6ct64 [1], qdix162 [4]
Ohc-File-Size: 9546
X-Cache-Status: MISS
img2.baidu.com/it/u=4188928638,2115159921&fm=253&app=138&f=JPEG?w=800&h=500
200 OK 32 kB URL HTTP/1.1 img2.baidu.com/it/u=4188928638,2115159921&fm=253&app=138&f=JPEG?w=800&h=500
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 54x54, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash 5089989d7200a8d19a150590604f43c9
0ad2a79ce9c1492b010b759552fa84a18be6ce58
f555372ff468a451f267ed59495382e0e69835f3b37a6c1a093922c3d40893af
GET /it/u=4188928638,2115159921&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpeg
Content-Length: 31518
Connection: keep-alive
Expires: Sat, 18 Feb 2023 04:48:42 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 5089989d7200a8d19a150590604f43c9
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 04:48:42 GMT
Ohc-Cache-HIT: cd6ct80 [1], xiangyix187 [4]
Ohc-File-Size: 31518
X-Cache-Status: MISS
12228.url.tudown.com/uploads/images/790917.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/790917.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/790917.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1604580792,295564688&fm=224&app=112&f=JPEG?w=500&h=500
12228.url.tudown.com/uploads/images/112486.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/112486.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/112486.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3701745270,5465264&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img0.baidu.com/it/u=2387301952,2631856890&fm=253&app=138&f=JPEG?w=889&h=500
200 OK 41 kB URL HTTP/1.1 img0.baidu.com/it/u=2387301952,2631856890&fm=253&app=138&f=JPEG?w=889&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 889x500, components 3\012- data
Hash a6d1ad2cd711b4d67b718b13331aaf74
c1113f8ce5ebffcd3ac32b9dfc9cc6a7c98b48de
648cbc6b2972cc9898131f063770519ad92af1ff38d0ee80c68f8ac388c02c9e
GET /it/u=2387301952,2631856890&fm=253&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpeg
Content-Length: 41418
Connection: keep-alive
Expires: Sat, 25 Feb 2023 15:21:03 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: a6d1ad2cd711b4d67b718b13331aaf74
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 26 Jan 2023 15:21:03 GMT
Ohc-Cache-HIT: cd2ct61 [1], czix119 [2]
Ohc-File-Size: 41418
X-Cache-Status: MISS
12228.url.tudown.com/uploads/images/552845.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/552845.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/552845.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1003348654,798958761&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
img0.baidu.com/it/u=1205739495,1245237169&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
200 OK 4.9 kB URL HTTP/2 img0.baidu.com/it/u=1205739495,1245237169&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b777e8397fff5831e281d1d256b32e87
55608c227b0d5e91bd47e1653d5a326cc6afa107
5e91b497ec03639bd756175e7226acc860e07d3f86604ace456fc68905bae452
GET /it/u=1205739495,1245237169&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 4880
expires: Fri, 24 Feb 2023 13:33:43 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: b777e8397fff5831e281d1d256b32e87
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 13:33:43 GMT
ohc-cache-hit: cd2ct50 [1], xaix199 [4]
ohc-file-size: 4880
x-cache-status: MISS
X-Firefox-Spdy: h2
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
200 OK 20 B URL HTTP/2 s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12228.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Sat, 04 Feb 2023 06:03:00 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sat, 04 Feb 2023 06:03:00 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1675490580
via: cache18.l2ea120-8[75,75,200-0,M], cache30.l2ea120-8[77,0], cache8.cn2205[0,0,200-0,H], cache11.cn2205[1,0]
age: 2401
x-cache: HIT TCP_MEM_HIT dirn:13:697875226
x-swift-savetime: Sat, 04 Feb 2023 06:03:00 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb1f16754929815861836e
X-Firefox-Spdy: h2
12228.url.tudown.com/uploads/images/386265.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/386265.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/386265.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3661846622,93064768&fm=253&fmt=auto&app=138&f=JPEG?w=245&h=300
12228.url.tudown.com/uploads/images/480785.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/480785.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/480785.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=19217414,1106899404&fm=253&fmt=auto&app=138&f=PNG?w=485&h=500
12228.url.tudown.com/uploads/images/793849.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/793849.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/793849.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=564061210,4066115295&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=3760551908,4089021835&fm=253&fmt=auto&app=138&f=JPEG?w=658&h=465
200 OK 63 kB URL HTTP/1.1 img2.baidu.com/it/u=3760551908,4089021835&fm=253&fmt=auto&app=138&f=JPEG?w=658&h=465
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 658x465, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e8881d0b8c6dc419c000fa1876ecc6f1
8dcae33ba227e417bb654ad3fdbc463163ceb46c
fe0cef7c9ed03a52482aecf18424ce3b00dc776813a42dd218736f6054cccd89
GET /it/u=3760551908,4089021835&fm=253&fmt=auto&app=138&f=JPEG?w=658&h=465 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/webp
Content-Length: 62700
Connection: keep-alive
Expires: Thu, 02 Mar 2023 09:52:29 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: e8881d0b8c6dc419c000fa1876ecc6f1
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 31 Jan 2023 09:52:29 GMT
Ohc-Cache-HIT: cd6ct64 [1], csix113 [2]
Ohc-File-Size: 62700
X-Cache-Status: MISS
t13.baidu.com/it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500
200 OK 59 kB URL HTTP/1.1 t13.baidu.com/it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x500, components 3\012- data
Hash e6f8e8c107ef57bb869b14ce1ccb0f70
b7be68398774b4b697e1f48403bf9ed405402a66
13a183e8641e9b8e1cc1eb4afc5337a733b4e3bdb2169affcf12841bd5749888
GET /it/u=2383069599,3603504220&fm=224&app=112&f=JPEG?w=375&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpeg
Content-Length: 59190
Connection: keep-alive
Expires: Thu, 16 Feb 2023 07:58:23 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: e6f8e8c107ef57bb869b14ce1ccb0f70
Age: 317871
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 07:58:22 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache54 [4], wzix101 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 59190
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3281095219,608912849&fm=253&fmt=auto&app=138&f=JPEG?w=421&h=540
200 OK 26 kB URL HTTP/2 img0.baidu.com/it/u=3281095219,608912849&fm=253&fmt=auto&app=138&f=JPEG?w=421&h=540
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 421x540, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5073af80e21f76a70c1218f148117995
138e43600fbc57db6a94b80ae65613e69160a3ac
3298f4e65c7b46c1cf2dca558a8f56fdf7f89afd5b577522bfef2d2af98d5d03
GET /it/u=3281095219,608912849&fm=253&fmt=auto&app=138&f=JPEG?w=421&h=540 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 25530
expires: Tue, 21 Feb 2023 05:00:21 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 5073af80e21f76a70c1218f148117995
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:00:21 GMT
ohc-cache-hit: cd2ct54 [1], suzix240 [4]
ohc-file-size: 25530
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1852215905,124408758&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 100 kB URL HTTP/1.1 img0.baidu.com/it/u=1852215905,124408758&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 8c172c83b354f8095083afc014770142
2880de2ebe26b22651a3fc343c2a9d35f5b680f2
2a00a5c07b41dd9bb7be5d36516cea36c2c253ad0ea399f9f2ba19da9d564521
GET /it/u=1852215905,124408758&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpeg
Content-Length: 99673
Connection: keep-alive
Expires: Wed, 15 Feb 2023 11:21:37 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 8c172c83b354f8095083afc014770142
Age: 212014
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 11:21:37 GMT
Ohc-Cache-HIT: cd2ct64 [4], wzix93 [4]
Ohc-File-Size: 99673
X-Cache-Status: HIT
img0.baidu.com/it/u=3941512157,2811093960&fm=253&fmt=auto&app=138&f=GIF?w=500&h=194
200 OK 46 kB URL HTTP/2 img0.baidu.com/it/u=3941512157,2811093960&fm=253&fmt=auto&app=138&f=GIF?w=500&h=194
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 500 x 194\012- data
Hash 850d822ca52adcca74ebf6dc7f8ea15a
1ee54e1d80ac1fdb015cfd9fccc54dbe15118f09
871f9bd1f9d6f5bac00c2aa3231b1a00899cb1028f5bb5bf5d3438e94fde1c59
GET /it/u=3941512157,2811093960&fm=253&fmt=auto&app=138&f=GIF?w=500&h=194 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/gif
content-length: 46245
expires: Mon, 20 Feb 2023 10:41:42 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 850d822ca52adcca74ebf6dc7f8ea15a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 10:41:42 GMT
ohc-cache-hit: cd2ct55 [1], xaix181 [2]
ohc-file-size: 46245
x-cache-status: MISS
X-Firefox-Spdy: h2
12228.url.tudown.com/uploads/images/600454.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12228.url.tudown.com/uploads/images/600454.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/600454.jpg HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=254453173,3423750965&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
img1.baidu.com/it/u=1178444266,632526794&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=426
200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=1178444266,632526794&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=426
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x426, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa1276781b0ab8e7cfb85abbc6635f9b
3ed76312db14b02e3c2781ddac1bfe282116ca47
2f183a3bed2afbacbb5a283f5c9fa971f8e2f384c167d8fb9eeb29a84bc11363
GET /it/u=1178444266,632526794&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=426 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 14524
expires: Tue, 28 Feb 2023 02:59:52 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: fa1276781b0ab8e7cfb85abbc6635f9b
age: 190039
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 02:59:52 GMT
ohc-cache-hit: cd2ct64 [4], xaix144 [4]
ohc-file-size: 14524
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3661846622,93064768&fm=253&fmt=auto&app=138&f=JPEG?w=245&h=300
200 OK 11 kB URL HTTP/1.1 img2.baidu.com/it/u=3661846622,93064768&fm=253&fmt=auto&app=138&f=JPEG?w=245&h=300
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 245x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 43c87cb7bad2199daaeb528e46a97bec
97b6c409960b012aad30998c298e1b3bf8ff2b2e
3ca7ebc3e65ffb341fa621bfb4de4f49930b31f86692fa6c2affcd2e76385aad
GET /it/u=3661846622,93064768&fm=253&fmt=auto&app=138&f=JPEG?w=245&h=300 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/webp
Content-Length: 11170
Connection: keep-alive
Expires: Fri, 10 Feb 2023 05:00:13 GMT
Last-Modified: Sun, 04 Jan 1970 00:00:00 GMT
ETag: 43c87cb7bad2199daaeb528e46a97bec
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 05:00:13 GMT
Ohc-Cache-HIT: cd6ct52 [1], wzix110 [2]
Ohc-File-Size: 11170
X-Cache-Status: MISS
img1.baidu.com/it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 92 kB URL HTTP/1.1 img1.baidu.com/it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 69d54b5f725aaa87c8a71a77f4cc38b6
a35fed891e225cd5bfe2754447670bfa4fe42336
2d1986aefbddf89ebb01171bab46b28fcd41d6ad11f962ecf9a0752716373276
GET /it/u=1739635726,4004483696&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpeg
Content-Length: 91516
Connection: keep-alive
Expires: Sun, 05 Mar 2023 14:32:19 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 69d54b5f725aaa87c8a71a77f4cc38b6
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 14:32:19 GMT
Ohc-Cache-HIT: cd2ct50 [1], xaix196 [2]
Ohc-File-Size: 91516
X-Cache-Status: MISS
img2.baidu.com/it/u=2663934296,4236063241&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
200 OK 32 kB URL HTTP/2 img2.baidu.com/it/u=2663934296,4236063241&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x501, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01cb6987a2f88b4bf4fb15676211d00e
579b6354038f75378ac114a87d8feabdbc673f8a
85c2cafdafea1c7b5d02c3a0a716d3e4e556b870da735f871afdcc15b9c28301
GET /it/u=2663934296,4236063241&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 31924
expires: Sat, 18 Feb 2023 12:38:04 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 01cb6987a2f88b4bf4fb15676211d00e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 12:38:04 GMT
ohc-cache-hit: cd6ct66 [1], czix66 [2]
ohc-file-size: 31924
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=518394472,1008597378&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
200 OK 36 kB URL HTTP/2 img2.baidu.com/it/u=518394472,1008597378&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6ad7b7a25e499b09d985e71a07ab1588
f249d8d348bccff99c658c01ea7d87891d6a36cd
335d6d1370938c9ea81045bb77f0aafdcb10cd5882d3b26e691d2d9f81e7e2de
GET /it/u=518394472,1008597378&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 36318
expires: Sat, 18 Feb 2023 16:45:46 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6ad7b7a25e499b09d985e71a07ab1588
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 16:45:46 GMT
ohc-cache-hit: cd6ct62 [1], suzix138 [4]
ohc-file-size: 36318
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=1604580792,295564688&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 30 kB URL HTTP/1.1 t13.baidu.com/it/u=1604580792,295564688&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ade172479429941709dbcf39491e3e15
a09b492dabaad727abee76e88d417f12d691b66d
6b33b2510329587178eb88f1c6213c45c219be15923efb524182b5ee8f110b81
GET /it/u=1604580792,295564688&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:02 GMT
Content-Type: image/jpeg
Content-Length: 30421
Connection: keep-alive
Expires: Thu, 02 Mar 2023 09:31:32 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: ade172479429941709dbcf39491e3e15
Age: 330888
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 31 Jan 2023 09:31:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache65 [4], xiangyix85 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 30421
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=868208017,2986334908&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 39 kB URL HTTP/1.1 t13.baidu.com/it/u=868208017,2986334908&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash be24932b1d3638f7e3f5623b3861238f
8e6289cb99b2588492e32c45a6ad18d6db1d6f49
be60f803d4b75276ec5c144f09ca940bb414eead97e3368b139d5ab4aac3f91b
GET /it/u=868208017,2986334908&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:02 GMT
Content-Type: image/jpeg
Content-Length: 39003
Connection: keep-alive
Expires: Mon, 06 Mar 2023 02:03:59 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: be24932b1d3638f7e3f5623b3861238f
Age: 16743
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 02:03:59 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache61 [2], wzix61 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39003
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=1215389927,3694096317&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 76 kB URL HTTP/1.1 t13.baidu.com/it/u=1215389927,3694096317&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 514c5b1d43b2ed66786a74eb7319b071
f4b593c4521b6bb5e642e95c49be4d23d4f13f81
487976cb85821d8b021515968329d6bd10e79f3a9cc29d16e910e00f2d7a686c
GET /it/u=1215389927,3694096317&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:02 GMT
Content-Type: image/jpeg
Content-Length: 75528
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:38:07 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 514c5b1d43b2ed66786a74eb7319b071
Age: 2094095
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:38:07 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache52 [1], wzix95 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 75528
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1003348654,798958761&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
200 OK 72 kB URL HTTP/2 img0.baidu.com/it/u=1003348654,798958761&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash afc18226395371d6ed915f4413f47264
15718f5b74947ee92a7cc8bf6884e26d7db9ec22
8be89aa841771be72c71c38df23cd35f47ff1b615049352e9498c5b11e07b418
GET /it/u=1003348654,798958761&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 71914
expires: Tue, 21 Feb 2023 03:10:46 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: afc18226395371d6ed915f4413f47264
age: 998224
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:10:46 GMT
ohc-cache-hit: cd2ct51 [4], bdix197 [2]
ohc-file-size: 71914
x-cache-status: HIT
X-Firefox-Spdy: h2
t14.baidu.com/it/u=564061210,4066115295&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 51 kB URL HTTP/1.1 t14.baidu.com/it/u=564061210,4066115295&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 98e25cc25140e62fb5aa5826acf20ccc
1d6c77a8e0f69dae2a381eb423b0c540c506fd3c
67e65dc0224ce3f8e78454b804d9f419e32672bee1b80c20f66b54b8b9e291fe
GET /it/u=564061210,4066115295&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:02 GMT
Content-Type: image/jpeg
Content-Length: 50616
Connection: keep-alive
Expires: Sat, 04 Mar 2023 03:28:30 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 98e25cc25140e62fb5aa5826acf20ccc
Age: 16958
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 03:28:30 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache53 [1], csix53 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 50616
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=1982270299,2434319169&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=1982270299,2434319169&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c18a165d9ddfea9f9462022cde50d745
843c3673b2ffe452ff1de33802de7c3b4f780eac
862f1bb348390f1af3a28bfc1eb496ec0c22450544f572cc4fc3d263afebeb5f
GET /it/u=1982270299,2434319169&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 17408
expires: Sun, 05 Feb 2023 12:51:50 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: c18a165d9ddfea9f9462022cde50d745
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 12:51:50 GMT
ohc-cache-hit: cd2ct52 [1], xaix102 [4]
ohc-file-size: 17408
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x681, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc144a19de6edc8fac134a63b616f86e
edf8b5ec243bdafe7002c8adc201c958432ba825
a17bd83bd92e7b4f579877358861a1703ccfffb7ec0c419fb55ca80723b9293b
GET /it/u=2635514434,3493085581&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=681 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 18988
expires: Sun, 19 Feb 2023 07:32:00 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: fc144a19de6edc8fac134a63b616f86e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 07:32:00 GMT
ohc-cache-hit: cd6ct77 [1], wzix77 [4]
ohc-file-size: 18988
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=669373584,1842169601&fm=253&fmt=auto?w=1280&h=800
200 OK 46 kB URL HTTP/2 img2.baidu.com/it/u=669373584,1842169601&fm=253&fmt=auto?w=1280&h=800
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c941bf2551627cefe0bd7f67978f033
3f49207c86e3a93df9f64da431c6ec64daec6b05
bb507f781269ed2938b228906da7f5948e6eec0a8b5b2f17c65ca493cfdb5049
GET /it/u=669373584,1842169601&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 45840
expires: Mon, 20 Feb 2023 15:28:47 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 8c941bf2551627cefe0bd7f67978f033
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 15:28:47 GMT
ohc-cache-hit: cd6ct55 [1], czix155 [2]
ohc-file-size: 45840
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3162919453,102928450&fm=253&fmt=auto?w=1422&h=800
200 OK 70 kB URL HTTP/2 img2.baidu.com/it/u=3162919453,102928450&fm=253&fmt=auto?w=1422&h=800
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0c0016821e541f5e9d13353c504b06b6
941308cacd37aa79f5610e0f1ccae3d09fa8f4ef
742b76da20be3a7aefae9893fdb4a01ed7adfa5a87b37a2e30f762f39d5468c7
GET /it/u=3162919453,102928450&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 69834
expires: Tue, 21 Feb 2023 02:56:36 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0c0016821e541f5e9d13353c504b06b6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:56:36 GMT
ohc-cache-hit: cd6ct71 [1], bdix174 [2]
ohc-file-size: 69834
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=3321200371,2904499352&fm=224&app=112&f=JPEG?w=500&h=333
200 OK 29 kB URL HTTP/1.1 t14.baidu.com/it/u=3321200371,2904499352&fm=224&app=112&f=JPEG?w=500&h=333
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x333, components 3\012- data
Hash 6136dca86ce443975f04ee4b4f186c12
1607921db4d0a3b538284808214382f7efc71641
6b0d04985a73ce2e37ebc532f29129282fd0ce1ee6b38d33c7c830975f197c06
GET /it/u=3321200371,2904499352&fm=224&app=112&f=JPEG?w=500&h=333 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:02 GMT
Content-Type: image/jpeg
Content-Length: 29293
Connection: keep-alive
Expires: Tue, 07 Feb 2023 00:52:00 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 6136dca86ce443975f04ee4b4f186c12
Age: 187406
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 00:52:00 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache65 [1], czix241 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 29293
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=2192575335,212195486&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 43 kB URL HTTP/1.1 t13.baidu.com/it/u=2192575335,212195486&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c1a8e0025a747157353fdd9d58c661aa
567efef4f6b89d37ffdaeedcbc41a4d4a4d36786
1b5cdb54e1edb0ef536a397357e73ab551ec2944a9f808e0ae2b623918c44876
GET /it/u=2192575335,212195486&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:02 GMT
Content-Type: image/jpeg
Content-Length: 42618
Connection: keep-alive
Expires: Sat, 04 Mar 2023 12:18:29 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: c1a8e0025a747157353fdd9d58c661aa
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 12:18:29 GMT
Ohc-Upstream-Trace: 58.20.204.59
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache59 [4], csix100 [4]
Ohc-Response-Time: 1 0 0 0 450 450
Ohc-File-Size: 42618
X-Cache-Status: MISS
Timing-Allow-Origin: *
img1.baidu.com/it/u=3204007935,2412746479&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 103 kB URL HTTP/1.1 img1.baidu.com/it/u=3204007935,2412746479&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 103 kB (103302 bytes)
Hash 49f6dd2074ee242bb0da96d5f61a6ecb
2413fcc31b6445827d274c083460d2a9c3c628fd
915a4bb2b07c576f8c15b5d381ec0030e01ff5c025ccecacb507205cbead59e1
GET /it/u=3204007935,2412746479&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:01 GMT
Content-Type: image/jpeg
Content-Length: 103302
Connection: keep-alive
Expires: Sat, 25 Feb 2023 12:33:48 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 49f6dd2074ee242bb0da96d5f61a6ecb
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 26 Jan 2023 12:33:48 GMT
Ohc-Cache-HIT: cd2ct60 [1], suzix232 [2]
Ohc-File-Size: 103302
X-Cache-Status: MISS
t15.baidu.com/it/u=840827710,1308760029&fm=224&app=112&f=JPEG?w=422&h=422
200 OK 43 kB URL HTTP/1.1 t15.baidu.com/it/u=840827710,1308760029&fm=224&app=112&f=JPEG?w=422&h=422
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 422x422, components 3\012- data
Hash 9a3f3514fb36cdd1292acdf6ef07adf9
6d3fd51f3c39e45b32ebb6165a6d08888a8e7e0a
224c594c615819691ccd896c10ccab4d02cf57c17b3887197732a3affc2c61fc
GET /it/u=840827710,1308760029&fm=224&app=112&f=JPEG?w=422&h=422 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:02 GMT
Content-Type: image/jpeg
Content-Length: 43368
Connection: keep-alive
Expires: Thu, 02 Mar 2023 12:14:18 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 9a3f3514fb36cdd1292acdf6ef07adf9
Age: 316271
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 31 Jan 2023 12:14:18 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache63 [1], csix117 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43368
X-Cache-Status: HIT
Timing-Allow-Origin: *
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
200 OK 117 B URL HTTP/1.1 js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP
ASN #55992 Beijing Qihu Technology Company Limited
File type HTML document, ASCII text, with no line terminators
Hash d7c7d923f7e71e0b2a1e52f3f25aee25
8606ce2096c434bbe71f9f1ef0545a8381427c37
db40794d592b2a0f6924d2c38fcabe8901b6f65f59f1bf041d6b5a8f0c4f1cb9
GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:43:02 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Sat, 04 Feb 2023 06:53:02 GMT
KCS-Via: REVALIDATED from w-fc03.lato;HIT from w-sc01.lato
Content-Encoding: gzip
img1.baidu.com/it/u=2019091815,1726498777&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
200 OK 44 kB URL HTTP/2 img1.baidu.com/it/u=2019091815,1726498777&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x667, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ad32b1c94c42bb9ae43f25715b1bd39
6af49b1e9ce3795dc7b1794e84f6521995a47655
acb1f6e73780d90f371cb1f75df2c4ba15e6786f71ef3bb66792c442b6d0c812
GET /it/u=2019091815,1726498777&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 44078
expires: Mon, 06 Mar 2023 04:29:34 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 8ad32b1c94c42bb9ae43f25715b1bd39
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 04:29:34 GMT
ohc-cache-hit: cd2ct57 [1], qdix242 [4]
ohc-file-size: 44078
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4001606587,1112325907&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
200 OK 36 kB URL HTTP/2 img1.baidu.com/it/u=4001606587,1112325907&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1ff194fffd5f44ecc350143eaddbcf9a
a0485ecc94df285c947c07a28c1d28f9a18f23aa
3ddb9e26babb7184ebd02636340546b1d295d112340e886d68c1e566d66a283d
GET /it/u=4001606587,1112325907&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 36092
expires: Mon, 20 Feb 2023 07:39:43 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 1ff194fffd5f44ecc350143eaddbcf9a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 07:39:43 GMT
ohc-cache-hit: cd2ct50 [1], xaix196 [4]
ohc-file-size: 36092
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3701745270,5465264&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
200 OK 36 kB URL HTTP/2 img1.baidu.com/it/u=3701745270,5465264&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9399d09208dd19889f804e0a828dd1b7
78d52e518aec2f976d395d752f7408181e51dc05
5e08fd8f01fcc36423567700d31526110d7de6503588da7ad749b113b7d48a79
GET /it/u=3701745270,5465264&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 36118
expires: Thu, 23 Feb 2023 13:16:35 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 9399d09208dd19889f804e0a828dd1b7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 13:16:35 GMT
ohc-cache-hit: cd2ct60 [1], xiangyix87 [2]
ohc-file-size: 36118
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3103854683,3713152495&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500
200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=3103854683,3713152495&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 552x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f72c46571d24d258377e7100b74f6e28
2acc1f173d1f2523f60a31f236489dba9f9e0334
168fe53a79982ab7456117cb8d0b8a2d6a94a3f9ff66d8a14c1761897d270897
GET /it/u=3103854683,3713152495&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 13976
expires: Thu, 02 Mar 2023 04:21:42 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: f72c46571d24d258377e7100b74f6e28
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 04:21:42 GMT
ohc-cache-hit: cd2ct54 [1], xiangyix54 [4]
ohc-file-size: 13976
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447
200 OK 24 kB URL HTTP/2 img2.baidu.com/it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x447, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b37223ee558928daaa065ec85236fc80
fcb667eda6d4469bbbdff932cb19ec025b150f72
56d6f204f97b3acf1abe7f4388c3b7947a0a3dea2048790023f28f59d4f9268a
GET /it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 23550
expires: Tue, 28 Feb 2023 01:36:43 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: b37223ee558928daaa065ec85236fc80
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 01:36:43 GMT
ohc-cache-hit: cd6ct55 [1], xaix55 [2]
ohc-file-size: 23550
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1059281712,1383835106&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500
200 OK 48 kB URL HTTP/2 img2.baidu.com/it/u=1059281712,1383835106&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash f73c83fd4e241dce28e05dbcd081173e
fad87227138f0ad8ff61f904583e8d6c5ac26de9
3c95ea10599310405972e680d66ff8564e6f9c3f8c0e1f0105a19000d9f1e463
GET /it/u=1059281712,1383835106&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 48084
expires: Sat, 04 Feb 2023 07:52:18 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: f73c83fd4e241dce28e05dbcd081173e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 07:52:18 GMT
ohc-cache-hit: cd6ct78 [1], xiangyix157 [2]
ohc-file-size: 48084
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=32268543,1227960868&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400
200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=32268543,1227960868&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1551b6b8b7a7ad85ebdbc858c92b8a2
a2b511a2e9de0ad43866cd432093830b90cfce85
f61ccff930eeeec62fa1149d8a58d58292cf751b144dc801f96318b2589cafe9
GET /it/u=32268543,1227960868&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 27048
expires: Tue, 28 Feb 2023 03:03:56 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a1551b6b8b7a7ad85ebdbc858c92b8a2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 03:03:56 GMT
ohc-cache-hit: cd2ct63 [1], qdix208 [4]
ohc-file-size: 27048
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3072183745,1875768798&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
200 OK 9.5 kB URL HTTP/2 img2.baidu.com/it/u=3072183745,1875768798&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 346656ac86f925e2af476407b8e17c3a
dc7ae7a4cc75e7a2afa71411452082769e36e592
3f83de92c3a45253a888fb0e42f8a24cbe2236b36f73a4befd397c59aec0b0a7
GET /it/u=3072183745,1875768798&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:01 GMT
content-type: image/webp
content-length: 9530
expires: Sat, 04 Mar 2023 06:56:45 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 346656ac86f925e2af476407b8e17c3a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 06:56:45 GMT
ohc-cache-hit: cd6ct53 [1], csix53 [4]
ohc-file-size: 9530
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1602637317,2040556932&fm=253&fmt=auto?w=720&h=1280
200 OK 66 kB URL HTTP/2 img1.baidu.com/it/u=1602637317,2040556932&fm=253&fmt=auto?w=720&h=1280
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 720x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ad6cb72cefef106773b52d91bf91425
eee5305a21ee88ea5c245b139b0dc8bb01ab4941
f1ecbda1d2d0bbd5f57cbb5f4cc144128062af09343bdb6cb81bfda7b71f0747
GET /it/u=1602637317,2040556932&fm=253&fmt=auto?w=720&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:02 GMT
content-type: image/webp
content-length: 66198
expires: Tue, 21 Feb 2023 05:55:50 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 9ad6cb72cefef106773b52d91bf91425
age: 99086
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:55:50 GMT
ohc-cache-hit: cd2ct60 [4], suzix203 [2]
ohc-file-size: 66198
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=19217414,1106899404&fm=253&fmt=auto&app=138&f=PNG?w=485&h=500
200 OK 35 kB URL HTTP/2 img0.baidu.com/it/u=19217414,1106899404&fm=253&fmt=auto&app=138&f=PNG?w=485&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 485x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a748cbdd106fec9181315acc0cfa9560
1215bace5c4e00c894352b5a4ea66da9b6df06dc
e4b1be76bb3053d48fef55897e158222d740eecadcd64e87cde003e3491ed0c8
GET /it/u=19217414,1106899404&fm=253&fmt=auto&app=138&f=PNG?w=485&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:02 GMT
content-type: image/webp
content-length: 34878
expires: Thu, 16 Feb 2023 02:48:11 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: a748cbdd106fec9181315acc0cfa9560
age: 171341
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 17 Jan 2023 02:48:11 GMT
ohc-cache-hit: cd2ct51 [4], csix51 [4]
ohc-file-size: 34878
x-cache-status: HIT
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1542852855,4048179013&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 45 kB URL HTTP/1.1 t14.baidu.com/it/u=1542852855,4048179013&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5446a0cc93f154a51580a12b3a81ebe6
8c933e6c93df7f3a8d4c1d7ce0d558dee60369a0
2a3d74952b970ee8e17c8dc42695ab2559df40038d88cc6d5b2dae7a24b98525
GET /it/u=1542852855,4048179013&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12228.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:43:02 GMT
Content-Type: image/jpeg
Content-Length: 44598
Connection: keep-alive
Expires: Sun, 05 Mar 2023 11:30:47 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 5446a0cc93f154a51580a12b3a81ebe6
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 11:30:47 GMT
Ohc-Upstream-Trace: 58.20.204.59
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache59 [1], wzix111 [4]
Ohc-Response-Time: 1 0 0 0 355 355
Ohc-File-Size: 44598
X-Cache-Status: MISS
Timing-Allow-Origin: *
img1.baidu.com/it/u=161860582,680699949&fm=253&fmt=auto&app=138&f=GIF?w=500&h=889
200 OK 288 kB URL HTTP/2 img1.baidu.com/it/u=161860582,680699949&fm=253&fmt=auto&app=138&f=GIF?w=500&h=889
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type GIF image data, version 89a, 500 x 889\012- data
Size 288 kB (287992 bytes)
Hash c7ec4587e8b2f7564cb4f96f37db0e25
160099f587add89e17330ace434167a3f2f2e637
ada455f0081607c9c8c6055e73de3eab27cc5730f4bc1a57fa5080ddfddda67d
GET /it/u=161860582,680699949&fm=253&fmt=auto&app=138&f=GIF?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:02 GMT
content-type: image/gif
content-length: 287992
expires: Fri, 03 Mar 2023 14:42:50 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c7ec4587e8b2f7564cb4f96f37db0e25
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 14:42:50 GMT
ohc-cache-hit: cd2ct67 [2], xaix219 [4]
ohc-file-size: 287992
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=254453173,3423750965&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
200 OK 9.6 kB URL HTTP/2 img1.baidu.com/it/u=254453173,3423750965&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x185, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5ff984e583a3549746cf09236f865403
b064a35c11ceb84ce13914cb31839a5229de033b
3498723b0025a55f728411bedd1f4aee9887a89b65a331f33cdf112a71843a79
GET /it/u=254453173,3423750965&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:02 GMT
content-type: image/webp
content-length: 9644
expires: Mon, 20 Feb 2023 06:17:25 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 5ff984e583a3549746cf09236f865403
age: 85442
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:17:25 GMT
ohc-cache-hit: cd2ct62 [4], xaix62 [2]
ohc-file-size: 9644
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=431132824,3658836172&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
200 OK 13 kB URL HTTP/2 img1.baidu.com/it/u=431132824,3658836172&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00eb7eeb59aeb7c668ac08234ff75783
e35e71e9028782eaaba690c99abcd0b7664be413
a0caa20ad66241c10ba519e434331dbb282e5fb1a3cafb93f7280684181c7748
GET /it/u=431132824,3658836172&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:03 GMT
content-type: image/webp
content-length: 12948
expires: Mon, 20 Feb 2023 01:18:07 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 00eb7eeb59aeb7c668ac08234ff75783
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 01:18:06 GMT
ohc-cache-hit: cd2ct67 [1], qdix99 [4]
ohc-file-size: 12948
x-cache-status: MISS
X-Firefox-Spdy: h2
s5.qhres2.com/static/ab77b6ea7f3fbf79.js
200 OK 478 B URL HTTP/1.1 s5.qhres2.com/static/ab77b6ea7f3fbf79.js
IP
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s5.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bd0myHpsaoK71ZPS5aC4Ssy21rCAdLIaR37v1HB-rHtAa5ItT-ZSgA==
Age: 11336078
12228.url.tudown.com/favicon.ico
200 OK 0 B URL HTTP/1.1 12228.url.tudown.com/favicon.ico
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12228.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/down/%E7%99%BE%E5%BA%A6%E4%BA%91%E6%9D%80%E6%89%8B@134_40064.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675493015; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675493015
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:43:03 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
img1.baidu.com/it/u=292709299,324422611&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500
200 OK 38 kB URL HTTP/2 img1.baidu.com/it/u=292709299,324422611&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 822x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2902c2c3c34c55a8dc1cde9a2388eb75
2d50bb9929f615af4873d4b73194c98195e30a44
04e7f7b19e06dff88c48ebc3360438129b8fa3dba9ca9c16c7f104b418f69935
GET /it/u=292709299,324422611&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12228.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:43:03 GMT
content-type: image/webp
content-length: 37506
expires: Tue, 21 Feb 2023 10:36:02 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 2902c2c3c34c55a8dc1cde9a2388eb75
age: 9996
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 10:36:02 GMT
ohc-cache-hit: cd2ct64 [4], czix64 [4]
ohc-file-size: 37506
x-cache-status: HIT
X-Firefox-Spdy: h2
s.360.cn/so/zz.gif?url=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a426601004e_34a391b@9B08
200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a426601004e_34a391b@9B08
IP
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12228.url.tudown.com%2Fdown%2F%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E6%259D%2580%25E6%2589%258B%40134_40064.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a426601004e_34a391b@9B08 HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12228.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 06:43:04 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Fri, 27 Jul 2018 07:11:22 GMT
Connection: keep-alive
ETag: "5b5ac59a-0"
Accept-Ranges: bytes
154.218.151.71
35.241.9.150
104.18.20.226
180.97.251.250
23.36.77.32