r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8461
Expires: Mon, 23 Jan 2023 11:33:08 GMT
Date: Mon, 23 Jan 2023 09:12:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13793
Expires: Mon, 23 Jan 2023 13:02:00 GMT
Date: Mon, 23 Jan 2023 09:12:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9323
Expires: Mon, 23 Jan 2023 11:47:30 GMT
Date: Mon, 23 Jan 2023 09:12:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 08:42:36 GMT
content-type: application/json
age: 1771
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dUAtYLbFRTLBso6garWHrStijvNAxMNVJAikZRPs7OIXPoyQ6GGzzBer18sDK2+bSHfTZMCYli02mjXpkogJyw==
x-amz-request-id: SVB6FQ4T9T5EVV1S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 08:47:39 GMT
age: 1468
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 09:12:07 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 08:17:30 GMT
age: 3278
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3434
Cache-Control: max-age=89513
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:12:08 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:04:01 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
154.218.151.71200 OK 6.5 kB URL HTTP/1.1 12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (311), with CRLF, LF line terminators
Hash 5f494191c7c71b4b1a45975979475af6
dced7d335ad862246cc21383e9bb7192ac7f8206
446b694df6b423d75d6bde05bfebcfe7dd412aa6ad32ae8e2f57ed2355735bd8
Analyzer Verdict Alert fortinet Malware
GET /down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
44.224.181.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.224.181.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ea4H4bTUIwdDDg8cYPrAiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xEID6MAkBLClHK5IKEOnjjkRVBE=
12646.url.tudown.com/template/company/42xz/css/soft.css
154.218.151.71200 OK 6.6 kB URL HTTP/1.1 12646.url.tudown.com/template/company/42xz/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356
GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:08 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Mon, 23 Jan 2023 21:12:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12646.url.tudown.com/template/company/42xz/css/common.css
154.218.151.71200 OK 1.9 kB URL HTTP/1.1 12646.url.tudown.com/template/company/42xz/css/common.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5
GET /template/company/42xz/css/common.css HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:08 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Mon, 23 Jan 2023 21:12:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12646.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12646.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12646.url.tudown.com/template/company/42xz/js/soft.js
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12646.url.tudown.com/template/company/42xz/js/soft.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d
GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:08 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Mon, 23 Jan 2023 21:12:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12646.url.tudown.com/uploads/images/671010.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/671010.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/671010.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500
12646.url.tudown.com/uploads/images/111023.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/111023.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/111023.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1738734957,2025461122&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=666
12646.url.tudown.com/uploads/images/287053.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/287053.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/287053.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1544056117,1167291343&fm=253&fmt=auto&app=138&f=JPEG?w=439&h=464
12646.url.tudown.com/uploads/images/433467.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/433467.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/433467.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2099595416,2246468256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=905
12646.url.tudown.com/uploads/images/logo.png?n=422jx2mywps3raxixwx6jo5w46tzdzukqdtjlgpiqkzojofn4w7yg&w=250
154.218.151.71200 OK 3.8 kB URL HTTP/1.1 12646.url.tudown.com/uploads/images/logo.png?n=422jx2mywps3raxixwx6jo5w46tzdzukqdtjlgpiqkzojofn4w7yg&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 405445478b5868faaa315d75e31d6b08
48fa2bf864e3424bf17910a49309151ccecbc43a
05eee47e2901d9c56172fd0f1ab6156e0ec9e414b3b4536e8c42ef1e0c6ce423
GET /uploads/images/logo.png?n=422jx2mywps3raxixwx6jo5w46tzdzukqdtjlgpiqkzojofn4w7yg&w=250 HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12646.url.tudown.com/template/company/42xz/images/tab_line.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12646.url.tudown.com/template/company/42xz/images/tab_line.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 190 x 7\012- data
Hash 4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06
GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aff1c8f8bde400381877e95444ca236d
c532f6f9daa1d1685b4a4b75c2ab171f1731f78e
02cbcddfab60c295e61e716b7880c5acc66533a2cc2b151b4c9674109eacb71a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CBCDDFAB60C295E61E716B7880C5ACC66533A2CC2B151B4C9674109EACB71A"
Last-Modified: Mon, 23 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20829
Expires: Mon, 23 Jan 2023 14:59:18 GMT
Date: Mon, 23 Jan 2023 09:12:09 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 96426b8d462171c1ea848ea196db325a
25b8fc5a23d0bf02a3809d59472cd972d8528ab6
6941e1fb273720cda3a858c32e07289afe914597d6f991523de4d318213daa37
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 27 Jan 2023 05:47:17 GMT
ETag: "25b8fc5a23d0bf02a3809d59472cd972d8528ab6"
Last-Modified: Mon, 23 Jan 2023 05:47:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2659
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78df67f39bcfb51b-OSL
12646.url.tudown.com/template/company/42xz/js/jquery.js
154.218.151.71200 OK 46 kB URL HTTP/1.1 12646.url.tudown.com/template/company/42xz/js/jquery.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash 49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be
GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:08 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Mon, 23 Jan 2023 21:12:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12646.url.tudown.com/uploads/images/842762.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/842762.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/842762.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3762035869,1743347936&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
12646.url.tudown.com/uploads/images/311692.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/311692.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/311692.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3045581000,3607603397&fm=253&fmt=auto&app=120&f=JPEG?w=1024&h=576
12646.url.tudown.com/uploads/images/939994.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/939994.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/939994.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3609124776,3344642436&fm=253&fmt=auto&app=138&f=JPEG?w=646&h=500
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:12:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:12:09 GMT
Connection: keep-alive
12646.url.tudown.com/uploads/images/518256.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/518256.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/518256.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2953553867,856548141&fm=253&app=138&f=JPEG?w=800&h=500
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:12:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16611
Expires: Mon, 23 Jan 2023 13:49:00 GMT
Date: Mon, 23 Jan 2023 09:12:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:12:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hQjtfheswJHTaBL6yZ9UoowbsfqvbNqzUb9EOzaAppGv-fHat8O1A==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:20 GMT
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
age: 36169
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5401628b3bdd03eeee51f68177ac4d41
bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29
3e231ba2e44699d88ed1e28510dad0762a57e0854a11d40f752421bd41738944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10052
x-amzn-requestid: 10422f29-dc81-41f9-b03e-76fb2b0f4f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2vnHFT9oAMFbmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c62d-780503606bec4fff6e911fc8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:48:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQaGhmXW_zeKd-WXUxi_z0e3Ul1YrtBgIbPEEWRfQfG7d8C0JyZdXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:56:00 GMT
age: 40569
etag: "bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e42f475b1e14cb9d0939ef39db8e1f91
dda57d67c7b5f32123d3c9956dec8f805138b3bf
ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: e80dab53-5137-4776-a105-b1933e9bda6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqu6GhZIAMFWSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f8-696c3a7f103b96a23ed4abec;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5bEvPaVPmareEYTNHUoTIEtCn0EKpBBafR11mjrvwPFVS_DLFKgm3w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 04:07:43 GMT
age: 18266
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d0dd6e84bd1708aec285a9153eafabc
2d2729ca550ecdca29a502eb76c68f4eed623032
3c0492fc05ab9a35cd8d833a031aa907a473f2ff22fed0732fa331a0c2939660
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4085
x-amzn-requestid: 444720ab-9a4d-40f7-a2e2-e574d4e2928d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBP0uEeToAMFepA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9f9b7-113188a040ff40ad479415cc;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 02:17:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wbZuUg06OrIyirTvHtsdGz2ux_OxhbBMbPHy_52LjsmknZIf6bLDBw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 10:24:16 GMT
age: 82073
etag: "2d2729ca550ecdca29a502eb76c68f4eed623032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3Ke5d5WguVrF_Phnhu9ojzN5Md0VkYnFfxKNoh5HHrmHwPI90IAIdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 05:22:52 GMT
age: 13757
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R-9qgCHHj8iD9FEwYhzLoXAQvdrO6D6qRIWAvyQJyfB-LHDGUjvmzA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:59 GMT
age: 41050
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12646.url.tudown.com/uploads/images/553841.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/553841.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/553841.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1870909094,3152053285&fm=224&app=112&f=JPEG?w=500&h=500
12646.url.tudown.com/uploads/images/215068.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/215068.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/215068.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2178342176,334136329&fm=224&app=112&f=JPEG?w=500&h=500
12646.url.tudown.com/uploads/images/547705.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/547705.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/547705.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2963972600,467430340&fm=253&fmt=auto&app=138&f=JPEG?w=817&h=500
12646.url.tudown.com/uploads/images/438451.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/438451.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/438451.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=994974079,3103316515&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=304
12646.url.tudown.com/uploads/images/199393.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/199393.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/199393.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=691017598,1672055796&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=438
12646.url.tudown.com/uploads/images/746562.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/746562.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/746562.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2587860714,1218417261&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500
12646.url.tudown.com/uploads/images/920930.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/920930.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/920930.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198
12646.url.tudown.com/uploads/images/401897.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/401897.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/401897.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=12504738,1935742948&fm=253&app=120&f=JPEG?w=1422&h=800
12646.url.tudown.com/uploads/images/594820.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/594820.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/594820.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=888062323,3123000522&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
push.zhanzhang.baidu.com/push.js
112.34.113.148200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 23 Jan 2023 09:12:10 GMT
Etag: "4078521116"
Expires: Tue, 23 Jan 2024 09:12:10 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=1C286924CF4255EC7E612AC712C0CB71:FG=1; max-age=31536000; expires=Tue, 23-Jan-24 09:12:10 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12646.url.tudown.com/uploads/images/738128.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/738128.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/738128.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3475017141,1283094648&fm=253&app=120&f=JPEG?w=1422&h=800
12646.url.tudown.com/uploads/images/677580.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/677580.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/677580.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1058416952,3850939019&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12646.url.tudown.com/uploads/images/368332.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/368332.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/368332.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=638417828,1329192011&fm=224&app=112&f=JPEG?w=500&h=500
12646.url.tudown.com/uploads/images/153864.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/153864.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/153864.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4130603076,2346847886&fm=253&fmt=auto?w=500&h=281
12646.url.tudown.com/uploads/images/674263.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/674263.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/674263.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500
12646.url.tudown.com/uploads/images/622572.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/622572.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/622572.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2610518565,3169428047&fm=224&app=112&f=JPEG?w=500&h=500
12646.url.tudown.com/uploads/images/501664.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/501664.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/501664.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=327744268,3936377700&fm=253&fmt=auto&app=138&f=PNG?w=280&h=280
img2.baidu.com/it/u=2953553867,856548141&fm=253&app=138&f=JPEG?w=800&h=500
36.99.3.35200 OK 65 kB URL HTTP/1.1 img2.baidu.com/it/u=2953553867,856548141&fm=253&app=138&f=JPEG?w=800&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash 7443e73d889f56da3756bf53743d9fd2
be76b5b172ef8058394c5de4e1d785943114b9f4
8f7ed69370cbf2b160e384667dc1786301bc3382f70d097a9a66c7c34d49d7ef
GET /it/u=2953553867,856548141&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpeg
Content-Length: 64641
Connection: keep-alive
Expires: Fri, 17 Feb 2023 15:11:32 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 7443e73d889f56da3756bf53743d9fd2
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 18 Jan 2023 15:11:32 GMT
Ohc-Cache-HIT: ly4ct81 [1], suzix81 [4]
Ohc-File-Size: 64641
X-Cache-Status: MISS
img0.baidu.com/it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500
36.99.3.35200 OK 40 kB URL HTTP/2 img0.baidu.com/it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 740x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5b6847091c66efd9b57bbac1864a9810
19e98b8f651bb9a4ad4581b5515fcea3bded5962
2a9c77319ae0c9ea7a87283ddedca2f16e8263464c13e6c0893ee33e9a65a7e2
GET /it/u=4148803095,2906783091&fm=253&fmt=auto&app=138&f=JPEG?w=740&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 40188
expires: Sat, 11 Feb 2023 12:36:24 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 5b6847091c66efd9b57bbac1864a9810
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 12:36:24 GMT
ohc-cache-hit: ly4ct86 [1], xaix86 [2]
ohc-file-size: 40188
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash ba1b3f2c90593b5eea69894cc7d94cb8
75cb807f0777a6f43b72c4dc60814c9e3989a948
d0beadb192bd4be2557ff8812954497f09c361fe1bd55c2056a78956ab50f967
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12646.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Mon, 23 Jan 2023 09:12:09 GMT
Etag: ff29148fb0f9995f82b81936d5517a7d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D44390FA9EE8B1D3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
12646.url.tudown.com/template/company/42xz/images/dian1.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 12646.url.tudown.com/template/company/42xz/images/dian1.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685
GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes
12646.url.tudown.com/uploads/images/778575.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/778575.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/778575.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2738387667,1157168934&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12646.url.tudown.com/template/company/42xz/images/dian2.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 12646.url.tudown.com/template/company/42xz/images/dian2.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash 3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1
GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes
img1.baidu.com/it/u=3045581000,3607603397&fm=253&fmt=auto&app=120&f=JPEG?w=1024&h=576
125.64.104.35200 OK 36 kB URL HTTP/2 img1.baidu.com/it/u=3045581000,3607603397&fm=253&fmt=auto&app=120&f=JPEG?w=1024&h=576
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x576, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb6edd7483393665ba33d26f02c65c84
52cca68e83075f4fdc98ce87b59ea0a8314ad16f
0b806c1421c134e4fa29490de84bf45681eb34e8a6c53e9f4b9beae7425607a2
GET /it/u=3045581000,3607603397&fm=253&fmt=auto&app=120&f=JPEG?w=1024&h=576 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 36292
expires: Tue, 07 Feb 2023 02:30:33 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: eb6edd7483393665ba33d26f02c65c84
age: 115215
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 02:30:33 GMT
ohc-cache-hit: dy2ct105 [4], czix105 [4]
ohc-file-size: 36292
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1544056117,1167291343&fm=253&fmt=auto&app=138&f=JPEG?w=439&h=464
125.64.104.35200 OK 11 kB URL HTTP/2 img1.baidu.com/it/u=1544056117,1167291343&fm=253&fmt=auto&app=138&f=JPEG?w=439&h=464
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 439x464, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be13f0ddc525454aa35260d468bb015d
1d5bafd4216480a5140375ab62d1acfa893648c8
b4bb824ae0c468346367b03b322503b549cb298a236f8dbd694d02302c070659
GET /it/u=1544056117,1167291343&fm=253&fmt=auto&app=138&f=JPEG?w=439&h=464 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 10814
expires: Wed, 22 Feb 2023 00:30:33 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: be13f0ddc525454aa35260d468bb015d
age: 21970
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 00:30:33 GMT
ohc-cache-hit: dy2ct72 [4], xaix72 [2]
ohc-file-size: 10814
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3762035869,1743347936&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
125.64.104.35200 OK 6.3 kB URL HTTP/2 img1.baidu.com/it/u=3762035869,1743347936&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x312, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 76f95cd8eca62843b8d07705e97a1baf
f962a3787058aa63610828be0ecd518ba39b9e22
565fb0996ad45b67569efc6a7a8ccd1d55fee1ebdd94d6d4afecb83556b78dac
GET /it/u=3762035869,1743347936&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 6268
expires: Tue, 14 Feb 2023 10:11:17 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 76f95cd8eca62843b8d07705e97a1baf
age: 363434
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 10:11:17 GMT
ohc-cache-hit: dy2ct72 [4], bdix72 [2]
ohc-file-size: 6268
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1738734957,2025461122&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=666
125.64.104.35200 OK 11 kB URL HTTP/2 img1.baidu.com/it/u=1738734957,2025461122&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=666
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x666, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 62e920fb40fa00a6e5adf4854a812f4f
345096d0757ef469df02b272b1995c3fabd70761
2a43bc040dd415c2f5cd6b7ff27b28fdc5fc044b55fad3f5938f76db78759bb7
GET /it/u=1738734957,2025461122&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=666 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 10796
expires: Fri, 10 Feb 2023 02:38:56 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 62e920fb40fa00a6e5adf4854a812f4f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 02:38:56 GMT
ohc-cache-hit: dy2ct58 [1], wzix58 [4]
ohc-file-size: 10796
x-cache-status: MISS
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 23 Jan 2023 09:12:10 GMT
t14.baidu.com/it/u=2610518565,3169428047&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 23 kB URL HTTP/1.1 t14.baidu.com/it/u=2610518565,3169428047&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ee0b43f3210f3e31046bb43a27065c15
f7cc27b7b77baaed8df7f74e6dc775755a89debd
bf0f655c71bbdac859f38e43ca738634cad03da3772765a4b20c6582bf3d111a
GET /it/u=2610518565,3169428047&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpeg
Content-Length: 23323
Connection: keep-alive
Expires: Fri, 17 Feb 2023 15:55:35 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: ee0b43f3210f3e31046bb43a27065c15
Age: 371230
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 18 Jan 2023 15:55:35 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache61 [2], qdix187 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 23323
X-Cache-Status: HIT
Timing-Allow-Origin: *
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 54b4257370c9efa368a34f01c13b2271
c2e7bb7d14e03e11e52e93880baec5a72c60a02c
f44e7a566cc157ee1825577b4adfe54f2415eaaf09b6650233ac2c08ce51eb73
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 27 Jan 2023 06:10:31 GMT
ETag: "c2e7bb7d14e03e11e52e93880baec5a72c60a02c"
Last-Modified: Mon, 23 Jan 2023 06:10:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1658
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78df67fbd92bb4e8-OSL
12646.url.tudown.com/uploads/images/880241.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/880241.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/880241.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3817488793,36521555&fm=253&fmt=auto&app=138&f=JPEG?w=450&h=600
12646.url.tudown.com/uploads/images/60137.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/60137.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/60137.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1661814497,1251114525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=671
12646.url.tudown.com/uploads/images/870441.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/870441.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/870441.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2621396840,30449884&fm=253&fmt=auto&app=138&f=JPEG?w=317&h=499
img1.baidu.com/it/u=3609124776,3344642436&fm=253&fmt=auto&app=138&f=JPEG?w=646&h=500
125.64.104.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=3609124776,3344642436&fm=253&fmt=auto&app=138&f=JPEG?w=646&h=500
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 646x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4892a749e095200f6cc88db5f6f264e9
87fe9969f4d1e5b25bc6a66a2ceae66376f8ba61
c508c22b060b49b3af1ab38d1cec9f10608e13fc5a20db4098f6c1f3015a980b
GET /it/u=3609124776,3344642436&fm=253&fmt=auto&app=138&f=JPEG?w=646&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 20350
expires: Wed, 08 Feb 2023 21:03:53 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 4892a749e095200f6cc88db5f6f264e9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 21:03:53 GMT
ohc-cache-hit: dy2ct91 [1], csix91 [4]
ohc-file-size: 20350
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2099595416,2246468256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=905
36.99.3.35200 OK 56 kB URL HTTP/2 img0.baidu.com/it/u=2099595416,2246468256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=905
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x905, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bec30330094a6d614b040b659191fada
f46bdbf45be5b2adf30fe64748d8b8b2cc96a258
284463d6ecaa75576925fddd5df8a0440308d0adf51c000443492ebe663ffdee
GET /it/u=2099595416,2246468256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=905 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 56350
expires: Fri, 17 Feb 2023 12:27:46 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: bec30330094a6d614b040b659191fada
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 12:27:46 GMT
ohc-cache-hit: ly4ct95 [1], czix114 [4]
ohc-file-size: 56350
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=994974079,3103316515&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=304
36.99.3.35200 OK 11 kB URL HTTP/2 img0.baidu.com/it/u=994974079,3103316515&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=304
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x304, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b9d14cb9204c70008797db9bb0da545d
2884c30dc159120af93155f5b2987130deec13a4
e46578e4d1715d0f499e2c405ab641e95bcb1354974678954213fea94c2b5eb0
GET /it/u=994974079,3103316515&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=304 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 10654
expires: Tue, 21 Feb 2023 11:38:25 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b9d14cb9204c70008797db9bb0da545d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 11:38:25 GMT
ohc-cache-hit: ly4ct90 [1], xaix151 [4]
ohc-file-size: 10654
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=888062323,3123000522&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
36.99.3.35200 OK 12 kB URL HTTP/2 img2.baidu.com/it/u=888062323,3123000522&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8837bb24fe5771274ba10c9b77c32a31
ed29804c7b24926b57c3b2d466fb9f2b9b7f8fc5
b715ef5d6e2b758f2ffcc7a84e9a6c06e7bb5c36ecfc0c3dc6b51c4934442a28
GET /it/u=888062323,3123000522&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 12346
expires: Tue, 31 Jan 2023 12:15:20 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 8837bb24fe5771274ba10c9b77c32a31
age: 23158
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 12:15:20 GMT
ohc-cache-hit: ly4ct98 [4], csix98 [2]
ohc-file-size: 12346
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1058416952,3850939019&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
36.99.3.35200 OK 22 kB URL HTTP/2 img2.baidu.com/it/u=1058416952,3850939019&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 18071d602e6e62f3d21669e18c3ffcc7
1af7858ca13d6934c752af58b9c471b9ba236344
83385746ff8d376d2cc67e0a0206175060b9e4cc42dc2f3c51bc8f0694b5fdda
GET /it/u=1058416952,3850939019&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 21606
expires: Fri, 17 Feb 2023 06:35:56 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 18071d602e6e62f3d21669e18c3ffcc7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 06:35:56 GMT
ohc-cache-hit: ly4ct94 [1], czix122 [4]
ohc-file-size: 21606
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198
36.99.3.35200 OK 4.9 kB URL HTTP/2 img2.baidu.com/it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 170x198, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11e0ff068194a43f900eab02108a19b3
41275924e29a24a9a358d4be1322bc85185cd8eb
e1471974f4607a9ce99bf87c0265bcfb0c6e2ef8f7516772f1fd12d066b3119b
GET /it/u=3890515155,698450370&fm=253&fmt=auto&app=138&f=JPEG?w=170&h=198 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 4882
expires: Mon, 06 Feb 2023 04:37:09 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 11e0ff068194a43f900eab02108a19b3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 04:37:09 GMT
ohc-cache-hit: ly4ct88 [1], csix88 [2]
ohc-file-size: 4882
x-cache-status: MISS
X-Firefox-Spdy: h2
12646.url.tudown.com/uploads/images/43190.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/43190.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/43190.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2467790899,2214742682&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=304
12646.url.tudown.com/uploads/images/38093.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/38093.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/38093.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2279520874,1220153587&fm=253&app=120&f=JPEG?w=1280&h=800
12646.url.tudown.com/uploads/images/736573.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/736573.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/736573.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4241172321,3067053686&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1549450174&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45879&r=0&ww=1280&u=http%3A%2F%2F12646.url.tudown.com%2Fdown%2F%25E5%2593%2588%25E5%25A7%2586%25E5%25A4%25AA%25E9%2583%258E%25E7%25AC%25AC%25E5%259B%259B%25E5%25AD%25A3%25E5%2585%25A8%25E9%259B%2586%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%2598%40402_2.exe&tt=%E5%87%AF%E5%8F%91k8%E6%97%97%E8%88%B0%E5%8E%85ag%E7%99%BB%E5%BD%95(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1549450174&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45879&r=0&ww=1280&u=http%3A%2F%2F12646.url.tudown.com%2Fdown%2F%25E5%2593%2588%25E5%25A7%2586%25E5%25A4%25AA%25E9%2583%258E%25E7%25AC%25AC%25E5%259B%259B%25E5%25AD%25A3%25E5%2585%25A8%25E9%259B%2586%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%2598%40402_2.exe&tt=%E5%87%AF%E5%8F%91k8%E6%97%97%E8%88%B0%E5%8E%85ag%E7%99%BB%E5%BD%95(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1549450174&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45879&r=0&ww=1280&u=http%3A%2F%2F12646.url.tudown.com%2Fdown%2F%25E5%2593%2588%25E5%25A7%2586%25E5%25A4%25AA%25E9%2583%258E%25E7%25AC%25AC%25E5%259B%259B%25E5%25AD%25A3%25E5%2585%25A8%25E9%259B%2586%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%2598%40402_2.exe&tt=%E5%87%AF%E5%8F%91k8%E6%97%97%E8%88%B0%E5%8E%85ag%E7%99%BB%E5%BD%95(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12646.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 23 Jan 2023 09:12:10 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=12E869C95367D93D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img2.baidu.com/it/u=2963972600,467430340&fm=253&fmt=auto&app=138&f=JPEG?w=817&h=500
36.99.3.35200 OK 39 kB URL HTTP/2 img2.baidu.com/it/u=2963972600,467430340&fm=253&fmt=auto&app=138&f=JPEG?w=817&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 817x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4feec49cdfe748adbfbe2540fb2a8c81
52977e670ff0bfef4eb92cc2ef86b7270762ea0f
6837a0983ab4e2997b13f3defffd05e9d6e1a0f3440d717cc6576788afb15d6e
GET /it/u=2963972600,467430340&fm=253&fmt=auto&app=138&f=JPEG?w=817&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 39448
expires: Sun, 05 Feb 2023 13:01:50 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 4feec49cdfe748adbfbe2540fb2a8c81
age: 191026
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 13:01:50 GMT
ohc-cache-hit: ly4ct89 [4], wzix89 [4]
ohc-file-size: 39448
x-cache-status: HIT
X-Firefox-Spdy: h2
12646.url.tudown.com/uploads/images/807538.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/807538.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/807538.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500
12646.url.tudown.com/uploads/images/359629.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/359629.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/359629.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=141490481,2574890035&fm=253&fmt=auto&app=138&f=JPEG?w=658&h=465
img2.baidu.com/it/u=4130603076,2346847886&fm=253&fmt=auto?w=500&h=281
36.99.3.35200 OK 24 kB URL HTTP/2 img2.baidu.com/it/u=4130603076,2346847886&fm=253&fmt=auto?w=500&h=281
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9b2ba0020723f2839267a1ed6c71882d
36a1e8d7504e207c284d47e653882ec871687fa5
3b08ef96670093c7afd0c587813471bbf7acefee7ebe0904c1ab3d7c7b2962fb
GET /it/u=4130603076,2346847886&fm=253&fmt=auto?w=500&h=281 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 24470
expires: Mon, 20 Feb 2023 06:23:21 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 9b2ba0020723f2839267a1ed6c71882d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:23:21 GMT
ohc-cache-hit: ly4ct73 [1], bdix148 [4]
ohc-file-size: 24470
x-cache-status: MISS
X-Firefox-Spdy: h2
12646.url.tudown.com/uploads/images/326401.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/326401.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/326401.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3677174601,3476162483&fm=253&app=120&f=JPEG?w=1280&h=800
img2.baidu.com/it/u=2587860714,1218417261&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500
36.99.3.35200 OK 45 kB URL HTTP/2 img2.baidu.com/it/u=2587860714,1218417261&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 822x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0539f514f7dd077a886dbd1fccf15f3e
59ec712c81b6e65417a2b74e404267476a04e0c6
b9f77c7c50bfbbe21c67c2dbe08e2b6f6b9f813a25fa1968f594106938027da3
GET /it/u=2587860714,1218417261&fm=253&fmt=auto&app=138&f=JPEG?w=822&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 45166
expires: Sun, 12 Feb 2023 12:52:58 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 0539f514f7dd077a886dbd1fccf15f3e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 12:52:58 GMT
ohc-cache-hit: ly4ct57 [1], wzix57 [4]
ohc-file-size: 45166
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=327744268,3936377700&fm=253&fmt=auto&app=138&f=PNG?w=280&h=280
36.99.3.35200 OK 30 kB URL HTTP/2 img0.baidu.com/it/u=327744268,3936377700&fm=253&fmt=auto&app=138&f=PNG?w=280&h=280
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9f72ab8594b023e8e42f085f2a8b2d10
56e43352835cec839de507ec903555f64a1bba77
a1da1fb8079bb9c72a744aa165f4cefe82c5098d37d6df5446f424fcc9d5fbd4
GET /it/u=327744268,3936377700&fm=253&fmt=auto&app=138&f=PNG?w=280&h=280 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 30452
expires: Tue, 21 Feb 2023 08:25:46 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 9f72ab8594b023e8e42f085f2a8b2d10
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 08:25:46 GMT
ohc-cache-hit: ly4ct73 [1], xaix73 [2]
ohc-file-size: 30452
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=691017598,1672055796&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=438
36.99.3.35200 OK 31 kB URL HTTP/2 img2.baidu.com/it/u=691017598,1672055796&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=438
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 658x438, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 211d0ab373cadbbac8ce9a843f9fbf17
b449471b30807ecfeaf6899bfc6a2ea9c1abd9ba
8a90c8cbd6bc618763e3f70ce2786528833702880f456c2b02a7f21d6083fcd9
GET /it/u=691017598,1672055796&fm=253&fmt=auto&app=120&f=JPEG?w=658&h=438 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:10 GMT
content-type: image/webp
content-length: 31426
expires: Sat, 18 Feb 2023 01:45:09 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 211d0ab373cadbbac8ce9a843f9fbf17
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 01:45:09 GMT
ohc-cache-hit: ly4ct71 [1], czix143 [2]
ohc-file-size: 31426
x-cache-status: MISS
X-Firefox-Spdy: h2
12646.url.tudown.com/uploads/images/872689.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/872689.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/872689.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2858881226,3364858545&fm=224&app=112&f=JPEG?w=470&h=500
12646.url.tudown.com/uploads/images/523891.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/523891.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/523891.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4107556145,2197776600&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
img0.baidu.com/it/u=1661814497,1251114525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=671
36.99.3.35200 OK 22 kB URL HTTP/2 img0.baidu.com/it/u=1661814497,1251114525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=671
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x671, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9a21e5a1437cacb9ea28e276e4c6a1b2
5ac9a4374f76a20fa3893844f42ba749be700d12
3cebfeb78d046bf11f9563a351e7d29bc0abb6c8e277ba41606afc7481a8d0f3
GET /it/u=1661814497,1251114525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=671 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 22016
expires: Mon, 06 Feb 2023 08:09:44 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 9a21e5a1437cacb9ea28e276e4c6a1b2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 08:09:44 GMT
ohc-cache-hit: ly4ct54 [1], czix54 [4]
ohc-file-size: 22016
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=1870909094,3152053285&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 35 kB URL HTTP/1.1 t15.baidu.com/it/u=1870909094,3152053285&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 791d368faf7b43983d47c698be5cedc8
1e9be94cde480638d87bcad143cadd9c26f66dc4
bdd48cea84334e48bbddddc44a5baaf02c488a38ff3ee42457d5ed394ad59e1a
GET /it/u=1870909094,3152053285&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpeg
Content-Length: 35288
Connection: keep-alive
Expires: Thu, 02 Feb 2023 23:21:05 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 791d368faf7b43983d47c698be5cedc8
Age: 993977
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 23:21:05 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache50 [4], bdix67 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 35288
X-Cache-Status: HIT
Timing-Allow-Origin: *
12646.url.tudown.com/uploads/images/110203.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/110203.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/110203.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1245082095,4060935924&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=435
t13.baidu.com/it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 64 kB URL HTTP/1.1 t13.baidu.com/it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 23ff52a9180ce32c627976178f696784
01ad874431bdf6adf60395117e5065b2687571a4
4e03acbe003d62ed6d3817a0d6c4891e3c434a908af3fcc8e1a35209c1dafaaf
GET /it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpeg
Content-Length: 63836
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:19:15 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 23ff52a9180ce32c627976178f696784
Age: 1558036
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:19:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], bduncache60 [4], xaix194 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 63836
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2621396840,30449884&fm=253&fmt=auto&app=138&f=JPEG?w=317&h=499
36.99.3.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=2621396840,30449884&fm=253&fmt=auto&app=138&f=JPEG?w=317&h=499
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 317x499, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1c0a89af9a77676fc7aca3fa2172aa8c
8dac181ca381c3032b6bca7bb2d82ca73373b3c5
9fe9f598fde2d852afa90787e066649e030be7d026c9a0915ae1a7f30277386b
GET /it/u=2621396840,30449884&fm=253&fmt=auto&app=138&f=JPEG?w=317&h=499 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 16248
expires: Sat, 18 Feb 2023 07:30:38 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1c0a89af9a77676fc7aca3fa2172aa8c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 07:30:38 GMT
ohc-cache-hit: ly4ct71 [1], bdix128 [4]
ohc-file-size: 16248
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=2178342176,334136329&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 65 kB URL HTTP/1.1 t13.baidu.com/it/u=2178342176,334136329&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 79ca66bc5d7533b804507a29f6687a0d
066608c65a3828695e311631b309e4f2f58930bf
9ff9ad39eff49be5e3eb13f6fd5b3e408a25ba024d9944c1cb93a4ddbe809057
GET /it/u=2178342176,334136329&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpeg
Content-Length: 65012
Connection: keep-alive
Expires: Sat, 18 Feb 2023 20:39:05 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 79ca66bc5d7533b804507a29f6687a0d
Age: 231788
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 20:39:05 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache55 [1], xiangyix55 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 65012
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=638417828,1329192011&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 56 kB URL HTTP/1.1 t15.baidu.com/it/u=638417828,1329192011&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4cfc852e7e819a1fd342997155aa29e6
ab688a3eb2791d13a5b5c2203d5851ffdb48f504
1efbdbe2905433719c7e528e210370e29dfb19bdc18d9b3c780644c8452e833b
GET /it/u=638417828,1329192011&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpeg
Content-Length: 55628
Connection: keep-alive
Expires: Thu, 09 Feb 2023 07:38:21 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 4cfc852e7e819a1fd342997155aa29e6
Age: 167005
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 07:38:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache53 [1], xaix176 [4]
Ohc-Response-Time: 1 0 0 0 0 2
Ohc-File-Size: 55628
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3817488793,36521555&fm=253&fmt=auto&app=138&f=JPEG?w=450&h=600
36.99.3.35200 OK 31 kB URL HTTP/2 img0.baidu.com/it/u=3817488793,36521555&fm=253&fmt=auto&app=138&f=JPEG?w=450&h=600
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 686131674ddbbe948164cd2b4862782e
2772bd1b6f51a70ace2c3972ca5cf7d264cfa2e6
ef0831bf7951c03d911fd98e01c56f7252cd36dd8cbbd44d2249a1b3eac1fbf5
GET /it/u=3817488793,36521555&fm=253&fmt=auto&app=138&f=JPEG?w=450&h=600 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 31096
expires: Fri, 27 Jan 2023 16:39:13 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 686131674ddbbe948164cd2b4862782e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 16:39:13 GMT
ohc-cache-hit: ly4ct56 [1], qdix129 [4]
ohc-file-size: 31096
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=1312026429,3673514869&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 16 kB URL HTTP/1.1 t13.baidu.com/it/u=1312026429,3673514869&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 832378a8f7f5dcc9f854dd20642613e9
f49f5cdd6eb98b4616c0395ee38d9ea40c881b99
702c90d7966c6634e7ab382e6a321c3a509f1da19a6ecb8742ae4350f49e5cf3
GET /it/u=1312026429,3673514869&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpeg
Content-Length: 16199
Connection: keep-alive
Expires: Sun, 12 Feb 2023 18:30:07 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 832378a8f7f5dcc9f854dd20642613e9
Age: 830524
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 18:30:07 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache56 [1], qdix206 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 16199
X-Cache-Status: HIT
Timing-Allow-Origin: *
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
180.97.251.250200 OK 20 B URL HTTP/2 s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP 180.97.251.250:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12646.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Mon, 23 Jan 2023 08:49:08 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Mon, 23 Jan 2023 08:49:08 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1674463748
via: cache68.l2cn1836[0,0,200-0,H], cache60.l2cn1836[1,0], cache8.cn2205[20,19,200-0,M], cache13.cn2205[21,0]
age: 1383
x-cache: MISS TCP_REFRESH_MISS dirn:12:112013655
x-swift-savetime: Mon, 23 Jan 2023 09:12:11 GMT
x-swift-cachetime: 2217
timing-allow-origin: *
eagleid: b461fb2916744651312824863e
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2738387667,1157168934&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
36.99.3.35200 OK 36 kB URL HTTP/2 img2.baidu.com/it/u=2738387667,1157168934&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d84e757becafab3831147c038ffff69b
c1196ee753cece242632e36e1730ab82582d7a44
7ca91e5023a82e2e9af1292537aec98af4303e5e4851313100d530735fa9c978
GET /it/u=2738387667,1157168934&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 36466
expires: Wed, 22 Feb 2023 09:12:11 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: d84e757becafab3831147c038ffff69b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 09:12:11 GMT
ohc-cache-hit: ly4ct77 [1], czix177 [2]
ohc-file-size: 36466
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4241172321,3067053686&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
36.99.3.35200 OK 31 kB URL HTTP/2 img0.baidu.com/it/u=4241172321,3067053686&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5668c373e8df49f7de66931b26b45068
f0e5a5b18b0b862c7b1934b38ce13b9c67316f5e
054aa2571840caab3463aaab34f697c80448b25aa281ff9069d26b3931bec391
GET /it/u=4241172321,3067053686&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 31262
expires: Tue, 24 Jan 2023 00:45:12 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 5668c373e8df49f7de66931b26b45068
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 00:45:12 GMT
ohc-cache-hit: ly4ct62 [1], xaix173 [4]
ohc-file-size: 31262
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2467790899,2214742682&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=304
36.99.3.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=2467790899,2214742682&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=304
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x304, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e3d28d3256052ae8fdbe34f0005cebba
1616b044af211c984746d4160734a03f799afbcd
976e502bb923bb4befdba2367f30c4c44f1e357ab34b0295436c3817c87c3fad
GET /it/u=2467790899,2214742682&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=304 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 16456
expires: Fri, 10 Feb 2023 21:21:58 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: e3d28d3256052ae8fdbe34f0005cebba
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:21:58 GMT
ohc-cache-hit: ly4ct102 [1], wzix102 [4]
ohc-file-size: 16456
x-cache-status: MISS
X-Firefox-Spdy: h2
12646.url.tudown.com/uploads/images/316141.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/316141.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/316141.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=542082992,3071356042&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=773
img1.baidu.com/it/u=3475017141,1283094648&fm=253&app=120&f=JPEG?w=1422&h=800
125.64.104.35200 OK 129 kB URL HTTP/1.1 img1.baidu.com/it/u=3475017141,1283094648&fm=253&app=120&f=JPEG?w=1422&h=800
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 129 kB (129114 bytes)
Hash 03a1264990ef2dd328d9b0675e526dbb
e42fda0e9609801a6e29db6b4f6f1a1f6fa7acf7
3907aefb9948aee33b09f3cec9952002a305a5e180418a8bd44bf2e99dda857c
GET /it/u=3475017141,1283094648&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpeg
Content-Length: 129114
Connection: keep-alive
Expires: Mon, 06 Feb 2023 09:41:13 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 03a1264990ef2dd328d9b0675e526dbb
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 09:41:13 GMT
Ohc-Cache-HIT: dy2ct63 [1], czix131 [2]
Ohc-File-Size: 129114
X-Cache-Status: MISS
12646.url.tudown.com/uploads/images/192024.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/192024.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/192024.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3311441293,127023699&fm=253&fmt=auto&app=138&f=JPEG?w=720&h=404
12646.url.tudown.com/uploads/images/978975.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12646.url.tudown.com/uploads/images/978975.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/978975.jpg HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1329626756,4202590478&fm=224&app=112&f=JPEG?w=495&h=500
img1.baidu.com/it/u=141490481,2574890035&fm=253&fmt=auto&app=138&f=JPEG?w=658&h=465
125.64.104.35200 OK 29 kB URL HTTP/2 img1.baidu.com/it/u=141490481,2574890035&fm=253&fmt=auto&app=138&f=JPEG?w=658&h=465
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 658x465, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 818fa1aea6b8619a2a4d8e1694e47501
2604a62fa121f08bc393633aef7d629f1cfa48a1
f51bc3446474f75744babc107fe590971537bac6bc047efe14c57c43ee117576
GET /it/u=141490481,2574890035&fm=253&fmt=auto&app=138&f=JPEG?w=658&h=465 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 28640
expires: Tue, 21 Feb 2023 10:21:10 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 818fa1aea6b8619a2a4d8e1694e47501
age: 22232
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 10:21:10 GMT
ohc-cache-hit: dy2ct88 [4], bdix88 [2]
ohc-file-size: 28640
x-cache-status: HIT
X-Firefox-Spdy: h2
t13.baidu.com/it/u=1329626756,4202590478&fm=224&app=112&f=JPEG?w=495&h=500
185.10.104.124200 OK 26 kB URL HTTP/1.1 t13.baidu.com/it/u=1329626756,4202590478&fm=224&app=112&f=JPEG?w=495&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 495x500, components 3\012- data
Hash 600171324f05d5e0a8aed88c122bcb33
545c8092fd55bb0064065b3c1bad2ae30467fed4
0c843a64dcea2eda2aaea4f95d1d4198fc13d23da0161d6d3ad4f384c8852913
GET /it/u=1329626756,4202590478&fm=224&app=112&f=JPEG?w=495&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpeg
Content-Length: 26347
Connection: keep-alive
Expires: Mon, 06 Feb 2023 23:23:04 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 600171324f05d5e0a8aed88c122bcb33
Age: 993207
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 23:23:04 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache104 [4], bdix229 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 26347
X-Cache-Status: HIT
t15.baidu.com/it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 58 kB URL HTTP/1.1 t15.baidu.com/it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 02c71792996413adf8ba45f77f6a5158
c2b0c33812c343dc3902141ac0b810a9ef79a2a8
3ae1e493cf1f1d206981280336c9b6bcefca4cc949a3065a494986c3ffeb43bc
GET /it/u=3498999805,3651009368&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpeg
Content-Length: 57512
Connection: keep-alive
Expires: Fri, 10 Feb 2023 06:59:19 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 02c71792996413adf8ba45f77f6a5158
Age: 993190
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 06:59:18 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache61 [4], xaix61 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57512
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1245082095,4060935924&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=435
36.99.3.35200 OK 11 kB URL HTTP/2 img0.baidu.com/it/u=1245082095,4060935924&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=435
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 580x435, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 722f43a23b54c4946c1e1c383dc14e33
ef826edb56d72422f1b6e0196c8a9079a5f75b23
bbf36d817352499c1333ae570d63aac2712f51bbb99bf2d8c187b2291381fd69
GET /it/u=1245082095,4060935924&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=435 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 10624
expires: Mon, 13 Feb 2023 11:20:10 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 722f43a23b54c4946c1e1c383dc14e33
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 14 Jan 2023 11:20:10 GMT
ohc-cache-hit: ly4ct67 [1], xaix67 [4]
ohc-file-size: 10624
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=12504738,1935742948&fm=253&app=120&f=JPEG?w=1422&h=800
36.99.3.35200 OK 296 kB URL HTTP/1.1 img2.baidu.com/it/u=12504738,1935742948&fm=253&app=120&f=JPEG?w=1422&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 296 kB (295788 bytes)
Hash f016cf7a7e843e9fcbd338ef59669343
2752497f71e98c7f2fa27a49a0c2072830378db1
5bba7a873c3ff4ac51f1b87d578d1846d746299d1c3fd13dd3123d9d4932f0f8
GET /it/u=12504738,1935742948&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:10 GMT
Content-Type: image/jpeg
Content-Length: 295788
Connection: keep-alive
Expires: Thu, 02 Feb 2023 07:54:34 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: f016cf7a7e843e9fcbd338ef59669343
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 07:54:34 GMT
Ohc-Cache-HIT: ly4ct60 [2], qdix60 [4]
Ohc-File-Size: 295788
X-Cache-Status: MISS
img0.baidu.com/it/u=4107556145,2197776600&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
36.99.3.35200 OK 29 kB URL HTTP/2 img0.baidu.com/it/u=4107556145,2197776600&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x667, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 312f5c538dcb4d83bf9b0dfe05e9ea0c
ded8c9a9c79237f2ebce6cb7d428183956756657
6cb850201e9c4310953b276f725b86a741aef34f7b10514ccccc8b27af5264bd
GET /it/u=4107556145,2197776600&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 29132
expires: Thu, 26 Jan 2023 19:55:40 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 312f5c538dcb4d83bf9b0dfe05e9ea0c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 19:55:40 GMT
ohc-cache-hit: ly4ct89 [1], czix89 [4]
ohc-file-size: 29132
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3311441293,127023699&fm=253&fmt=auto&app=138&f=JPEG?w=720&h=404
125.64.104.35200 OK 51 kB URL HTTP/2 img1.baidu.com/it/u=3311441293,127023699&fm=253&fmt=auto&app=138&f=JPEG?w=720&h=404
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 720x404, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0257fdbe5a74e8cd4ab6d286d278ff00
8e13732f76da722510e46498cd4cf349f483de2a
1072eda441518584b5db6cef3ba4ffade34cd56dacba6e75febdde6853fc0542
GET /it/u=3311441293,127023699&fm=253&fmt=auto&app=138&f=JPEG?w=720&h=404 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 50636
expires: Tue, 21 Feb 2023 10:28:04 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0257fdbe5a74e8cd4ab6d286d278ff00
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 10:28:04 GMT
ohc-cache-hit: dy2ct66 [1], bdix160 [4]
ohc-file-size: 50636
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=542082992,3071356042&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=773
36.99.3.35200 OK 38 kB URL HTTP/2 img0.baidu.com/it/u=542082992,3071356042&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=773
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x773, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63ad87d1a9d59c297f8af6f0e734dce5
47afcb91a7f36b8f5a3959efc548e87a0f2b5416
17018af14aa8061eaceaad453f51e4e2e14b1ad7699a512e9edd3102ba7846d6
GET /it/u=542082992,3071356042&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=773 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12646.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:11 GMT
content-type: image/webp
content-length: 37898
expires: Sat, 18 Feb 2023 15:05:45 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 63ad87d1a9d59c297f8af6f0e734dce5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 15:05:45 GMT
ohc-cache-hit: ly4ct78 [1], wzix78 [4]
ohc-file-size: 37898
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3677174601,3476162483&fm=253&app=120&f=JPEG?w=1280&h=800
114.232.92.35200 OK 120 kB URL HTTP/1.1 img1.baidu.com/it/u=3677174601,3476162483&fm=253&app=120&f=JPEG?w=1280&h=800
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 120 kB (120226 bytes)
Hash 0990af56e7208b9fd2c942e743703c9e
14443df088960a18ea4046682e40991247598f13
5d53e3974ef5b7ec001fb9e7a29ef0a9b8e241ceea2c21d3ae3e1fd7ca0882e3
GET /it/u=3677174601,3476162483&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpeg
Content-Length: 120226
Connection: keep-alive
Expires: Tue, 07 Feb 2023 00:46:04 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 0990af56e7208b9fd2c942e743703c9e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 00:46:04 GMT
Ohc-Cache-HIT: nt2ct73 [1], suzix232 [4]
Ohc-File-Size: 120226
X-Cache-Status: MISS
img0.baidu.com/it/u=2279520874,1220153587&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.3.35200 OK 85 kB URL HTTP/1.1 img0.baidu.com/it/u=2279520874,1220153587&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.3.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 84306639b8f51b8fb518e469b73e36d5
daaa743189fe9bf3e3e600f39e2f60b4fb9b2015
beccc79bae8c62e07fe6b4914c21e0eff00920bd7c767d2a901b8cf0706359f0
GET /it/u=2279520874,1220153587&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:11 GMT
Content-Type: image/jpeg
Content-Length: 84896
Connection: keep-alive
Expires: Sun, 05 Feb 2023 09:21:06 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 84306639b8f51b8fb518e469b73e36d5
Age: 18056
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 09:21:06 GMT
Ohc-Cache-HIT: ly4ct83 [4], bdix233 [2]
Ohc-File-Size: 84896
X-Cache-Status: HIT
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
101.198.192.7200 OK 117 B URL HTTP/1.1 js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP 101.198.192.7:0
ASN #55992 Beijing Qihu Technology Company Limited
File type HTML document, ASCII text, with no line terminators
Hash 807bb08bf1c51aaff763edb0f02719ef
6e089da63e5751494b32d77031df30ec3c8be067
7eb411ad7be2e6af85645f2a2b6401bf6085fe4e0436d004f33710bb84a7be4e
GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:12:12 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Mon, 23 Jan 2023 09:22:12 GMT
KCS-Via: REVALIDATED from w-fc01.hkht;MISS from w-sc01.hkht
Content-Encoding: gzip
s6.qhres2.com/static/ab77b6ea7f3fbf79.js
54.230.111.35200 OK 478 B URL HTTP/1.1 s6.qhres2.com/static/ab77b6ea7f3fbf79.js
IP 54.230.111.35:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s6.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: q_s0vVySQcPVZX4EWfGWtAmG6M3c8hp9NbCDH_PheG7NRLkdTwEO-A==
Age: 10308227
t13.baidu.com/it/u=2858881226,3364858545&fm=224&app=112&f=JPEG?w=470&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t13.baidu.com/it/u=2858881226,3364858545&fm=224&app=112&f=JPEG?w=470&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 470x500, components 3\012- data
Hash 8bfbc4d44ce96c4ad070aee8fe8245c6
88cf5224569a6ff941028330a14591b4b7c11017
0b67de3b3d45a3ed15ce9bf4c29f8a465d93cf956fef8bb3f1304b6c2b5a7ce0
GET /it/u=2858881226,3364858545&fm=224&app=112&f=JPEG?w=470&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12646.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:12 GMT
Content-Type: image/jpeg
Content-Length: 43841
Connection: keep-alive
Expires: Mon, 20 Feb 2023 08:56:09 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 8bfbc4d44ce96c4ad070aee8fe8245c6
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 08:56:09 GMT
Ohc-Upstream-Trace: 58.20.204.55
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache55 [1], bdix85 [4]
Ohc-Response-Time: 1 0 0 0 1248 1248
Ohc-File-Size: 43841
X-Cache-Status: MISS
Timing-Allow-Origin: *
s.360.cn/so/zz.gif?url=http%3A%2F%2F12646.url.tudown.com%2Fdown%2F%25E5%2593%2588%25E5%25A7%2586%25E5%25A4%25AA%25E9%2583%258E%25E7%25AC%25AC%25E5%259B%259B%25E5%25AD%25A3%25E5%2585%25A8%25E9%259B%2586%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%2598%40402_2.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a22_621004e@38a99%bB990%
180.163.251.230200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12646.url.tudown.com%2Fdown%2F%25E5%2593%2588%25E5%25A7%2586%25E5%25A4%25AA%25E9%2583%258E%25E7%25AC%25AC%25E5%259B%259B%25E5%25AD%25A3%25E5%2585%25A8%25E9%259B%2586%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%2598%40402_2.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a22_621004e@38a99%bB990%
IP 180.163.251.230:0
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12646.url.tudown.com%2Fdown%2F%25E5%2593%2588%25E5%25A7%2586%25E5%25A4%25AA%25E9%2583%258E%25E7%25AC%25AC%25E5%259B%259B%25E5%25AD%25A3%25E5%2585%25A8%25E9%259B%2586%25E7%2599%25BE%25E5%25BA%25A6%25E4%25BA%2591%25E7%25BD%2591%25E7%259B%2598%40402_2.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a22_621004e@38a99%bB990% HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Mon, 23 Jan 2023 09:12:12 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Fri, 27 Jul 2018 07:11:18 GMT
Connection: keep-alive
ETag: "5b5ac596-0"
Accept-Ranges: bytes
12646.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12646.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12646.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12646.url.tudown.com/down/%E5%93%88%E5%A7%86%E5%A4%AA%E9%83%8E%E7%AC%AC%E5%9B%9B%E5%AD%A3%E5%85%A8%E9%9B%86%E7%99%BE%E5%BA%A6%E4%BA%91%E7%BD%91%E7%9B%98@402_2.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674465129; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1674465129
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:13 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes