r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13755
Expires: Mon, 23 Jan 2023 13:02:00 GMT
Date: Mon, 23 Jan 2023 09:12:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8423
Expires: Mon, 23 Jan 2023 11:33:08 GMT
Date: Mon, 23 Jan 2023 09:12:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 08:34:59 GMT
content-type: application/json
age: 2266
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9285
Expires: Mon, 23 Jan 2023 11:47:30 GMT
Date: Mon, 23 Jan 2023 09:12:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dUAtYLbFRTLBso6garWHrStijvNAxMNVJAikZRPs7OIXPoyQ6GGzzBer18sDK2+bSHfTZMCYli02mjXpkogJyw==
x-amz-request-id: SVB6FQ4T9T5EVV1S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 08:47:39 GMT
age: 1506
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 09:12:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 08:48:59 GMT
age: 1427
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3473
Cache-Control: max-age=89514
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:12:46 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:04:40 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
200 OK 8.6 kB URL HTTP/1.1 12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 167e5181774162c113101aca207bc286
86d24d9e4b07fcd63bd88425df113626d35371eb
a87bb77ce5027ef109de353521d538bd32936d0abf011ef0d6689408f551135c
Analyzer Verdict Alert fortinet Malware
GET /down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5WxuNfyYykCut3MVcwllMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Jhj3YyD4xECbxugALSQHAir4BrI=
12445.url.tudown.com/js/orsxg5a.script
200 OK 531 B URL HTTP/1.1 12445.url.tudown.com/js/orsxg5a.script
IP
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12445.url.tudown.com/template/company/955yx/js/searchword.js
200 OK 1.3 kB URL HTTP/1.1 12445.url.tudown.com/template/company/955yx/js/searchword.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 95c12a0f8944cbd1c05e11f7a72875dd
22430886820419d75b8da5721af251bdeb6811d1
36e33550c0a108df269183b53afe7f8c86316cc7e24a84ee3804e8ae12c627eb
GET /template/company/955yx/js/searchword.js HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff1-fb5"
Expires: Mon, 23 Jan 2023 21:12:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12445.url.tudown.com/template/company/955yx/js/week_rank.js
200 OK 656 B URL HTTP/1.1 12445.url.tudown.com/template/company/955yx/js/week_rank.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 00ac918b54dd742e0ec507274205038a
6a2976eb86376f33eb4f7b587f71296f07940da5
11624c98f05816c06f80e2ea5ef22376ce5509cb2c076003f9d5f27ac81f4ec9
GET /template/company/955yx/js/week_rank.js HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: application/javascript
Content-Length: 656
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-290"
Expires: Mon, 23 Jan 2023 21:12:47 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12445.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
200 OK 41 kB URL HTTP/1.1 12445.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (65483)
Hash aef63d51fe884fe89d488a2abc96381b
ed39edfb824178566b87b08164c7d382a119705b
51826bef0d69d08144d8605e1c56e1602cb1b6f620f854972c31080cf17d11f5
GET /template/company/955yx/js/jquery-1.8.3.min.js HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:46 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-198c3"
Expires: Mon, 23 Jan 2023 21:12:46 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12445.url.tudown.com/template/company/955yx/js/script_index2.js
200 OK 2.3 kB URL HTTP/1.1 12445.url.tudown.com/template/company/955yx/js/script_index2.js
IP
ASN #137951 Clayer Limited
File type ISO-8859 text, with CRLF line terminators
Hash e3f1b130f72b9756f002c6bbbc284fb7
d51b59da45422005ca5f02b66cb02eaf1b44a8fd
3c0e569d33461414b263a4a7e6602577873e4843bb450d5de979f263d02644c9
GET /template/company/955yx/js/script_index2.js HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff2-1f77"
Expires: Mon, 23 Jan 2023 21:12:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12445.url.tudown.com/template/company/955yx/js/api.js
200 OK 22 B URL HTTP/1.1 12445.url.tudown.com/template/company/955yx/js/api.js
IP
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 143a35d673d243f56603ac04a89d8099
677acddc2a341ec711d74ecfd05bb919208c23df
ab368ffd11e345075f085c40cfdd9254280e0db19ed65e2668c287b17508170f
GET /template/company/955yx/js/api.js HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: application/javascript
Content-Length: 22
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Connection: keep-alive
ETag: "60c86ff2-16"
Expires: Mon, 23 Jan 2023 21:12:47 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12445.url.tudown.com/template/company/955yx/js/gb.js
200 OK 7.7 kB URL HTTP/1.1 12445.url.tudown.com/template/company/955yx/js/gb.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2a105ecd23c8abe20d0f84a4d10903a7
f3a1339005455be7df05412b2bde5d33ed096da0
9e8e3180840152689c4d7732c3660da6c766645aad88f695c041720ff5ec0a67
GET /template/company/955yx/js/gb.js HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-7685"
Expires: Mon, 23 Jan 2023 21:12:47 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12445.url.tudown.com/template/company/955yx/css/gb.css
200 OK 47 kB URL HTTP/1.1 12445.url.tudown.com/template/company/955yx/css/gb.css
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (393), with CRLF line terminators
Hash 50dd1318432db01d440645564e53edc9
ee0cb6adb44f515312f771197c6c08b951cb7689
2b908ce7540ed6b03b07bdec7eb7eb504b76e78b3304474f40af3b8f3afb2135
GET /template/company/955yx/css/gb.css HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:46 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-30c0d"
Expires: Mon, 23 Jan 2023 21:12:46 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aff1c8f8bde400381877e95444ca236d
c532f6f9daa1d1685b4a4b75c2ab171f1731f78e
02cbcddfab60c295e61e716b7880c5acc66533a2cc2b151b4c9674109eacb71a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CBCDDFAB60C295E61E716B7880C5ACC66533A2CC2B151B4C9674109EACB71A"
Last-Modified: Mon, 23 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20791
Expires: Mon, 23 Jan 2023 14:59:18 GMT
Date: Mon, 23 Jan 2023 09:12:47 GMT
Connection: keep-alive
s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
200 OK 478 B URL HTTP/2 s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
IP
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /ssl/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s.ssl.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12445.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 478
date: Thu, 24 Nov 2022 04:21:47 GMT
x-qstatic-hit: 1
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"67d74adaac6d2f43"
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
expires: Sun, 21 Nov 2032 04:21:47 GMT
kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lato
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b0pEe5PfBlk06fYH6hwoToUgGQt1WoW2Os5sKU_Tm9tboElya4778A==
age: 5201460
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8564
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:12:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8564
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:12:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8564
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:12:47 GMT
Connection: keep-alive
12445.url.tudown.com/static/api/http://12445.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465128
404 Not Found 146 B URL HTTP/1.1 12445.url.tudown.com/static/api/http://12445.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465128
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /static/api/http://12445.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465128 HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12445.url.tudown.com/uploads/images/190817.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/190817.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/190817.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4130083672,1719501657&fm=253&fmt=auto&app=138&f=GIF?w=500&h=749
12445.url.tudown.com/uploads/images/831587.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/831587.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/831587.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2039500801,3149687525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12445.url.tudown.com/uploads/images/504468.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/504468.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/504468.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2623739150,1369303753&fm=253&fmt=auto?w=1280&h=800
12445.url.tudown.com/uploads/images/615159.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/615159.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/615159.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=132462895,311866095&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500
12445.url.tudown.com/uploads/images/936711.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/936711.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/936711.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1492198769,2651086744&fm=253&app=120&f=JPEG?w=1422&h=800
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K73B093GBbsf85ny_o8fc9oE417nJBFlH0eEdhiifeQk3KG5Q-HHdg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 07:53:50 GMT
age: 4737
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5401628b3bdd03eeee51f68177ac4d41
bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29
3e231ba2e44699d88ed1e28510dad0762a57e0854a11d40f752421bd41738944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10052
x-amzn-requestid: 10422f29-dc81-41f9-b03e-76fb2b0f4f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2vnHFT9oAMFbmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c62d-780503606bec4fff6e911fc8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:48:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bcQqOfvj5pAZj--Zx6PFaG7j5ei1DbbIzS90vaApoWwFWrxeLri4Ow==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 07:11:12 GMT
age: 7295
etag: "bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/300994.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/300994.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/300994.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3854236692,1098192838&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0BgrMQG0-OHmZipKTgnHTs3HxYGBqKowIS37tg_QooT4JPlqHBPFvw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:46 GMT
age: 41101
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d0dd6e84bd1708aec285a9153eafabc
2d2729ca550ecdca29a502eb76c68f4eed623032
3c0492fc05ab9a35cd8d833a031aa907a473f2ff22fed0732fa331a0c2939660
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4085
x-amzn-requestid: 444720ab-9a4d-40f7-a2e2-e574d4e2928d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBP0uEeToAMFepA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9f9b7-113188a040ff40ad479415cc;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 02:17:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: keWFs-Nhkuz7lUygleMuZ8TqK5mbLbs8IvnNtlNqknIW12DwwgswKg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:56:03 GMT
age: 40604
etag: "2d2729ca550ecdca29a502eb76c68f4eed623032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9hYFY_BBaMWiasXJJzYqTe2Rb2fH06yFE0vuinlYA2V_lUaDjfmbg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:39 GMT
age: 36188
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e42f475b1e14cb9d0939ef39db8e1f91
dda57d67c7b5f32123d3c9956dec8f805138b3bf
ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: e80dab53-5137-4776-a105-b1933e9bda6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqu6GhZIAMFWSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f8-696c3a7f103b96a23ed4abec;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5bEvPaVPmareEYTNHUoTIEtCn0EKpBBafR11mjrvwPFVS_DLFKgm3w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 05:41:35 GMT
age: 12672
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 23 Jan 2023 09:12:47 GMT
Etag: "4078521116"
Expires: Tue, 23 Jan 2024 09:12:47 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=3BB0B8005A0DE9A0E1358E8E57F769FB:FG=1; max-age=31536000; expires=Tue, 23-Jan-24 09:12:47 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12445.url.tudown.com/template/company/955yx/images/home.png
200 OK 1.3 kB URL HTTP/1.1 12445.url.tudown.com/template/company/955yx/images/home.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 302b4d0465daebb6a02b59b721d92a41
20d18d0cb9f052ec48b775ec2de2e8ce1a233c1e
a7fa550286b2b0974ab70bbadbe26cfa5b6770da8a71445b3b3f87abd896d3f2
GET /template/company/955yx/images/home.png HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: image/png
Content-Length: 1270
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-4f6"
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 96426b8d462171c1ea848ea196db325a
25b8fc5a23d0bf02a3809d59472cd972d8528ab6
6941e1fb273720cda3a858c32e07289afe914597d6f991523de4d318213daa37
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 27 Jan 2023 05:47:17 GMT
ETag: "25b8fc5a23d0bf02a3809d59472cd972d8528ab6"
Last-Modified: Mon, 23 Jan 2023 05:47:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2698
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78df68e4bb650b06-OSL
s.360.cn/so/zz.gif?url=http%3A%2F%2F12445.url.tudown.com%2Fdown%2F%25E6%25B1%259F%25E8%258B%258F%25E5%259C%25B0%25E7%25A8%258E%25E7%25BD%2591%25E4%25B8%258A%25E5%258A%259E%25E7%25A8%258E%25E6%259C%258D%25E5%258A%25A1%25E5%258E%2585%25E5%25AE%25A2%25E6%2588%25B7%25E7%25AB%25AF%40271_216865.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b536f82681522_51f722d@bF
200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12445.url.tudown.com%2Fdown%2F%25E6%25B1%259F%25E8%258B%258F%25E5%259C%25B0%25E7%25A8%258E%25E7%25BD%2591%25E4%25B8%258A%25E5%258A%259E%25E7%25A8%258E%25E6%259C%258D%25E5%258A%25A1%25E5%258E%2585%25E5%25AE%25A2%25E6%2588%25B7%25E7%25AB%25AF%40271_216865.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b536f82681522_51f722d@bF
IP
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12445.url.tudown.com%2Fdown%2F%25E6%25B1%259F%25E8%258B%258F%25E5%259C%25B0%25E7%25A8%258E%25E7%25BD%2591%25E4%25B8%258A%25E5%258A%259E%25E7%25A8%258E%25E6%259C%258D%25E5%258A%25A1%25E5%258E%2585%25E5%25AE%25A2%25E6%2588%25B7%25E7%25AB%25AF%40271_216865.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b536f82681522_51f722d@bF HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Mon, 23 Jul 2018 07:07:51 GMT
Connection: keep-alive
ETag: "5b557ec7-0"
Accept-Ranges: bytes
12445.url.tudown.com/uploads/images/991339.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/991339.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/991339.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1108142001,1279031359&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
12445.url.tudown.com/uploads/images/578365.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/578365.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/578365.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=974715902,1422322774&fm=224&app=112&f=JPEG?w=500&h=500&s=50C3D01A55434FE5107175D1030010B0
12445.url.tudown.com/uploads/images/788889.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/788889.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/788889.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1210340101,250915746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
t13.baidu.com/it/u=974715902,1422322774&fm=224&app=112&f=JPEG?w=500&h=500&s=50C3D01A55434FE5107175D1030010B0
200 OK 41 kB URL HTTP/1.1 t13.baidu.com/it/u=974715902,1422322774&fm=224&app=112&f=JPEG?w=500&h=500&s=50C3D01A55434FE5107175D1030010B0
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash de8d9788c45c72b1709d9d9ffc688839
7a34229bc9ff1b7a19680dd68a001cb1727b94f2
75af6dd9b8335c0cd11dbfc2dfc225d0cb45dd2a972aa743fefe300f2320aa5e
GET /it/u=974715902,1422322774&fm=224&app=112&f=JPEG?w=500&h=500&s=50C3D01A55434FE5107175D1030010B0 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpeg
Content-Length: 40988
Connection: keep-alive
Expires: Mon, 20 Feb 2023 16:20:19 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: de8d9788c45c72b1709d9d9ffc688839
Age: 41906
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 16:20:19 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache64 [1], wzix108 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 40988
X-Cache-Status: HIT
Timing-Allow-Origin: *
12445.url.tudown.com/uploads/images/560359.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/560359.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/560359.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2102760945,1640945634&fm=253&fmt=auto&app=138&f=PNG?w=500&h=666
12445.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674465166323
200 OK 8.8 kB URL HTTP/1.1 12445.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674465166323
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash c0ca5e6ab37e90569ae32be999ff6738
beaa88aaf918dacd0550229486894185250d9b4c
3a8562a20036d91bad149273316aa0db575ea0d3356014929fa9b78c6bd58a40
GET /index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674465166323 HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12445.url.tudown.com/uploads/images/948227.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/948227.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/948227.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4189178522,3467542789&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
12445.url.tudown.com/uploads/images/377469.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/377469.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/377469.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1123943769,1469905639&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=3854236692,1098192838&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=3854236692,1098192838&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f7f9797be6b969f96522d3ddc3aea923
f22e3fad2260ab6b680b9d9dbadbd3f962143c67
d1a8c1d665e41256f81f465facc0f777b22b5b38222819aa67e9db79cb9e7556
GET /it/u=3854236692,1098192838&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/webp
content-length: 19674
expires: Mon, 06 Feb 2023 13:03:42 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: f7f9797be6b969f96522d3ddc3aea923
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 13:03:42 GMT
ohc-cache-hit: nt2ct58 [1], wzix80 [2]
ohc-file-size: 19674
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=1123943769,1469905639&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 59 kB URL HTTP/1.1 t13.baidu.com/it/u=1123943769,1469905639&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d5dd5e337803247fb82a2d5d697a91d1
fb34273535161e899bcfebe79768cbd01e3abdc3
f22db60adb08c53521e9f3dc552e9bdaa47032ef996c77441c26fe2e6cff9e4a
GET /it/u=1123943769,1469905639&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpeg
Content-Length: 58904
Connection: keep-alive
Expires: Thu, 02 Feb 2023 10:02:38 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: d5dd5e337803247fb82a2d5d697a91d1
Age: 1673773
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 10:02:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache63 [1], wzix119 [4]
Ohc-Response-Time: 1 0 0 0 0 1
Ohc-File-Size: 58904
X-Cache-Status: HIT
Timing-Allow-Origin: *
12445.url.tudown.com/uploads/images/823776.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/823776.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/823776.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3025969692,510121586&fm=253&fmt=auto&app=138&f=JPEG?w=703&h=500
12445.url.tudown.com/uploads/images/555541.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/555541.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/555541.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3489699970,2982914095&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=285
12445.url.tudown.com/api.php?op=digg&action=show&id=23038
404 Not Found 146 B URL HTTP/1.1 12445.url.tudown.com/api.php?op=digg&action=show&id=23038
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /api.php?op=digg&action=show&id=23038 HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
img2.baidu.com/it/u=2623739150,1369303753&fm=253&fmt=auto?w=1280&h=800
200 OK 53 kB URL HTTP/2 img2.baidu.com/it/u=2623739150,1369303753&fm=253&fmt=auto?w=1280&h=800
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 910be12bc71c40dd7c58e58e058d53c9
163cfa9ad4d51319723f7cc7d32a2f2f2e706a28
f02f2dc20930ba2890dc4b4174908884a298d175542b5203fdd672a410d77511
GET /it/u=2623739150,1369303753&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/webp
content-length: 52672
expires: Wed, 01 Feb 2023 08:22:00 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 910be12bc71c40dd7c58e58e058d53c9
age: 168698
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 08:22:00 GMT
ohc-cache-hit: nt2ct78 [4], wzix118 [4]
ohc-file-size: 52672
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1108142001,1279031359&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=1108142001,1279031359&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x185, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e2745bcfe09a1c15174fa027e506ce1
92b6c99381ca8102b1ee4a6d69ccf3be2449492c
683e54df799c4c03155f53634962e7c6fc1cdf276e449e832da042bd8186f55e
GET /it/u=1108142001,1279031359&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/webp
content-length: 12582
expires: Tue, 07 Feb 2023 14:14:43 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1e2745bcfe09a1c15174fa027e506ce1
age: 168698
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 14:14:43 GMT
ohc-cache-hit: nt2ct66 [4], csix115 [2]
ohc-file-size: 12582
x-cache-status: HIT
X-Firefox-Spdy: h2
12445.url.tudown.com/template/company/955yx/images/bgs.png
200 OK 101 kB URL HTTP/1.1 12445.url.tudown.com/template/company/955yx/images/bgs.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 500 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 101 kB (101362 bytes)
Hash 1621ecee9c5f80ff96ab42e1ee259f58
5867acc872a638e86b981dbd81632c219a8093ec
f7809c07dbf542cc134fa715f678d4fba323bffdc649c9fb85a866b55b0c47f9
GET /template/company/955yx/images/bgs.png HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:47 GMT
Content-Type: image/png
Content-Length: 101362
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Connection: keep-alive
ETag: "60c86fef-18bf2"
Accept-Ranges: bytes
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 87b8cc444d8278131e0784f689e0c04e
f6a61cd981e8bbdd3d50c5e1d9a096c79622acf6
8b5dd3a37ec0dfa9da614b33f95c3c9233ef530aa2a4baa4a82bb3c11463b1de
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12445.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Mon, 23 Jan 2023 09:12:48 GMT
Etag: 2ffab0539f095925ed314b1d38e00a36
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C1A7E4AB0DDEAF93; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
12445.url.tudown.com/template/company/955yx/images/litterstar.png
200 OK 1.7 kB URL HTTP/1.1 12445.url.tudown.com/template/company/955yx/images/litterstar.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 73 x 143, 8-bit colormap, non-interlaced\012- data
Hash d130270dc6abd41d1d40acbe01e36739
5dec8c0c88e9c3dfb13cbfc7d1d9818baa7ee96c
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b
GET /template/company/955yx/images/litterstar.png HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/png
Content-Length: 1706
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Connection: keep-alive
ETag: "60c86ff1-6aa"
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 23 Jan 2023 09:12:48 GMT
img2.baidu.com/it/u=3025969692,510121586&fm=253&fmt=auto&app=138&f=JPEG?w=703&h=500
200 OK 21 kB URL HTTP/2 img2.baidu.com/it/u=3025969692,510121586&fm=253&fmt=auto&app=138&f=JPEG?w=703&h=500
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 703x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 307a0e761946edf12846fbd69d18db19
3568f8283217d6ef07ed6f11a9126cc7b44a8375
0d175d71bc8a03b4bcaf06e6e1a58f491c226e346ff3571dcb08aefb067964eb
GET /it/u=3025969692,510121586&fm=253&fmt=auto&app=138&f=JPEG?w=703&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/webp
content-length: 20814
expires: Thu, 16 Feb 2023 02:08:20 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 307a0e761946edf12846fbd69d18db19
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 17 Jan 2023 02:08:20 GMT
ohc-cache-hit: nt2ct69 [1], xiangyix69 [4]
ohc-file-size: 20814
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=132462895,311866095&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500
200 OK 73 kB URL HTTP/2 img1.baidu.com/it/u=132462895,311866095&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 890x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1204dee3d658a4f70f14cb8c4772d3d5
62e877c1ac5342299d7c26bfbf5f69ab4c57b9b6
0770986791dcf2750409890fb67599d861fff3b6836956e9c76e93d7781baab1
GET /it/u=132462895,311866095&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/webp
content-length: 73424
expires: Fri, 10 Feb 2023 09:00:04 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 1204dee3d658a4f70f14cb8c4772d3d5
age: 317518
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 09:00:04 GMT
ohc-cache-hit: dy2ct70 [4], suzix70 [4]
ohc-file-size: 73424
x-cache-status: HIT
X-Firefox-Spdy: h2
12445.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
200 OK 8.7 kB URL HTTP/1.1 12445.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash d536298a7279eecf803d33edbb6ca0e3
43594ee1a4479df7b74058c0054b56c7db5b64c6
8bb9222e3ab00341c004b1d20999119138c9d4c1d451e08233b6c28986a6fb70
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12445.url.tudown.com/uploads/images/967536.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/967536.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/967536.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3446940667,3804255645&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500
12445.url.tudown.com/uploads/images/91173.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/91173.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/91173.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3738131743,2497319802&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
12445.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
200 OK 8.6 kB URL HTTP/1.1 12445.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash c03306344bc88f572f5a7c8da5308db8
3e956f842e9a4609cd12b20471e012176e4617dd
0f8401b822b8d07a395cc5563cdd475b584606c9766c68fdc7e3e354eb549d00
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
img1.baidu.com/it/u=2039500801,3149687525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=2039500801,3149687525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44cba1300a94e30e9bb0ff2a1a0def82
29bfe6a8b6c6011ead84a66548ca56fb4fb79072
e56947d0d1262b382153e50ee9e0fd0f3a8b196223d54f1732289eba1947e96a
GET /it/u=2039500801,3149687525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/webp
content-length: 14616
expires: Mon, 20 Feb 2023 18:29:25 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 44cba1300a94e30e9bb0ff2a1a0def82
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 18:29:25 GMT
ohc-cache-hit: dy2ct60 [1], xaix222 [4]
ohc-file-size: 14616
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4189178522,3467542789&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
200 OK 11 kB URL HTTP/2 img1.baidu.com/it/u=4189178522,3467542789&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x888, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08b9c346a0ba9ac0e067dbb7135be011
abc4695e272c87df85f5dc9fb060039706d2c53e
9bf865c49f239c48c58ff85a2319b38454a12a631c15b759cac81051ec715bf2
GET /it/u=4189178522,3467542789&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/webp
content-length: 10804
expires: Sat, 18 Feb 2023 10:00:52 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 08b9c346a0ba9ac0e067dbb7135be011
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 10:00:52 GMT
ohc-cache-hit: dy2ct50 [1], xaix118 [4]
ohc-file-size: 10804
x-cache-status: MISS
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/227042.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/227042.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/227042.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2948680530,717460338&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
img0.baidu.com/it/u=2102760945,1640945634&fm=253&fmt=auto&app=138&f=PNG?w=500&h=666
200 OK 148 kB URL HTTP/2 img0.baidu.com/it/u=2102760945,1640945634&fm=253&fmt=auto&app=138&f=PNG?w=500&h=666
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image\012- data
Size 148 kB (147890 bytes)
Hash d1e001f8d300324e6b9fadd7616d483c
23a110d9c3092aacd397b182fa2c3d1ba0e3e5e4
7b435241d0e80c92abaff635ee302a909fc82d0ea74511bdb0d741fcd6e6dc91
GET /it/u=2102760945,1640945634&fm=253&fmt=auto&app=138&f=PNG?w=500&h=666 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/webp
content-length: 147890
expires: Tue, 21 Feb 2023 06:34:50 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: d1e001f8d300324e6b9fadd7616d483c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 06:34:50 GMT
ohc-cache-hit: ly4ct90 [2], xaix200 [2]
ohc-file-size: 147890
x-cache-status: MISS
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/405992.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/405992.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/405992.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=916379908,4197649865&fm=224&app=112&f=JPEG?w=366&h=500
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1413894444&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45918&r=0&ww=1280&u=http%3A%2F%2F12445.url.tudown.com%2Fdown%2F%25E6%25B1%259F%25E8%258B%258F%25E5%259C%25B0%25E7%25A8%258E%25E7%25BD%2591%25E4%25B8%258A%25E5%258A%259E%25E7%25A8%258E%25E6%259C%258D%25E5%258A%25A1%25E5%258E%2585%25E5%25AE%25A2%25E6%2588%25B7%25E7%25AB%25AF%40271_216865.exe&tt=MG%E5%A8%B1%E4%B9%90%E7%BD%91%E7%AB%99%E7%BD%91%E5%9D%80(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1413894444&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45918&r=0&ww=1280&u=http%3A%2F%2F12445.url.tudown.com%2Fdown%2F%25E6%25B1%259F%25E8%258B%258F%25E5%259C%25B0%25E7%25A8%258E%25E7%25BD%2591%25E4%25B8%258A%25E5%258A%259E%25E7%25A8%258E%25E6%259C%258D%25E5%258A%25A1%25E5%258E%2585%25E5%25AE%25A2%25E6%2588%25B7%25E7%25AB%25AF%40271_216865.exe&tt=MG%E5%A8%B1%E4%B9%90%E7%BD%91%E7%AB%99%E7%BD%91%E5%9D%80(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1413894444&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45918&r=0&ww=1280&u=http%3A%2F%2F12445.url.tudown.com%2Fdown%2F%25E6%25B1%259F%25E8%258B%258F%25E5%259C%25B0%25E7%25A8%258E%25E7%25BD%2591%25E4%25B8%258A%25E5%258A%259E%25E7%25A8%258E%25E6%259C%258D%25E5%258A%25A1%25E5%258E%2585%25E5%25AE%25A2%25E6%2588%25B7%25E7%25AB%25AF%40271_216865.exe&tt=MG%E5%A8%B1%E4%B9%90%E7%BD%91%E7%AB%99%E7%BD%91%E5%9D%80(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12445.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 23 Jan 2023 09:12:49 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=008F3A74816127D2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
t15.baidu.com/it/u=916379908,4197649865&fm=224&app=112&f=JPEG?w=366&h=500
200 OK 42 kB URL HTTP/1.1 t15.baidu.com/it/u=916379908,4197649865&fm=224&app=112&f=JPEG?w=366&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 366x500, components 3\012- data
Hash c5a889f16b4e6e5fb93e4fcd17098afd
250dae6cf8e539e0a4935c3681bcb0e0552fa718
356dba708d3bd2b7718cc8197ec57a026f741a558c3c7a078d9243e45fae9591
GET /it/u=916379908,4197649865&fm=224&app=112&f=JPEG?w=366&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpeg
Content-Length: 41457
Connection: keep-alive
Expires: Sun, 05 Feb 2023 12:09:55 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: c5a889f16b4e6e5fb93e4fcd17098afd
Age: 991724
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 12:09:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache62 [4], bdix80 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 41457
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=3446940667,3804255645&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500
200 OK 29 kB URL HTTP/2 img2.baidu.com/it/u=3446940667,3804255645&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 389x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a42e4fba4f0604e36c23882a299fd4d8
7fd4c53d1d3d6096c4f5eecaf95d2509d33dd792
af195233c3e3227648a9d3cf2e812794708c5da0a6904da093330dc587819269
GET /it/u=3446940667,3804255645&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:49 GMT
content-type: image/webp
content-length: 28814
expires: Mon, 23 Jan 2023 21:53:54 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: a42e4fba4f0604e36c23882a299fd4d8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 21:53:54 GMT
ohc-cache-hit: nt2ct77 [1], czix229 [4]
ohc-file-size: 28814
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1210340101,250915746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
200 OK 31 kB URL HTTP/2 img1.baidu.com/it/u=1210340101,250915746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x753, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 772ab9824614001164e4e36990e945f9
17e9709e370369cc46de80cf424e0637a61fe578
1bb1b4fdeef06338082f310fe31143162ed2aed5d1fc40167109f02ac119773d
GET /it/u=1210340101,250915746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/webp
content-length: 30996
expires: Wed, 25 Jan 2023 18:22:47 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 772ab9824614001164e4e36990e945f9
age: 23653
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 18:22:47 GMT
ohc-cache-hit: dy2ct84 [4], csix84 [2]
ohc-file-size: 30996
x-cache-status: HIT
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/282062.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/282062.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/282062.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=920713756,3030466700&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
12445.url.tudown.com/uploads/images/534937.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/534937.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/534937.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=950698351,973756204&fm=224&app=112&f=JPEG?w=500&h=500
12445.url.tudown.com/uploads/images/442181.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/442181.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/442181.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=439424700,3923380268&fm=253&app=120&f=JPEG?w=1280&h=800
12445.url.tudown.com/uploads/images/656731.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/656731.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/656731.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=690556163,446736433&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=3738131743,2497319802&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=3738131743,2497319802&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x667, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1602e0d72b4e23bc8d34f7e51d9fe31e
73e4a65840ccd87557424dcd1095522a56d5eb41
d46cd537c18f72bfed3af1c365cea174903b177103c563e8bde3dd5252b3548a
GET /it/u=3738131743,2497319802&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:49 GMT
content-type: image/webp
content-length: 19106
expires: Tue, 07 Feb 2023 12:45:08 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1602e0d72b4e23bc8d34f7e51d9fe31e
age: 41538
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 12:45:08 GMT
ohc-cache-hit: dy2ct114 [2], csix114 [4]
ohc-file-size: 19106
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=690556163,446736433&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 42 kB URL HTTP/1.1 t15.baidu.com/it/u=690556163,446736433&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5ca6ca0a7bde13839164e9d0446233dc
4f4b90c535926f4943c188b03f34da11857c2f6e
a4d94b9ab8d813996a29db5589f0011da6249fdc3af3c9e34d03b8cc570347ce
GET /it/u=690556163,446736433&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpeg
Content-Length: 41943
Connection: keep-alive
Expires: Tue, 07 Feb 2023 12:10:33 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 5ca6ca0a7bde13839164e9d0446233dc
Age: 991679
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 12:10:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache52 [4], xiangyix126 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 41943
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=1492198769,2651086744&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 258 kB URL HTTP/1.1 img1.baidu.com/it/u=1492198769,2651086744&fm=253&app=120&f=JPEG?w=1422&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 258 kB (257688 bytes)
Hash 3d0618d764d97677f52818c4d191397d
d0d7a6a17d86f0d83c5c6d15edfaa0771c476c1a
052c88f3551cc41124dcfc752f2c8251321f19222532c4b0212ee2a94a111a30
GET /it/u=1492198769,2651086744&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:48 GMT
Content-Type: image/jpeg
Content-Length: 257688
Connection: keep-alive
Expires: Wed, 25 Jan 2023 08:06:19 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 3d0618d764d97677f52818c4d191397d
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 08:06:19 GMT
Ohc-Cache-HIT: dy2ct101 [2], xiangyix101 [4]
Ohc-File-Size: 257688
X-Cache-Status: MISS
img0.baidu.com/it/u=4130083672,1719501657&fm=253&fmt=auto&app=138&f=GIF?w=500&h=749
200 OK 59 kB URL HTTP/2 img0.baidu.com/it/u=4130083672,1719501657&fm=253&fmt=auto&app=138&f=GIF?w=500&h=749
IP
ASN #139018 Henan Luoyang IDC
File type GIF image data, version 89a, 500 x 749\012- data
Hash 95b40e5b452b632e041ccbdc5959da6c
b44ba11a68fc5b9659046803fa8db9d064160c6a
5f667e642d27ee293e1410ed803a50863a302417f406c2d47e0258f0ee13f09c
GET /it/u=4130083672,1719501657&fm=253&fmt=auto&app=138&f=GIF?w=500&h=749 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/gif
content-length: 58597
expires: Fri, 03 Feb 2023 04:50:39 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 95b40e5b452b632e041ccbdc5959da6c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 04:50:39 GMT
ohc-cache-hit: ly4ct82 [1], wzix82 [4]
ohc-file-size: 58597
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3833384427,3791156626&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=499
200 OK 25 kB URL HTTP/2 img0.baidu.com/it/u=3833384427,3791156626&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=499
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 353x499, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6aa1fffefb61f98755ba38ddd3f4330e
f2ca93a0e58b5e47ea70f705f3ad9dc3dd5530e2
80b07d0dddbdbc6f26723decf92c0eaf6528f562d66be59b0267b3d85bd3be0c
GET /it/u=3833384427,3791156626&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=499 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:48 GMT
content-type: image/webp
content-length: 25308
expires: Tue, 31 Jan 2023 11:48:37 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 6aa1fffefb61f98755ba38ddd3f4330e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 11:48:37 GMT
ohc-cache-hit: ly4ct52 [1], csix52 [4]
ohc-file-size: 25308
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3489699970,2982914095&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=285
200 OK 13 kB URL HTTP/2 img0.baidu.com/it/u=3489699970,2982914095&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=285
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x285, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c11a717d9500447eb3f6bcb31ea7a71b
5f8a155704cd49dca1a72be9a4baf16888193e41
a179fe41d9127980943b08abed1f96d144e91711321c3f78830cc5f7200c16fd
GET /it/u=3489699970,2982914095&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=285 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:49 GMT
content-type: image/webp
content-length: 12676
expires: Wed, 01 Feb 2023 07:59:22 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: c11a717d9500447eb3f6bcb31ea7a71b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 07:59:22 GMT
ohc-cache-hit: ly4ct95 [1], wzix95 [4]
ohc-file-size: 12676
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2948680530,717460338&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
200 OK 8.9 kB URL HTTP/2 img0.baidu.com/it/u=2948680530,717460338&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0bc05a2c119c32ccb915b30c125692e8
fcc10e92219da785a366b276e81544a4a0f86f2a
d2e9ff5a9a9a96569bb7d9a2e95ebb69a2a0ab8fb977143f3c94d75149c7b706
GET /it/u=2948680530,717460338&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:49 GMT
content-type: image/webp
content-length: 8902
expires: Tue, 24 Jan 2023 11:08:31 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 0bc05a2c119c32ccb915b30c125692e8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 11:08:31 GMT
ohc-cache-hit: ly4ct96 [1], qdix153 [4]
ohc-file-size: 8902
x-cache-status: MISS
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/734049.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/734049.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/734049.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1215389927,3694096317&fm=224&app=112&f=JPEG?w=500&h=500
12445.url.tudown.com/uploads/images/807004.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/807004.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/807004.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3227887794,1820708213&fm=253&fmt=auto?w=120&h=80
t13.baidu.com/it/u=1215389927,3694096317&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 76 kB URL HTTP/1.1 t13.baidu.com/it/u=1215389927,3694096317&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 514c5b1d43b2ed66786a74eb7319b071
f4b593c4521b6bb5e642e95c49be4d23d4f13f81
487976cb85821d8b021515968329d6bd10e79f3a9cc29d16e910e00f2d7a686c
GET /it/u=1215389927,3694096317&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpeg
Content-Length: 75528
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:38:07 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 514c5b1d43b2ed66786a74eb7319b071
Age: 1066282
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:38:07 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache52 [1], wzix95 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 75528
X-Cache-Status: HIT
Timing-Allow-Origin: *
12445.url.tudown.com/uploads/images/19541.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/19541.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/19541.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1621467094,1761054907&fm=253&fmt=auto&app=138&f=JPEG?w=550&h=291
12445.url.tudown.com/uploads/images/149138.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/149138.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/149138.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2159049424,139160281&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=2159049424,139160281&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 38 kB URL HTTP/1.1 t15.baidu.com/it/u=2159049424,139160281&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 88a6f97096bf2e90228de2253ef08cc9
25d331b3e74486286466c722dd51d22de8d22d98
1e6aee18ac56eaeab286d19b40e7b11843e421a6916525cbb25c2e1fff58fff5
GET /it/u=2159049424,139160281&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpeg
Content-Length: 37571
Connection: keep-alive
Expires: Thu, 26 Jan 2023 09:38:08 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 88a6f97096bf2e90228de2253ef08cc9
Age: 2096216
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 27 Dec 2022 09:38:08 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache64 [4], xiangyix196 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 37571
X-Cache-Status: HIT
Timing-Allow-Origin: *
12445.url.tudown.com/uploads/images/100733.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/100733.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/100733.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=682934947,2015086619&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12445.url.tudown.com/uploads/images/176490.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/176490.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/176490.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=105074911,10318567&fm=253&app=120&f=JPEG?w=1280&h=800
img0.baidu.com/it/u=3227887794,1820708213&fm=253&fmt=auto?w=120&h=80
200 OK 3.9 kB URL HTTP/2 img0.baidu.com/it/u=3227887794,1820708213&fm=253&fmt=auto?w=120&h=80
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9daf8cc2736ed2be00a0c17bb0037127
231db1b0f0767eaa77196dc5e98254add6a4a3be
35f0588dd9143e9142eb7226e2447ea1fff0c82f01c91b34f0afe305adb9bca5
GET /it/u=3227887794,1820708213&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:49 GMT
content-type: image/webp
content-length: 3872
expires: Sat, 28 Jan 2023 11:48:41 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 9daf8cc2736ed2be00a0c17bb0037127
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 29 Dec 2022 11:48:41 GMT
ohc-cache-hit: ly4ct70 [1], xaix249 [4]
ohc-file-size: 3872
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=920713756,3030466700&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
200 OK 33 kB URL HTTP/2 img1.baidu.com/it/u=920713756,3030466700&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6a0bb460966c219cbee00d3b9aa23348
06b48b0e4f3177845616488417a9f2e09b727e5f
b457ac3933fd13a40804f07adc209c64f99e4a64bb85299611e913f33505d08c
GET /it/u=920713756,3030466700&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:49 GMT
content-type: image/webp
content-length: 32996
expires: Wed, 22 Feb 2023 03:11:45 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6a0bb460966c219cbee00d3b9aa23348
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:11:45 GMT
ohc-cache-hit: dy2ct51 [1], suzix157 [4]
ohc-file-size: 32996
x-cache-status: MISS
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/918268.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/918268.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/918268.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3245199588,2203678376&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12445.url.tudown.com/uploads/images/620319.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/620319.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/620319.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1969959000,3267391637&fm=253&fmt=auto&app=138&f=JPEG?w=398&h=500
img2.baidu.com/it/u=682934947,2015086619&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
200 OK 36 kB URL HTTP/2 img2.baidu.com/it/u=682934947,2015086619&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb5c3e1129d99e82fabc7b011da6894a
c3986f100ec7d943e78e4b7e9bf688f17f701cd0
f5377ed0c0f7462686cc05d0071753aadf5bbf190fa37c5a1430d8e8f953ae38
GET /it/u=682934947,2015086619&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 36372
expires: Sun, 05 Feb 2023 07:38:07 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: eb5c3e1129d99e82fabc7b011da6894a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 07:38:07 GMT
ohc-cache-hit: nt2ct54 [1], czix182 [4]
ohc-file-size: 36372
x-cache-status: MISS
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/307057.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/307057.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/307057.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1793377912,63440479&fm=253&fmt=auto?w=1280&h=800
12445.url.tudown.com/uploads/images/268190.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/268190.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/268190.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3885490298,2374491910&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
img1.baidu.com/it/u=439424700,3923380268&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 96 kB URL HTTP/1.1 img1.baidu.com/it/u=439424700,3923380268&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 9c14ee8b084c207716793cabd6976918
a168e27133033a9c0a04bbc938f5cbcf27869155
e1d144b62a9692846e1c12eb94ffa6c487dafbae68a9f1cdeddbc91b5827cd43
GET /it/u=439424700,3923380268&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:49 GMT
Content-Type: image/jpeg
Content-Length: 96391
Connection: keep-alive
Expires: Sat, 04 Feb 2023 14:08:05 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 9c14ee8b084c207716793cabd6976918
Age: 162531
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 14:08:05 GMT
Ohc-Cache-HIT: dy2ct96 [4], suzix239 [4]
Ohc-File-Size: 96391
X-Cache-Status: HIT
12445.url.tudown.com/uploads/images/333938.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/333938.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/333938.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3948023687,1486383203&fm=253&app=120&f=JPEG?w=1280&h=800
12445.url.tudown.com/uploads/images/108819.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/108819.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/108819.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3162161121,558332235&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=465
img1.baidu.com/it/u=1621467094,1761054907&fm=253&fmt=auto&app=138&f=JPEG?w=550&h=291
200 OK 16 kB URL HTTP/2 img1.baidu.com/it/u=1621467094,1761054907&fm=253&fmt=auto&app=138&f=JPEG?w=550&h=291
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 550x291, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d245afa903412e64aa5022c3ee65d119
a7c75564f6f37f4cce865f530c9434da4641bd3e
e2e1e2b9cedf3247b8f927ccbec699afc2279c6150354cb133893a55c2a80669
GET /it/u=1621467094,1761054907&fm=253&fmt=auto&app=138&f=JPEG?w=550&h=291 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 16020
expires: Wed, 22 Feb 2023 03:49:25 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d245afa903412e64aa5022c3ee65d119
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:49:25 GMT
ohc-cache-hit: dy2ct88 [1], czix219 [4]
ohc-file-size: 16020
x-cache-status: MISS
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/345993.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/345993.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/345993.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4036950536,4079427105&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
img2.baidu.com/it/u=1969959000,3267391637&fm=253&fmt=auto&app=138&f=JPEG?w=398&h=500
200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=1969959000,3267391637&fm=253&fmt=auto&app=138&f=JPEG?w=398&h=500
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 398x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad59f4f4120e515768164985a4cb58d3
f57e36cf8ed138af6df322161276368372d41a96
0c04a095ae25c4b864f1afb5cd7bf3fa13be490f27b5974eaad5d6603c91b670
GET /it/u=1969959000,3267391637&fm=253&fmt=auto&app=138&f=JPEG?w=398&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 19934
expires: Sun, 29 Jan 2023 13:17:07 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: ad59f4f4120e515768164985a4cb58d3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 13:17:07 GMT
ohc-cache-hit: nt2ct71 [1], csix71 [4]
ohc-file-size: 19934
x-cache-status: MISS
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/385673.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/385673.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/385673.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3442070128,3159426655&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=3442070128,3159426655&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 52 kB URL HTTP/1.1 t13.baidu.com/it/u=3442070128,3159426655&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 8d013cdb4e5239d78fd5832fe4aff951
a1f1e950bbe48fecd929a2dd8b0fd6336634f7e8
030941433e1f588b73eba448354d5a41e252bf3d4935adffa2386f20f24f0003
GET /it/u=3442070128,3159426655&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpeg
Content-Length: 52126
Connection: keep-alive
Expires: Thu, 02 Feb 2023 02:35:49 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 8d013cdb4e5239d78fd5832fe4aff951
Age: 993921
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 02:35:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache60 [1], csix60 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 52126
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=950698351,973756204&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 58 kB URL HTTP/1.1 t14.baidu.com/it/u=950698351,973756204&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash bb3bdf63df51f6e39bd2975fd6939a94
acb14e1cfd586684027acad7bc0bd751d5c12a55
41087038dbf1149cc8dc0d3269851f7b5a6909786c93ee3d489ccb403cbf640c
GET /it/u=950698351,973756204&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpeg
Content-Length: 57686
Connection: keep-alive
Expires: Tue, 07 Feb 2023 01:40:59 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: bb3bdf63df51f6e39bd2975fd6939a94
Age: 1214659
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 01:40:58 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache64 [1], xiangyix103 [4]
Ohc-Response-Time: 1 0 0 0 0 1
Ohc-File-Size: 57686
X-Cache-Status: HIT
Timing-Allow-Origin: *
12445.url.tudown.com/uploads/images/747027.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/747027.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/747027.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=136147170,3099605643&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=167
12445.url.tudown.com/uploads/images/69828.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/69828.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/69828.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1801752014,1226642322&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=729
img1.baidu.com/it/u=3245199588,2203678376&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
200 OK 169 kB URL HTTP/2 img1.baidu.com/it/u=3245199588,2203678376&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 169 kB (169248 bytes)
Hash 73e1585e5b466e164884416a591e19df
850ef35db0dee44fb574aff2fd57b3ad21c4d48b
1fc4e79fc7375abc9f80b058acd41514abcf0c5b73366ad5c02e5ea2a9c809b4
GET /it/u=3245199588,2203678376&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 169248
expires: Mon, 20 Feb 2023 12:47:58 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 73e1585e5b466e164884416a591e19df
age: 23673
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 12:47:58 GMT
ohc-cache-hit: dy2ct51 [4], czix51 [2]
ohc-file-size: 169248
x-cache-status: HIT
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/332116.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/332116.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/332116.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3449291156,578418024&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
img1.baidu.com/it/u=3885490298,2374491910&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=3885490298,2374491910&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 375x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 74a4f52ef3c31f2d5f2e2942ee4cdb81
1cade4b096e38046fc0be72f354756e2f9e1abb8
e2bd406afe4499222aec6a8d990f5994bc745d0bd13427ea6090a0efe3be0ba5
GET /it/u=3885490298,2374491910&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 27222
expires: Mon, 13 Feb 2023 07:21:14 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 74a4f52ef3c31f2d5f2e2942ee4cdb81
age: 82332
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 14 Jan 2023 07:21:14 GMT
ohc-cache-hit: dy2ct77 [4], xiangyix77 [4]
ohc-file-size: 27222
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3162161121,558332235&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=465
200 OK 12 kB URL HTTP/2 img0.baidu.com/it/u=3162161121,558332235&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=465
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x465, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b87edffa5a5b85c17ed1cf777ff8e64a
4f0a999ddaa8e74b94f92b37b2b53d57ece33dbb
69636180ac92926eac3bd7ae249002d245aaed2a92f5f076faa003c0d55a0079
GET /it/u=3162161121,558332235&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=465 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 11746
expires: Sat, 18 Feb 2023 10:27:42 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: b87edffa5a5b85c17ed1cf777ff8e64a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 10:27:42 GMT
ohc-cache-hit: ly4ct80 [1], suzix242 [4]
ohc-file-size: 11746
x-cache-status: MISS
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/logo.png?n=42zlhzmns7syzfxfw6s6nnuc42ljtzu4rhuztehfqwwold5y&w=250
200 OK 3.8 kB URL HTTP/1.1 12445.url.tudown.com/uploads/images/logo.png?n=42zlhzmns7syzfxfw6s6nnuc42ljtzu4rhuztehfqwwold5y&w=250
IP
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash d67328796c30ec3ad3456dda3fdbe2fe
563d2b81e4a2ad8203fc1bb58de717b41a004a9e
851fe55d65c0ccfddb282ac32b89b5871e579feb991a52cb58ef65929cd84ac7
GET /uploads/images/logo.png?n=42zlhzmns7syzfxfw6s6nnuc42ljtzu4rhuztehfqwwold5y&w=250 HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12445.url.tudown.com/uploads/images/285768.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/285768.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/285768.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2938935853,1624677443&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=499
12445.url.tudown.com/uploads/images/988240.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/988240.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/988240.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=870260011,167537644&fm=224&app=112&f=JPEG?w=500&h=500&s=EDE0A0565103F6E51B99C1CF0300E0A2
img1.baidu.com/it/u=4036950536,4079427105&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
200 OK 24 kB URL HTTP/2 img1.baidu.com/it/u=4036950536,4079427105&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 668x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b3254ee15f7cdc8561cc6b61064f2e72
65ec2ae0c768a8094336cb399b7dc8ac22a5a43b
ac44c0bc93e3eb871cc90a1158957e81f4d6041d63764cd50db1f8e570d61b93
GET /it/u=4036950536,4079427105&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 23996
expires: Fri, 27 Jan 2023 04:36:39 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: b3254ee15f7cdc8561cc6b61064f2e72
age: 127520
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 04:36:39 GMT
ohc-cache-hit: dy2ct77 [4], xiangyix77 [4]
ohc-file-size: 23996
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=870260011,167537644&fm=224&app=112&f=JPEG?w=500&h=500&s=EDE0A0565103F6E51B99C1CF0300E0A2
200 OK 52 kB URL HTTP/1.1 t15.baidu.com/it/u=870260011,167537644&fm=224&app=112&f=JPEG?w=500&h=500&s=EDE0A0565103F6E51B99C1CF0300E0A2
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a765867f3fc51a1648034d6f9b76eb0d
bfb079b86c23e0f50d10de1e3632d3828c3305f5
6e041c5e433b3550d76ed9e2701398bb3ce2d7bbbf613ec8b852ec64707b03ab
GET /it/u=870260011,167537644&fm=224&app=112&f=JPEG?w=500&h=500&s=EDE0A0565103F6E51B99C1CF0300E0A2 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpeg
Content-Length: 51767
Connection: keep-alive
Expires: Mon, 30 Jan 2023 14:18:33 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: a765867f3fc51a1648034d6f9b76eb0d
Age: 993796
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 31 Dec 2022 14:18:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache59 [4], qdix59 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51767
X-Cache-Status: HIT
Timing-Allow-Origin: *
12445.url.tudown.com/uploads/images/881375.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/881375.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/881375.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2763604153,2995775193&fm=253&app=120&f=JPEG?w=1422&h=800
12445.url.tudown.com/uploads/images/791415.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/791415.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/791415.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1378905971,536433013&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=620
img1.baidu.com/it/u=136147170,3099605643&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=167
200 OK 3.5 kB URL HTTP/2 img1.baidu.com/it/u=136147170,3099605643&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=167
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x167, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 294740bf5dd76de83493dfa33d639434
c51feb85cde264690226fa45451f75b3b06fe737
884881f990e4816927e90faad473d2d0591adfb5ff17b41a51bab769d096b545
GET /it/u=136147170,3099605643&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=167 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 3508
expires: Wed, 25 Jan 2023 07:43:06 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 294740bf5dd76de83493dfa33d639434
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 07:43:06 GMT
ohc-cache-hit: dy2ct65 [1], xiangyix145 [2]
ohc-file-size: 3508
x-cache-status: MISS
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/75758.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/75758.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/75758.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3251279405,19640002&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=763
img2.baidu.com/it/u=3449291156,578418024&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
200 OK 48 kB URL HTTP/2 img2.baidu.com/it/u=3449291156,578418024&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x888, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0398d3793f9b5d72bcd5811a9acae0e3
84d412e48e2daefdcb9a183bb0ac6fa4eed497ff
22c32117fe4ab424aa18d1a56f10810b848009b8e149f9c37c036b95ed2f35bb
GET /it/u=3449291156,578418024&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 47718
expires: Tue, 21 Feb 2023 03:00:25 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0398d3793f9b5d72bcd5811a9acae0e3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:00:25 GMT
ohc-cache-hit: nt2ct73 [1], qdix73 [2]
ohc-file-size: 47718
x-cache-status: MISS
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/716862.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/716862.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/716862.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3645742325,2566150188&fm=253&app=138&f=JPEG?w=500&h=800
img0.baidu.com/it/u=1801752014,1226642322&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=729
200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=1801752014,1226642322&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=729
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x729, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ef23b7dc4cf29c61e6e5099131680242
0051f5158a29eabee124e0057530a37caa1395e9
562c22b0ccdba7743391460162144e1e230ba9247303fd9f225cac3383b4d8b1
GET /it/u=1801752014,1226642322&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=729 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 22844
expires: Wed, 22 Feb 2023 09:12:50 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: ef23b7dc4cf29c61e6e5099131680242
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 09:12:50 GMT
ohc-cache-hit: ly4ct56 [2], qdix225 [2]
ohc-file-size: 22844
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3948023687,1486383203&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 94 kB URL HTTP/1.1 img2.baidu.com/it/u=3948023687,1486383203&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash fc3eb42bd05ca7a69eacef88b946fd89
59991574783de214fbd3e7821dce8f3b3940a1da
461e710c9bfaebf71a87dcbdad22c6b98b4a189123660f0aff0b002fb7ae2570
GET /it/u=3948023687,1486383203&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpeg
Content-Length: 94192
Connection: keep-alive
Expires: Sun, 05 Feb 2023 20:21:08 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: fc3eb42bd05ca7a69eacef88b946fd89
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 20:21:08 GMT
Ohc-Cache-HIT: nt2ct57 [1], suzix57 [4]
Ohc-File-Size: 94192
X-Cache-Status: MISS
12445.url.tudown.com/uploads/images/729017.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/729017.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/729017.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=290977786,1564393750&fm=224&app=112&f=JPEG?w=500&h=500
12445.url.tudown.com/uploads/images/364911.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/364911.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/364911.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2506204373,626794487&fm=253&fmt=auto&app=138&f=JPEG?w=330&h=500
img2.baidu.com/it/u=2938935853,1624677443&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=499
200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=2938935853,1624677443&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=499
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x499, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6afef5fb050ed1865695ea10bceb6481
f0e7c22eed25968e7a49e113ea425fd421a61269
329a8b41361d10c41947a8750f62cd74deb42ad42f163709330d4c41e48fedec
GET /it/u=2938935853,1624677443&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=499 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 13050
expires: Tue, 21 Feb 2023 06:26:40 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6afef5fb050ed1865695ea10bceb6481
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 06:26:40 GMT
ohc-cache-hit: nt2ct75 [1], xaix122 [2]
ohc-file-size: 13050
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=290977786,1564393750&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 36 kB URL HTTP/1.1 t14.baidu.com/it/u=290977786,1564393750&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6492c666741fa76a806094f7555cc14a
a16cfaefe7277d27d726ef1e41b7ad8bff524417
960c05cb5fc5d533e6309cf0c5781e4c4108d2481d0bd09d2675d99a8f1636de
GET /it/u=290977786,1564393750&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpeg
Content-Length: 36214
Connection: keep-alive
Expires: Sat, 04 Feb 2023 16:31:19 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 6492c666741fa76a806094f7555cc14a
Age: 991538
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 16:31:19 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache65 [2], suzix201 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 36214
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=105074911,10318567&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 108 kB URL HTTP/1.1 img0.baidu.com/it/u=105074911,10318567&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 108 kB (108092 bytes)
Hash 378e3d4d9e56d2de3d202fe1cee0f9d5
62973cf0d80244329b3c72b7a1adcc91d5114fc5
8bd48a5eda5b3f2a4764b0a98c8db2d709278df9816182111f263c240de9621d
GET /it/u=105074911,10318567&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpeg
Content-Length: 108092
Connection: keep-alive
Expires: Tue, 07 Feb 2023 01:25:09 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 378e3d4d9e56d2de3d202fe1cee0f9d5
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 01:25:09 GMT
Ohc-Cache-HIT: ly4ct59 [1], csix59 [4]
Ohc-File-Size: 108092
X-Cache-Status: MISS
12445.url.tudown.com/uploads/images/273749.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/273749.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/273749.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1135095693,1401687570&fm=224&app=112&f=JPEG?w=500&h=500
12445.url.tudown.com/uploads/images/440718.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/440718.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/440718.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2025500998,4056845558&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=1378905971,536433013&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=620
200 OK 17 kB URL HTTP/1.1 img2.baidu.com/it/u=1378905971,536433013&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=620
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x620, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5bbb6e3b9f21f1a8d8bc6e85354b8e3f
d4a0ca35f6ba23c3f1c0efdcb72e0487ba3b77ee
d84445e89c504e8a607a4fff86868206a1b00a4a7b643db45bbc59e6e1fb06b1
GET /it/u=1378905971,536433013&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=620 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:50 GMT
Content-Type: image/webp
Content-Length: 17352
Connection: keep-alive
Expires: Tue, 07 Feb 2023 06:10:22 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 5bbb6e3b9f21f1a8d8bc6e85354b8e3f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 06:10:22 GMT
Ohc-Cache-HIT: yy2ct61 [1], xaix61 [4]
Ohc-File-Size: 17352
X-Cache-Status: MISS
img1.baidu.com/it/u=1793377912,63440479&fm=253&fmt=auto?w=1280&h=800
200 OK 90 kB URL HTTP/2 img1.baidu.com/it/u=1793377912,63440479&fm=253&fmt=auto?w=1280&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9501579d22fe9b50a9c5ed7336788b2b
f26113b9879524e45399ab6f60c4d2c4465ea844
f662dbf007c9a54576f0179e4532de5575f27345c8e82c146802ee4c8e980429
GET /it/u=1793377912,63440479&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:50 GMT
content-type: image/webp
content-length: 90416
expires: Wed, 22 Feb 2023 09:12:50 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 9501579d22fe9b50a9c5ed7336788b2b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 09:12:50 GMT
ohc-cache-hit: dy2ct86 [2], czix223 [4]
ohc-file-size: 90416
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=2025500998,4056845558&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 30 kB URL HTTP/1.1 t13.baidu.com/it/u=2025500998,4056845558&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 27a7c4f4826051e9edfb36fb9e92751f
b2f5702aecece973a3fbc5d7201a97d780e1599b
e94b7bc29a340611944eefafdcca1beaabf2ca2ab17f134e4bfc7c59bfa9be46
GET /it/u=2025500998,4056845558&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpeg
Content-Length: 29547
Connection: keep-alive
Expires: Sun, 05 Feb 2023 15:48:46 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 27a7c4f4826051e9edfb36fb9e92751f
Age: 975456
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 15:48:45 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache63 [4], csix63 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 29547
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1135095693,1401687570&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 41 kB URL HTTP/1.1 t14.baidu.com/it/u=1135095693,1401687570&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash dc0927ce387a9cf82b857d250fcc90c1
b43dcddad08181557ea54fd272be62ae8cdb0286
12f8f5473429a206e447e8b6270d2262064fa8ce9facaef31d733f029f6b60e4
GET /it/u=1135095693,1401687570&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpeg
Content-Length: 40625
Connection: keep-alive
Expires: Mon, 06 Feb 2023 17:47:49 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: dc0927ce387a9cf82b857d250fcc90c1
Age: 993985
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 17:47:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache55 [1], czix99 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 40625
X-Cache-Status: HIT
Timing-Allow-Origin: *
12445.url.tudown.com/uploads/images/150594.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/150594.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/150594.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3442839081,2652257968&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img1.baidu.com/it/u=3645742325,2566150188&fm=253&app=138&f=JPEG?w=500&h=800
200 OK 99 kB URL HTTP/1.1 img1.baidu.com/it/u=3645742325,2566150188&fm=253&app=138&f=JPEG?w=500&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x800, components 3\012- data
Hash 4f12a3fff1681b5e3c84032932418c0c
df82fde8f465f20839530ed0de88fdb98ea16ce5
c1cd5affe33e743a3d9ff98894c2c890916b217c025a9402519a77c924bd46da
GET /it/u=3645742325,2566150188&fm=253&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpeg
Content-Length: 98890
Connection: keep-alive
Expires: Wed, 25 Jan 2023 03:19:48 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 4f12a3fff1681b5e3c84032932418c0c
Age: 269134
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 03:19:48 GMT
Ohc-Cache-HIT: dy2ct71 [4], wzix71 [4]
Ohc-File-Size: 98890
X-Cache-Status: HIT
12445.url.tudown.com/uploads/images/50561.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/50561.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/50561.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2449717809,2557637581&fm=253&app=120&f=JPEG?w=1422&h=800
img1.baidu.com/it/u=2506204373,626794487&fm=253&fmt=auto&app=138&f=JPEG?w=330&h=500
200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=2506204373,626794487&fm=253&fmt=auto&app=138&f=JPEG?w=330&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 330x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f6a7892a9cae0be3bd78058e053be5e
9b89010fe42c01e970038bcbda06275a778d971d
270c70ae05ee28f811c4c972282b28a85b6542d8af2a3769765731f539cb0bdd
GET /it/u=2506204373,626794487&fm=253&fmt=auto&app=138&f=JPEG?w=330&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:51 GMT
content-type: image/webp
content-length: 16868
expires: Wed, 01 Feb 2023 02:17:46 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3f6a7892a9cae0be3bd78058e053be5e
age: 26416
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 02:17:46 GMT
ohc-cache-hit: dy2ct85 [4], csix85 [4]
ohc-file-size: 16868
x-cache-status: HIT
X-Firefox-Spdy: h2
12445.url.tudown.com/uploads/images/93883.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/93883.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/93883.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4151348079,3788955440&fm=224&app=112&f=JPEG?w=500&h=500
12445.url.tudown.com/uploads/images/390110.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/390110.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/390110.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=299966720,1767075567&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=317
t15.baidu.com/it/u=4151348079,3788955440&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 53 kB URL HTTP/1.1 t15.baidu.com/it/u=4151348079,3788955440&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash bf3f7a1fd6d64dff85413427fb5fdaaa
1530bab877dc7e675f8f95b414edd52be00cdd2f
e7e30504f299d3d84123134a840469a1bb3a588717ab457387fc4abdee05eb6e
GET /it/u=4151348079,3788955440&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpeg
Content-Length: 52615
Connection: keep-alive
Expires: Mon, 06 Feb 2023 09:49:51 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: bf3f7a1fd6d64dff85413427fb5fdaaa
Age: 1251547
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 09:49:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache63 [4], csix84 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 52615
X-Cache-Status: HIT
Timing-Allow-Origin: *
12445.url.tudown.com/uploads/images/540077.jpg
301 Moved Permanently 0 B URL HTTP/1.1 12445.url.tudown.com/uploads/images/540077.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/540077.jpg HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=868279176,3583611707&fm=253&fmt=auto?w=92&h=69
img1.baidu.com/it/u=3442839081,2652257968&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
200 OK 10 kB URL HTTP/2 img1.baidu.com/it/u=3442839081,2652257968&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7b495724f4d68750f4b8308d68ca592e
fcb3685a2df06bdba4c79a3fac3d8c4fbef5a305
edb1837ff8973386e62807c82051c3ba64646f986346c39fcb4cebb30c1c4b1c
GET /it/u=3442839081,2652257968&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:51 GMT
content-type: image/webp
content-length: 10014
expires: Mon, 20 Feb 2023 01:50:01 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 7b495724f4d68750f4b8308d68ca592e
age: 22026
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 01:50:01 GMT
ohc-cache-hit: dy2ct50 [4], suzix50 [4]
ohc-file-size: 10014
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2449717809,2557637581&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 53 kB URL HTTP/1.1 img0.baidu.com/it/u=2449717809,2557637581&fm=253&app=120&f=JPEG?w=1422&h=800
IP
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Hash c0e8e88eac50ef316b5cdedd10550abf
8e074438746b0bf66a77b1ca693427e8e974780a
c00bbfc9a774b59e02b3c565813a242fccc7ffe03241fcf144b55f94538aab05
GET /it/u=2449717809,2557637581&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpeg
Content-Length: 53274
Connection: keep-alive
Expires: Fri, 03 Feb 2023 09:02:52 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: c0e8e88eac50ef316b5cdedd10550abf
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 09:02:52 GMT
Ohc-Cache-HIT: ly4ct64 [1], qdix162 [2]
Ohc-File-Size: 53274
X-Cache-Status: MISS
img1.baidu.com/it/u=299966720,1767075567&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=317
200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=299966720,1767075567&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=317
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 224x317, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d65f515f81e7ccb204f6b831a234c39b
f758e5ed65570a868a4dfa7aaf07cbecde6976d6
d2dfbd52567de959c2ac0926105708fa5febb8512f9a588574a2621bd31ba69e
GET /it/u=299966720,1767075567&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=317 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:51 GMT
content-type: image/webp
content-length: 15406
expires: Tue, 21 Feb 2023 11:10:41 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: d65f515f81e7ccb204f6b831a234c39b
age: 26012
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 11:10:41 GMT
ohc-cache-hit: dy2ct71 [4], suzix205 [4]
ohc-file-size: 15406
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3251279405,19640002&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=763
200 OK 44 kB URL HTTP/2 img2.baidu.com/it/u=3251279405,19640002&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=763
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x763, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aa264d97d700b3e0c58dc43e44bd74ba
5644259203c7fff6bd2db0643bb0173beba12e60
42883d19d16363a01354e0678d9b3403cfb236e0362ff7e3b6414fb2733ddb54
GET /it/u=3251279405,19640002&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=763 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12445.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:12:51 GMT
content-type: image/webp
content-length: 43596
expires: Tue, 31 Jan 2023 10:06:50 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: aa264d97d700b3e0c58dc43e44bd74ba
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 10:06:50 GMT
ohc-cache-hit: nt2ct67 [1], csix104 [4]
ohc-file-size: 43596
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=868279176,3583611707&fm=253&fmt=auto?w=92&h=69
200 OK 918 B URL HTTP/1.1 img0.baidu.com/it/u=868279176,3583611707&fm=253&fmt=auto?w=92&h=69
IP
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 92x69, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fbd02960bdcabe24ac7b24345a9fe902
fe3417c1b3c0717ed53d7d9e1638a7cb7a5ddd18
5a0c6afb19e51237a910d6b30a28626fb37659cd77396bb19fd7df69080d3ae1
GET /it/u=868279176,3583611707&fm=253&fmt=auto?w=92&h=69 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/webp
Content-Length: 918
Connection: keep-alive
Expires: Tue, 24 Jan 2023 23:26:47 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: fbd02960bdcabe24ac7b24345a9fe902
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 25 Dec 2022 23:26:47 GMT
Ohc-Cache-HIT: ly4ct50 [1], xaix117 [4]
Ohc-File-Size: 918
X-Cache-Status: MISS
img0.baidu.com/it/u=2763604153,2995775193&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 157 kB URL HTTP/1.1 img0.baidu.com/it/u=2763604153,2995775193&fm=253&app=120&f=JPEG?w=1422&h=800
IP
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 157 kB (157100 bytes)
Hash 0b7b25e720b491140590aa232b40b8ea
099d83360bf39e03c0c8db09bc9758a76906891c
2392ddb150b16e597df28cf936f0d720670a8f60df79cdaf6cb61fc7f78b2dcc
GET /it/u=2763604153,2995775193&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12445.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:12:51 GMT
Content-Type: image/jpeg
Content-Length: 157100
Connection: keep-alive
Expires: Sat, 04 Feb 2023 13:37:59 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 0b7b25e720b491140590aa232b40b8ea
Age: 2589
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 13:37:59 GMT
Ohc-Cache-HIT: ly4ct97 [4], xaix201 [4]
Ohc-File-Size: 157100
X-Cache-Status: HIT
12445.url.tudown.com/favicon.ico
200 OK 0 B URL HTTP/1.1 12445.url.tudown.com/favicon.ico
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12445.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12445.url.tudown.com/down/%E6%B1%9F%E8%8B%8F%E5%9C%B0%E7%A8%8E%E7%BD%91%E4%B8%8A%E5%8A%9E%E7%A8%8E%E6%9C%8D%E5%8A%A1%E5%8E%85%E5%AE%A2%E6%88%B7%E7%AB%AF@271_216865.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674465168; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1674465168
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:12:52 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
200 OK 0 B URL HTTP/2 jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12445.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc01.lato;REVALIDATED from w-sc01.lato
date: Mon, 23 Jan 2023 09:05:22 GMT
cache-control: max-age=600
expires: Mon, 23 Jan 2023 09:15:09 GMT
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yB_bmu64hhbaUu8_FgmwNEeMFjuuKxHhDIdmkzC9XZbWdBi_gEZi4Q==
age: 458
X-Firefox-Spdy: h2
154.218.151.71
112.34.113.148
35.241.9.150
104.18.20.226
23.36.76.226
93.184.220.29