r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3382
Expires: Sat, 04 Feb 2023 09:46:41 GMT
Date: Sat, 04 Feb 2023 08:50:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20569
Expires: Sat, 04 Feb 2023 14:33:08 GMT
Date: Sat, 04 Feb 2023 08:50:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 08:43:37 GMT
content-type: application/json
age: 402
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18937
Expires: Sat, 04 Feb 2023 14:05:56 GMT
Date: Sat, 04 Feb 2023 08:50:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Td0APaIDW/cl2AIWay6b7qBw5tFJeOhAnnCdgyu6MaYPNP+Jt3xDO3fzzHWbaMQIBTx/i8zJuYb/eB8k/DbNQA==
x-amz-request-id: 6VYK1MDT962BNTS8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 07:52:45 GMT
age: 3454
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:50:19 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 08:49:07 GMT
age: 72
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
154.218.151.71200 OK 9.3 kB URL HTTP/1.1 12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1384)
Hash 97fbd5e100b876904eadffdf5a1939f8
f960e155bfdc6a602bd63f060c0615030cde2999
91de18ec27cbb65cb6ce3bfb94467e94848e58fd42ff000bceb555aa3e5b1605
Analyzer Verdict Alert fortinet Malware
GET /down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8747
Expires: Sat, 04 Feb 2023 11:16:06 GMT
Date: Sat, 04 Feb 2023 08:50:19 GMT
Connection: keep-alive
push.services.mozilla.com/
52.40.68.141101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.68.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UVs+JKMhisKE0VzDcd17gg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uGT1pAdYlja9UQVX5pXGBtTXtoQ=
12943.url.tudown.com/template/company/moban/js/push.js
154.218.151.71200 OK 281 B URL HTTP/1.1 12943.url.tudown.com/template/company/moban/js/push.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
Analyzer Verdict Alert fortinet Malware
GET /template/company/moban/js/push.js HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:20 GMT
Content-Type: application/javascript
Content-Length: 281
Last-Modified: Mon, 31 Oct 2022 07:24:37 GMT
Connection: keep-alive
ETag: "635f7835-119"
Expires: Sat, 04 Feb 2023 20:50:20 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12943.url.tudown.com/template/company/moban/index_files/common20200314.css
154.218.151.71200 OK 11 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/common20200314.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 45e7104994ba9d28a3840e7b57fe10db
8f3fa3c7e86d69b7f7d1d87cb88db05d369084ad
d7d57f9fd8ca7419fd1151643a1a11d1f947e0ce14409758536c5f78feb7a3a7
GET /template/company/moban/index_files/common20200314.css HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:20 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 07:11:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7511-b757"
Expires: Sat, 04 Feb 2023 20:50:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12943.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12943.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12943.url.tudown.com/template/company/moban/index_files/seo0327.css
154.218.151.71200 OK 625 B URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/seo0327.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 711032f9fe79a8a5ad4e93ef3b5d630a
592e0c0dfa651a9e71376ad3bbbc5cbd192c991c
c97203ea0db06a934f0ebc3c9e2796891215551df15abf9f12f0edf2a076ae5d
GET /template/company/moban/index_files/seo0327.css HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:20 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 07:11:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7515-59b"
Expires: Sat, 04 Feb 2023 20:50:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12943.url.tudown.com/template/company/moban/js/common200314.js
154.218.151.71200 OK 7.9 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/js/common200314.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (582), with CRLF line terminators
Hash c63394e2ec253720b14b63812f72fdc4
acd72fdd9431629de8334bcf14f2b3eaba8455f7
13eb4601f2369316cae59b5a826dbc359bf7761e503e3f9b2681c8db6db9a68b
Analyzer Verdict Alert fortinet Malware
GET /template/company/moban/js/common200314.js HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7885-70d5"
Expires: Sat, 04 Feb 2023 20:50:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12943.url.tudown.com/template/company/moban/js/hm.js
154.218.151.71200 OK 12 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/js/hm.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1075), with CRLF line terminators
Hash 5edaed7ef425da9212ba1892bd7da753
341e9f19f879261b7c47b3b988fee87aa028da9e
b0d03117ba938b859d9422c740dc2ce315c3d91b78ed6bcdd6e059a1aa0808e5
Analyzer Verdict Alert fortinet Malware
GET /template/company/moban/js/hm.js HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:24:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f784a-781d"
Expires: Sat, 04 Feb 2023 20:50:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12943.url.tudown.com/template/company/moban/js/jquery.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/js/jquery.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash b0e3a6733a542de9809c5d7db72f8040
91b6e610ee2a602873c1e2d0fbea7cfa5370b4f7
3970f3998e97d13c827a4043241bdec5797f55ed3ce12939226e62f63b19d4a7
Analyzer Verdict Alert fortinet Malware
GET /template/company/moban/js/jquery.js HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7873-ca4"
Expires: Sat, 04 Feb 2023 20:50:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12943.url.tudown.com/template/company/moban/js/jquery-1.js
154.218.151.71200 OK 38 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/js/jquery-1.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32038), with CRLF line terminators
Hash adbc5e76397fe7c0f17d0c2f86d22aca
d7ae0f7aad6555282106498db4573df817d1ea11
6e1a6d6592d35652998b135ec2dde01b5326006bf3199a633b2bbd768725a7e6
Analyzer Verdict Alert fortinet Malware
GET /template/company/moban/js/jquery-1.js HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f785f-176d8"
Expires: Sat, 04 Feb 2023 20:50:20 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae58d39edb7923f0dac8e7b20767f306
827e75323edf1548d2b898b96caaec9556893e3a
2c18f66718230665099bdc4a96dbed4e667ff233f9853aebd3e0802235c658d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C18F66718230665099BDC4A96DBED4E667FF233F9853AEBD3E0802235C658D8"
Last-Modified: Thu, 02 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15341
Expires: Sat, 04 Feb 2023 13:06:02 GMT
Date: Sat, 04 Feb 2023 08:50:21 GMT
Connection: keep-alive
api.share.baidu.com/s.gif?l=http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 08:50:21 GMT
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash fd85c457807ba420192d9fdb1e3b2e76
1309191996088c5e1bce3f6d5ca5b8ea2ff489ad
7d1c4dba2f7a95c9ec75b4f5abeb2b9d66abc8650424b896152f4d27fd3b4a8c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 06:27:25 GMT
ETag: "1309191996088c5e1bce3f6d5ca5b8ea2ff489ad"
Last-Modified: Sat, 04 Feb 2023 06:27:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2308
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794228833e0b0b61-OSL
12943.url.tudown.com/template/company/moban/index_files/searchbox_action.png
154.218.151.71200 OK 6.2 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/searchbox_action.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 60 x 60, 16-bit/color RGBA, non-interlaced\012- data
Hash 99e950348c1a490f8fe53e5c5b1b32a6
6f79160d4f4161f19ab2058d2480f156dd5ee408
d11a69c15618f1ed03351f4b41fb7bbdbcc6b4743a44c2dad6127eb5f7b45b06
GET /template/company/moban/index_files/searchbox_action.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675500655; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675500655
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/png
Content-Length: 6235
Last-Modified: Mon, 31 Oct 2022 07:11:37 GMT
Connection: keep-alive
ETag: "635f7529-185b"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2642
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:50:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2642
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:50:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2642
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:50:21 GMT
Connection: keep-alive
12943.url.tudown.com/uploads/images/877856.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/877856.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/877856.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=476894612,3215379042&fm=253&fmt=auto?w=92&h=69
12943.url.tudown.com/uploads/images/389755.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/389755.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/389755.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=332811771,3034992759&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=373
12943.url.tudown.com/uploads/images/393084.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/393084.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/393084.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2183584705,1121181810&fm=224&app=112&f=JPEG?w=500&h=500
12943.url.tudown.com/uploads/images/88215.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/88215.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/88215.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=342503178,1510675640&fm=224&app=112&f=JPEG?w=500&h=500
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 38700
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12943.url.tudown.com/uploads/images/113401.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/113401.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/113401.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3078980196,456124062&fm=253&app=120&f=JPEG?w=1280&h=800
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b9c67fbf2d207afec78eb14b95d7ec
c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8
42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:11:25 GMT
age: 38336
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41580a501cc07c328e6ab6b167a110dc
a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e
0fa45161e563101b3f1293f951a3edf84c88c9f3b29bed9b54f952ca325bf21d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7101
x-amzn-requestid: 479d8004-430a-45b9-99fa-11cbcc605a7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHxqoAMFaug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-25ac3c54427748bc191fd1ba;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1-NjCSeyrUAwvL2BDl1JXYK0WY0ze5FZz5-chZ6x2IEnDQBw9rEv6w==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:11:51 GMT
age: 38310
etag: "a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 9017
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45c6a062f8637e689819f505b019dc0e
61665688f1039c4fad848853a68e28d057718ad1
c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 38641
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12943.url.tudown.com/uploads/images/376569.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/376569.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/376569.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=938568396,839294173&fm=224&app=112&f=JPEG?w=500&h=500
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 38677
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12943.url.tudown.com/template/company/moban/images/icon_01.png
154.218.151.71200 OK 9.2 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/images/icon_01.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1384)
Hash 673e860077a75c52c00d635cddd15ed9
c3c729c00d0587bac6960e5918e3097eb8699cf1
b5f88f88cff32ad73627009afb93d33de46b154751b3fc1a70e5e2a37d91a60c
GET /template/company/moban/images/icon_01.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675500655; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675500655
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12943.url.tudown.com/template/company/moban/index_files/yyh.png
154.218.151.71200 OK 3.3 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/yyh.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ff16370de7effacbc2dad368909f4ce9
6797aa73900e37841cd8f26d20afbbce76ed2bd4
18d1ff6e85efd537b99aae82df385b44b02f9699df6ee5d4295069034fdfd4f0
GET /template/company/moban/index_files/yyh.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/png
Content-Length: 3307
Last-Modified: Mon, 31 Oct 2022 07:11:41 GMT
Connection: keep-alive
ETag: "635f752d-ceb"
Accept-Ranges: bytes
12943.url.tudown.com/template/company/moban/index_files/close_black.png
154.218.151.71200 OK 9.1 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/close_black.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 840 x 832, 8-bit/color RGBA, non-interlaced\012- data
Hash 61258db0845df63b5aef5e137b425ba7
00be51fff891b55e1b0e0ed5972b9c0c12b182b5
f65333f53a9c02d89ba24e8679788371f8076f5be618a44cddfa314cb14521e1
GET /template/company/moban/index_files/close_black.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/png
Content-Length: 9098
Last-Modified: Mon, 31 Oct 2022 07:11:30 GMT
Connection: keep-alive
ETag: "635f7522-238a"
Accept-Ranges: bytes
12943.url.tudown.com/template/company/moban/index_files/logo2.png
154.218.151.71200 OK 5.7 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/logo2.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 172 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c00109aa99d34615f91984307d2d4de
3bde4746cc37110bccb5766f077002da9c251582
80b083f9300489095112b79c8af03547db4eaede2ba43ff6ac4b828e2428fc9d
GET /template/company/moban/index_files/logo2.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/png
Content-Length: 5697
Last-Modified: Mon, 31 Oct 2022 07:11:36 GMT
Connection: keep-alive
ETag: "635f7528-1641"
Accept-Ranges: bytes
12943.url.tudown.com/template/company/moban/index_files/icon_03.png
154.218.151.71200 OK 3.2 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/icon_03.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 26cf006988edd9c4eb048a12f20d8f12
f5875a0dfadf0b2d7ba040de986d3e92ec4f2992
87510ec460049035d8d4bdd190024b2f297df37e1fd36f5eb122cc12737cbc23
GET /template/company/moban/index_files/icon_03.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/png
Content-Length: 3164
Last-Modified: Mon, 31 Oct 2022 07:11:32 GMT
Connection: keep-alive
ETag: "635f7524-c5c"
Accept-Ranges: bytes
12943.url.tudown.com/template/company/moban/images/icon_06.png
154.218.151.71200 OK 9.1 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/images/icon_06.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1392)
Hash eac9ec6b65251418eae66825dc885bd9
c36cc863b39a7bbbe3181c5fe8f8c10a9e0a4b95
b3b8d591b1c5090979586d1d20b963b41a2a609e722dfb55feafa4529a7166a3
GET /template/company/moban/images/icon_06.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675500655; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675500655
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12943.url.tudown.com/uploads/images/960688.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/960688.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/960688.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1581939163,83077957&fm=224&app=112&f=JPEG?w=500&h=500
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1570329010&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=32845&r=0&ww=1280&ct=!!&u=http%3A%2F%2F12943.url.tudown.com%2Fdown%2F%25E4%25B8%2580%25E8%25B7%25AF%25E5%2590%2591%25E8%25A5%25BF2%25E4%25B9%258B%25E6%25B3%25B0%25E8%25A5%25BF%25E9%25AB%2598%25E6%25B8%2585%40439_2.exe&tt=%E4%B9%9D%E6%B8%B8%E7%99%BE%E5%AE%B6%E4%B9%90-APP%E6%96%B0%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BDV9564.79858_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1570329010&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=32845&r=0&ww=1280&ct=!!&u=http%3A%2F%2F12943.url.tudown.com%2Fdown%2F%25E4%25B8%2580%25E8%25B7%25AF%25E5%2590%2591%25E8%25A5%25BF2%25E4%25B9%258B%25E6%25B3%25B0%25E8%25A5%25BF%25E9%25AB%2598%25E6%25B8%2585%40439_2.exe&tt=%E4%B9%9D%E6%B8%B8%E7%99%BE%E5%AE%B6%E4%B9%90-APP%E6%96%B0%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BDV9564.79858_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1570329010&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=32845&r=0&ww=1280&ct=!!&u=http%3A%2F%2F12943.url.tudown.com%2Fdown%2F%25E4%25B8%2580%25E8%25B7%25AF%25E5%2590%2591%25E8%25A5%25BF2%25E4%25B9%258B%25E6%25B3%25B0%25E8%25A5%25BF%25E9%25AB%2598%25E6%25B8%2585%40439_2.exe&tt=%E4%B9%9D%E6%B8%B8%E7%99%BE%E5%AE%B6%E4%B9%90-APP%E6%96%B0%E7%89%88%E6%9C%AC%E4%B8%8B%E8%BD%BDV9564.79858_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12943.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 08:50:21 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5C409B238030EA49; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
12943.url.tudown.com/template/company/moban/index_files/icon_04.png
154.218.151.71200 OK 3.0 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/icon_04.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cfb3c0eccae9226e14ecc2f1642b6f35
b2b6497c7b8441cf2562ec555ed6a5465aacd8d9
44058ef0ee0a2252592665923108686538ac74c78ef05131fb47b455d562965d
GET /template/company/moban/index_files/icon_04.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/png
Content-Length: 3044
Last-Modified: Mon, 31 Oct 2022 07:11:34 GMT
Connection: keep-alive
ETag: "635f7526-be4"
Accept-Ranges: bytes
12943.url.tudown.com/uploads/images/963260.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/963260.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/963260.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=900002227,4151049068&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12943.url.tudown.com/uploads/images/736177.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/736177.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/736177.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=984940640,2782096788&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=675
t14.baidu.com/it/u=1581939163,83077957&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 61 kB URL HTTP/1.1 t14.baidu.com/it/u=1581939163,83077957&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b7e8f40a74e3f98e4009e5c6f2796f78
b2159b8ed5a1c085ac11894e307bd761439f9efa
c93890137aeada53f2411a2ff5f3b10e6ed13d521ba3a604bbe6726e03f840ed
GET /it/u=1581939163,83077957&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpeg
Content-Length: 60883
Connection: keep-alive
Expires: Mon, 06 Feb 2023 19:03:45 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: b7e8f40a74e3f98e4009e5c6f2796f78
Age: 2028888
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 19:03:45 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache51 [4], qdix104 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 60883
X-Cache-Status: HIT
Timing-Allow-Origin: *
12943.url.tudown.com/uploads/images/142241.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/142241.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/142241.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3127276520,752644471&fm=253&app=120&f=JPEG?w=1280&h=800
t14.baidu.com/it/u=2183584705,1121181810&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t14.baidu.com/it/u=2183584705,1121181810&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d00d492991d1441a92f47385170a40b2
5ace5da12121123af229b655bc22285c979b94fd
8c47f00cd96000107dea275a8ea48a939289748d88fa57de5f0a8e8f608c0080
GET /it/u=2183584705,1121181810&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpeg
Content-Length: 43949
Connection: keep-alive
Expires: Wed, 15 Feb 2023 15:39:40 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: d00d492991d1441a92f47385170a40b2
Age: 1581472
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 15:39:40 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache51 [4], suzix69 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43949
X-Cache-Status: HIT
Timing-Allow-Origin: *
12943.url.tudown.com/uploads/images/883237.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/883237.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/883237.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1380837969,43607267&fm=253&fmt=auto?w=500&h=889
12943.url.tudown.com/uploads/images/768936.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/768936.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/768936.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2932659316,1391318906&fm=253&fmt=auto&app=138&f=JPEG?w=264&h=500
12943.url.tudown.com/uploads/images/95612.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/95612.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/95612.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=939886621,4043647233&fm=253&app=120&f=JPEG?w=1280&h=800
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 08:50:22 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 08:50:22 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=CF5E24451F2D2AC2C8216C116A809C3F:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 08:50:22 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
t15.baidu.com/it/u=342503178,1510675640&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 9.9 kB URL HTTP/1.1 t15.baidu.com/it/u=342503178,1510675640&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 73dd0201f4cc8546b0c23324f69ef30b
0c9e5b1a1a7631023509730f8ea49d4089f6a448
6088cad47c1503966d5b9419c3a6026143f7073f9df9a469460b628b51a62859
GET /it/u=342503178,1510675640&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpeg
Content-Length: 9897
Connection: keep-alive
Expires: Sun, 26 Feb 2023 18:28:04 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 73dd0201f4cc8546b0c23324f69ef30b
Age: 360518
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 27 Jan 2023 18:28:04 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache62 [1], xiangyix152 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 9897
X-Cache-Status: HIT
Timing-Allow-Origin: *
12943.url.tudown.com/uploads/images/482521.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/482521.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/482521.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1644546782,1479509311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=645
12943.url.tudown.com/uploads/images/931187.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/931187.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/931187.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1264652813,2208244790&fm=253&fmt=auto&app=138&f=JPEG?w=647&h=500
t13.baidu.com/it/u=938568396,839294173&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 66 kB URL HTTP/1.1 t13.baidu.com/it/u=938568396,839294173&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9297853e54980622d96d3065a6806b28
3a9f1b2257e004af0c26ccedfbc46b57c0885dc2
e3cf47dc559384291332789d6adb216b5c08f38673012e4560f6d2c55a8db12d
GET /it/u=938568396,839294173&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpeg
Content-Length: 66174
Connection: keep-alive
Expires: Sat, 11 Feb 2023 15:45:14 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 9297853e54980622d96d3065a6806b28
Age: 1863624
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 15:45:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache64 [1], czix156 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 66174
X-Cache-Status: HIT
Timing-Allow-Origin: *
api.share.baidu.com/s.gif?l=http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
182.61.240.101200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 08:50:22 GMT
12943.url.tudown.com/uploads/images/407670.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/407670.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/407670.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1768561356,2151276915&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img1.baidu.com/it/u=1644546782,1479509311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=645
14.29.98.35200 OK 23 kB URL HTTP/1.1 img1.baidu.com/it/u=1644546782,1479509311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=645
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x645, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 570c767724565248d27452493192e00d
4198bd615b74cd94a307e932c87f9deb817c7846
254f91aa0be92e57b338926c5d3a68ae7850f97ce5eb99c352731598c6dde372
GET /it/u=1644546782,1479509311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=645 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/webp
Content-Length: 23208
Connection: keep-alive
Expires: Thu, 23 Feb 2023 11:20:08 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 570c767724565248d27452493192e00d
Age: 793970
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 11:20:08 GMT
Ohc-Cache-HIT: gz3ct61 [4], wzix86 [4]
Ohc-File-Size: 23208
X-Cache-Status: HIT
12943.url.tudown.com/uploads/images/273414.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/273414.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/273414.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=539419318,1684263296&fm=224&app=112&f=JPEG?w=500&h=500
12943.url.tudown.com/uploads/images/418230.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/418230.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/418230.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=4088073635,1939663382&fm=224&app=112&f=JPEG?w=500&h=500
12943.url.tudown.com/uploads/images/198630.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/198630.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/198630.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3511165921,1459017156&fm=253&fmt=auto&app=138&f=GIF?w=500&h=346
img1.baidu.com/it/u=3078980196,456124062&fm=253&app=120&f=JPEG?w=1280&h=800
14.29.98.35200 OK 79 kB URL HTTP/1.1 img1.baidu.com/it/u=3078980196,456124062&fm=253&app=120&f=JPEG?w=1280&h=800
IP 14.29.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 537ff3e238d56644baf64a489b997036
b1132c494f0c1570c9fd5e803e99f6f0ac31113c
f43d039a76c227967dd27ed0a737a1f0de26fd469fe58e71f5459f26110b5425
GET /it/u=3078980196,456124062&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpeg
Content-Length: 79031
Connection: keep-alive
Expires: Mon, 06 Mar 2023 08:50:22 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 537ff3e238d56644baf64a489b997036
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 08:50:22 GMT
Ohc-Cache-HIT: gz3ct57 [2], suzix198 [4]
Ohc-File-Size: 79031
X-Cache-Status: MISS
t14.baidu.com/it/u=4088073635,1939663382&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 43 kB URL HTTP/1.1 t14.baidu.com/it/u=4088073635,1939663382&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e93ebd9db5c4b32e653b2174ad5054a9
6c8b5a15559e1b2e811eee7732def816035ca66a
187f563ee6afc53f08fef4e7bb911c979edbe7fce305f8640920685209f60b4a
GET /it/u=4088073635,1939663382&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpeg
Content-Length: 42654
Connection: keep-alive
Expires: Mon, 06 Feb 2023 17:19:52 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e93ebd9db5c4b32e653b2174ad5054a9
Age: 2340241
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 17:19:52 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache64 [1], qdix64 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 42654
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=332811771,3034992759&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=373
14.29.98.35200 OK 28 kB URL HTTP/2 img0.baidu.com/it/u=332811771,3034992759&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=373
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 499x373, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a439a85f0a5e3c74c350e2ba890f78d7
e4db109ff183ef4b10f9c741feae3e6f40a62a04
4ed7d2ebec8ed3116b6a9b5c6ff87df59115855ed32861311dd863ee42f343be
GET /it/u=332811771,3034992759&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=373 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:22 GMT
content-type: image/webp
content-length: 28476
expires: Sun, 19 Feb 2023 14:58:34 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: a439a85f0a5e3c74c350e2ba890f78d7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 14:58:34 GMT
ohc-cache-hit: gz3ct50 [1], suzix202 [4]
ohc-file-size: 28476
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1380837969,43607267&fm=253&fmt=auto?w=500&h=889
14.29.98.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=1380837969,43607267&fm=253&fmt=auto?w=500&h=889
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c04e59d249745bf5629df1c81526d05
0241911112d09f5f7435866f5875f0bba8278b70
352b3bc611a8905d293b3360bb3fbc6c24ddcdc89bcfd7eeb653abc53f6e43cc
GET /it/u=1380837969,43607267&fm=253&fmt=auto?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:22 GMT
content-type: image/webp
content-length: 16204
expires: Thu, 02 Mar 2023 02:33:30 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 4c04e59d249745bf5629df1c81526d05
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 02:33:30 GMT
ohc-cache-hit: gz3ct52 [2], xiangyix110 [2]
ohc-file-size: 16204
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1264652813,2208244790&fm=253&fmt=auto&app=138&f=JPEG?w=647&h=500
14.29.98.35200 OK 31 kB URL HTTP/2 img0.baidu.com/it/u=1264652813,2208244790&fm=253&fmt=auto&app=138&f=JPEG?w=647&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 647x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 436f51ba885b72c3d5f50c9e483dc1ac
494bee249125dff5f51f664678df0babf748d4c1
6b28481c25258b7357af7923f062978e566419d84b676c2a7d5a1f70167214e0
GET /it/u=1264652813,2208244790&fm=253&fmt=auto&app=138&f=JPEG?w=647&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:22 GMT
content-type: image/webp
content-length: 31044
expires: Wed, 22 Feb 2023 03:43:58 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 436f51ba885b72c3d5f50c9e483dc1ac
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:43:58 GMT
ohc-cache-hit: gz3ct55 [1], bdix244 [4]
ohc-file-size: 31044
x-cache-status: MISS
X-Firefox-Spdy: h2
12943.url.tudown.com/uploads/images/601835.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/601835.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/601835.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=617995182,3053978934&fm=253&app=120&f=JPEG?w=1460&h=800
12943.url.tudown.com/uploads/images/519902.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/519902.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/519902.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1367674305,1493121071&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=539419318,1684263296&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t15.baidu.com/it/u=539419318,1684263296&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fd5d51f2806b4d83dc1c06a044c0041a
ac7b6d2d5e43121f2b940cc67e9cd47cbe6d0788
50875594291f64871a74b54f6d5bf12d0ed89d3bb1451c51e4b106dba43cefcc
GET /it/u=539419318,1684263296&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpeg
Content-Length: 39371
Connection: keep-alive
Expires: Thu, 02 Mar 2023 02:59:55 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: fd5d51f2806b4d83dc1c06a044c0041a
Age: 16390
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 31 Jan 2023 02:59:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache60 [4], wzix79 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39371
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=2932659316,1391318906&fm=253&fmt=auto&app=138&f=JPEG?w=264&h=500
1.193.146.35200 OK 16 kB URL HTTP/1.1 img2.baidu.com/it/u=2932659316,1391318906&fm=253&fmt=auto&app=138&f=JPEG?w=264&h=500
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 264x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af05748af737c2b991c64190f5a7c6df
6495aaf1bc152cec54bb8ce813b93b6cf9292717
000560ca325a432534da07b6d95cfba7a4e0d9a670ed0c79782fb4acf6d9817d
GET /it/u=2932659316,1391318906&fm=253&fmt=auto&app=138&f=JPEG?w=264&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/webp
Content-Length: 15708
Connection: keep-alive
Expires: Mon, 20 Feb 2023 06:49:59 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: af05748af737c2b991c64190f5a7c6df
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 06:49:59 GMT
Ohc-Cache-HIT: ly5ct68 [1], czix91 [2]
Ohc-File-Size: 15708
X-Cache-Status: MISS
t13.baidu.com/it/u=1367674305,1493121071&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 30 kB URL HTTP/1.1 t13.baidu.com/it/u=1367674305,1493121071&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 06ef91549ac4f8129b63c1f3cb0a4c59
db6d2db48c1268838a3eea72699b89b186bd06d7
435cdfd18b58bc745e36af41985f232e0570cf5f34d1c011c8bb61be427803c0
GET /it/u=1367674305,1493121071&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpeg
Content-Length: 30020
Connection: keep-alive
Expires: Tue, 14 Feb 2023 00:51:31 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 06ef91549ac4f8129b63c1f3cb0a4c59
Age: 509398
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 00:51:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache64 [1], czix122 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 30020
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=476894612,3215379042&fm=253&fmt=auto?w=92&h=69
14.29.98.35200 OK 3.0 kB URL HTTP/2 img1.baidu.com/it/u=476894612,3215379042&fm=253&fmt=auto?w=92&h=69
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 92x69, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e20a292d38ab846cbc640e6ead19eed1
494ef3931ba9776e981435480be324cffd3f3604
2c274d91e7910e1d5a3dc87feca90e72019fb7f75bd73b6570b65c8eae782963
GET /it/u=476894612,3215379042&fm=253&fmt=auto?w=92&h=69 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:22 GMT
content-type: image/webp
content-length: 3024
expires: Thu, 16 Feb 2023 02:37:03 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: e20a292d38ab846cbc640e6ead19eed1
age: 541487
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 17 Jan 2023 02:37:03 GMT
ohc-cache-hit: gz3ct54 [4], czix139 [4]
ohc-file-size: 3024
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1768561356,2151276915&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
14.29.98.35200 OK 15 kB URL HTTP/2 img2.baidu.com/it/u=1768561356,2151276915&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ba75b1c669c438436353e399a71f7938
d35cdca54148ab91bddbd01f215441d64e6af1dd
860d462ca27d0d992c74250715c773055d6d8777a91896f58d5b82538daf5fff
GET /it/u=1768561356,2151276915&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:22 GMT
content-type: image/webp
content-length: 15238
expires: Sat, 18 Feb 2023 11:58:37 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: ba75b1c669c438436353e399a71f7938
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 11:58:37 GMT
ohc-cache-hit: gz3ct57 [1], czix168 [4]
ohc-file-size: 15238
x-cache-status: MISS
X-Firefox-Spdy: h2
12943.url.tudown.com/uploads/images/733250.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/733250.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/733250.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1289185477,3733292836&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=376
12943.url.tudown.com/uploads/images/678222.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/678222.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/678222.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4293104133,1712007054&fm=253&fmt=auto&app=138&f=PNG?w=500&h=594
img2.baidu.com/it/u=3127276520,752644471&fm=253&app=120&f=JPEG?w=1280&h=800
1.193.146.35200 OK 74 kB URL HTTP/1.1 img2.baidu.com/it/u=3127276520,752644471&fm=253&app=120&f=JPEG?w=1280&h=800
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash afeac84d00915188db5f6b1da0df342e
9c1c3886a562aafb2b59e55c77cd3016f05d5ebc
946fe48295bedfe46a293a8ca15d19f7788ad703c0dbaff125f22e6e88625c70
GET /it/u=3127276520,752644471&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpeg
Content-Length: 74262
Connection: keep-alive
Expires: Wed, 22 Feb 2023 03:01:01 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: afeac84d00915188db5f6b1da0df342e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 03:01:01 GMT
Ohc-Cache-HIT: ly5ct63 [1], xiangyix208 [2]
Ohc-File-Size: 74262
X-Cache-Status: MISS
12943.url.tudown.com/uploads/images/936878.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/936878.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/936878.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2695169049,3855684714&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
12943.url.tudown.com/uploads/images/858359.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/858359.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/858359.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1552372085,1490982611&fm=253&fmt=auto&app=138&f=JPEG?w=231&h=500
12943.url.tudown.com/uploads/images/678178.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/678178.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/678178.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=731716699,3423875801&fm=253&fmt=auto&app=138&f=PNG?w=358&h=500
12943.url.tudown.com/uploads/images/197998.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/197998.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/197998.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=178931015,1420863776&fm=253&fmt=auto&app=138&f=JPEG?w=550&h=375
img2.baidu.com/it/u=3511165921,1459017156&fm=253&fmt=auto&app=138&f=GIF?w=500&h=346
14.29.98.35200 OK 115 kB URL HTTP/2 img2.baidu.com/it/u=3511165921,1459017156&fm=253&fmt=auto&app=138&f=GIF?w=500&h=346
IP 14.29.98.35:0
File type GIF image data, version 89a, 500 x 346\012- data
Size 115 kB (114570 bytes)
Hash 9ce482947e9bf3131f17bba22dfc643a
63b329f3dac11680c1e6fc88e2694d211da7b4cb
aa0bc010495f325b8c8076507d50dba841774c0d678159ca91b04b3aabc7e6a5
GET /it/u=3511165921,1459017156&fm=253&fmt=auto&app=138&f=GIF?w=500&h=346 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:22 GMT
content-type: image/gif
content-length: 114570
expires: Mon, 20 Feb 2023 09:34:19 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 9ce482947e9bf3131f17bba22dfc643a
age: 1206963
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 09:34:19 GMT
ohc-cache-hit: gz3ct53 [4], qdix53 [4]
ohc-file-size: 114570
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1289185477,3733292836&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=376
14.29.98.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=1289185477,3733292836&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=376
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x376, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e7b22859d266503863c6b0e2375c926
d6842ebfb6f8d2d1782fe6cc61fa1b39d49ea861
9308a5acc281a75152cd7e61d39de3f41ff55646ccec28c78e81f66a3495f7fd
GET /it/u=1289185477,3733292836&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=376 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 28002
expires: Thu, 09 Feb 2023 13:15:39 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 1e7b22859d266503863c6b0e2375c926
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 13:15:39 GMT
ohc-cache-hit: gz3ct57 [1], qdix217 [2]
ohc-file-size: 28002
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2695169049,3855684714&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
14.29.98.35200 OK 149 kB URL HTTP/2 img0.baidu.com/it/u=2695169049,3855684714&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 149 kB (148956 bytes)
Hash a857aa211ff08e8eb3ef6533d905b2d8
a1056031bc8dfe51fc7301ae52f7b6b09a86f7c7
cd14b4a8fd80af8365289c4337c5971aa2d3bf860cf54b681d060909a6098f54
GET /it/u=2695169049,3855684714&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 148956
expires: Mon, 20 Feb 2023 07:10:44 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: a857aa211ff08e8eb3ef6533d905b2d8
age: 1204881
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 07:10:44 GMT
ohc-cache-hit: gz3ct50 [4], suzix140 [4]
ohc-file-size: 148956
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1552372085,1490982611&fm=253&fmt=auto&app=138&f=JPEG?w=231&h=500
14.29.98.35200 OK 15 kB URL HTTP/2 img2.baidu.com/it/u=1552372085,1490982611&fm=253&fmt=auto&app=138&f=JPEG?w=231&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 231x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6499751fd9fd2d392ad2cf61cbd6e4d4
b9188b5f034512f4d38e62f0c893a4926c440c15
13efdc90f3d40bc77f1c9bed0b3bef8f85f2f97663e17afb39aff9da8c59df8f
GET /it/u=1552372085,1490982611&fm=253&fmt=auto&app=138&f=JPEG?w=231&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 15178
expires: Tue, 21 Feb 2023 06:14:50 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 6499751fd9fd2d392ad2cf61cbd6e4d4
age: 1104519
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 06:14:50 GMT
ohc-cache-hit: gz3ct60 [4], czix96 [2]
ohc-file-size: 15178
x-cache-status: HIT
X-Firefox-Spdy: h2
12943.url.tudown.com/uploads/images/999213.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/999213.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/999213.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2993356702,3285647643&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
12943.url.tudown.com/uploads/images/582431.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/582431.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/582431.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
12943.url.tudown.com/uploads/images/238095.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/238095.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/238095.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1215417462,3669773890&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
img0.baidu.com/it/u=939886621,4043647233&fm=253&app=120&f=JPEG?w=1280&h=800
14.29.98.35200 OK 111 kB URL HTTP/1.1 img0.baidu.com/it/u=939886621,4043647233&fm=253&app=120&f=JPEG?w=1280&h=800
IP 14.29.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 111 kB (110898 bytes)
Hash 1f28a87fe211255fe05b53f23ced1d34
d2fd8c20f00a52eaf36e1516f011046c10bfa1bc
bbc98c0b77237ef9cc058e35deb4a8156bbc1c7dec0457c1027ad9d6f054ab3a
GET /it/u=939886621,4043647233&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:22 GMT
Content-Type: image/jpeg
Content-Length: 110898
Connection: keep-alive
Expires: Sat, 18 Feb 2023 03:20:38 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 1f28a87fe211255fe05b53f23ced1d34
Age: 588333
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 03:20:38 GMT
Ohc-Cache-HIT: gz3ct59 [4], xiangyix174 [4]
Ohc-File-Size: 110898
X-Cache-Status: HIT
img0.baidu.com/it/u=984940640,2782096788&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=675
14.29.98.35200 OK 41 kB URL HTTP/2 img0.baidu.com/it/u=984940640,2782096788&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=675
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x675, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aa8df6bd40c1eaa8f64dfaf76a2a3a3f
1d10ebdff05756e860406c6a8e2198efa71b9fce
6fdfe941bebef0dacb2d2d8661a1d8fc86203c268126e7e03ba83ee4808f1903
GET /it/u=984940640,2782096788&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=675 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 41060
expires: Sat, 25 Feb 2023 10:56:02 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: aa8df6bd40c1eaa8f64dfaf76a2a3a3f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 10:56:02 GMT
ohc-cache-hit: gz3ct52 [1], bdix214 [4]
ohc-file-size: 41060
x-cache-status: MISS
X-Firefox-Spdy: h2
12943.url.tudown.com/uploads/images/83757.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/83757.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/83757.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3400821620,1546602797&fm=224&app=112&f=JPEG?w=500&h=500
12943.url.tudown.com/uploads/images/970339.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/970339.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/970339.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3997176466,1358253601&fm=253&fmt=auto&app=138&f=JPEG?w=504&h=500
t14.baidu.com/it/u=3400821620,1546602797&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 36 kB URL HTTP/1.1 t14.baidu.com/it/u=3400821620,1546602797&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d0ee399c0a5011e10bf2d65eef89c25e
15b8f59354c9c3cf337d319380613bd1692638cd
853bb46eeea3965310e423a365936d3e5dffae8a3487e6d6f6f0e838288c0ec4
GET /it/u=3400821620,1546602797&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpeg
Content-Length: 35837
Connection: keep-alive
Expires: Mon, 06 Feb 2023 10:26:51 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: d0ee399c0a5011e10bf2d65eef89c25e
Age: 361669
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 10:26:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache61 [1], qdix61 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 35837
X-Cache-Status: HIT
Timing-Allow-Origin: *
12943.url.tudown.com/uploads/images/636964.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/636964.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/636964.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=801159576,3454724033&fm=253&fmt=auto&app=138&f=JPEG?w=376&h=540
img2.baidu.com/it/u=900002227,4151049068&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
14.29.98.35200 OK 39 kB URL HTTP/2 img2.baidu.com/it/u=900002227,4151049068&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 99b9a08f313d74b897d3e5e32227a060
7c4cb1bfb5c61fe92c4e5ef3b17bc0d851adc03f
bd8a892e83ce746d19369fd559a0122c6dd9deb2b8c9f623d06f259036a0be7e
GET /it/u=900002227,4151049068&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 39088
expires: Mon, 06 Feb 2023 09:08:09 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 99b9a08f313d74b897d3e5e32227a060
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 09:08:09 GMT
ohc-cache-hit: gz3ct56 [1], suzix243 [4]
ohc-file-size: 39088
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
14.29.98.35200 OK 14 kB URL HTTP/2 img2.baidu.com/it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 67ca8d5ab5e8c02e34039b72cd314889
6bba92845a4f0f2ed7bf559d747214ddf7fed05f
2f22629304f76aa73d8c6e6f5197ca80150afb9f94c56d4515c7c478885eb6ee
GET /it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 13700
expires: Sun, 26 Feb 2023 05:04:25 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 67ca8d5ab5e8c02e34039b72cd314889
age: 96400
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 05:04:25 GMT
ohc-cache-hit: gz3ct61 [4], xaix213 [4]
ohc-file-size: 13700
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=617995182,3053978934&fm=253&app=120&f=JPEG?w=1460&h=800
36.103.236.35200 OK 111 kB URL HTTP/1.1 img0.baidu.com/it/u=617995182,3053978934&fm=253&app=120&f=JPEG?w=1460&h=800
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1460x800, components 3\012- data
Size 111 kB (110702 bytes)
Hash 2032701b3bfc3c4fe6db9ce7845b97a9
a40a23adf8fad5209102a6f0a8030d212c864c4c
661ca09858bc1faeb618c336bfd7f53adee17cf917835802fe3e2b9b1cb3c3a5
GET /it/u=617995182,3053978934&fm=253&app=120&f=JPEG?w=1460&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpeg
Content-Length: 110702
Connection: keep-alive
Expires: Sun, 26 Feb 2023 00:33:23 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 2032701b3bfc3c4fe6db9ce7845b97a9
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 27 Jan 2023 00:33:23 GMT
Ohc-Cache-HIT: zw2ct51 [1], csix77 [4]
Ohc-File-Size: 110702
X-Cache-Status: MISS
img2.baidu.com/it/u=1215417462,3669773890&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
14.29.98.35200 OK 47 kB URL HTTP/2 img2.baidu.com/it/u=1215417462,3669773890&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 739593ba38242f4c3935073d5a927d20
78a657b88f8b424796560552f56c6ac2718a2659
f09b68034e3872f71e6e9399323d3f5422659f97e4eb87fd7a3a30b4a45cd54b
GET /it/u=1215417462,3669773890&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 47422
expires: Mon, 27 Feb 2023 01:42:50 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 739593ba38242f4c3935073d5a927d20
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 28 Jan 2023 01:42:50 GMT
ohc-cache-hit: gz3ct60 [1], csix65 [4]
ohc-file-size: 47422
x-cache-status: MISS
X-Firefox-Spdy: h2
12943.url.tudown.com/template/company/moban/index_files/chakan.png
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/chakan.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash acb0ada0040b83568aac894905d88cca
90c3924ecf672018cdc013d30716966b196ccbda
0511b79ede1d0228f1ecd14d917e26e8613a7e7b99f31b7bc66fae4285bdd4d6
GET /template/company/moban/index_files/chakan.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/png
Content-Length: 1469
Last-Modified: Mon, 31 Oct 2022 07:11:28 GMT
Connection: keep-alive
ETag: "635f7520-5bd"
Accept-Ranges: bytes
12943.url.tudown.com/uploads/images/615257.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/615257.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/615257.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1510615438,330178449&fm=224&app=112&f=JPEG?w=500&h=500
12943.url.tudown.com/uploads/images/539347.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/539347.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/539347.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3132515228,2376817732&fm=253&app=120&f=JPEG?w=720&h=1280
img2.baidu.com/it/u=3997176466,1358253601&fm=253&fmt=auto&app=138&f=JPEG?w=504&h=500
14.29.98.35200 OK 48 kB URL HTTP/2 img2.baidu.com/it/u=3997176466,1358253601&fm=253&fmt=auto&app=138&f=JPEG?w=504&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 504x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 92deb3259444faf108d90eda2a58500e
9d6ce577468447feaafacb3c86330550d5856637
eb8e621c171696e3dc5e8f6809f8592661b98d19f05759accaa04849c3fae41e
GET /it/u=3997176466,1358253601&fm=253&fmt=auto&app=138&f=JPEG?w=504&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 48430
expires: Mon, 20 Feb 2023 06:05:05 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 92deb3259444faf108d90eda2a58500e
age: 1204941
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:05:05 GMT
ohc-cache-hit: gz3ct57 [4], suzix65 [4]
ohc-file-size: 48430
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=801159576,3454724033&fm=253&fmt=auto&app=138&f=JPEG?w=376&h=540
14.29.98.35200 OK 11 kB URL HTTP/2 img0.baidu.com/it/u=801159576,3454724033&fm=253&fmt=auto&app=138&f=JPEG?w=376&h=540
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x540, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 386a103d43cb977f7f9e49817517543a
e4aa7cd64d68239f7918c2664604175cd7d14023
97460926e9e0499c7a34f13f519e7697a368a8abccffbe60b64935693bd851b1
GET /it/u=801159576,3454724033&fm=253&fmt=auto&app=138&f=JPEG?w=376&h=540 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 11240
expires: Sun, 19 Feb 2023 23:34:21 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 386a103d43cb977f7f9e49817517543a
age: 170210
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 23:34:21 GMT
ohc-cache-hit: gz3ct61 [4], xaix164 [4]
ohc-file-size: 11240
x-cache-status: HIT
X-Firefox-Spdy: h2
12943.url.tudown.com/template/company/moban/index_files/shoucang.png
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/shoucang.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 112dd72135aceaef7b25583061398368
73d3f2825122e66564122f1d8e87065b71c9ac33
5f5dc0b4419a3e37547d82c55b1332b6c421d382067cf542dadb3c65a4fa066f
GET /template/company/moban/index_files/shoucang.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/png
Content-Length: 1456
Last-Modified: Mon, 31 Oct 2022 07:11:39 GMT
Connection: keep-alive
ETag: "635f752b-5b0"
Accept-Ranges: bytes
img0.baidu.com/it/u=731716699,3423875801&fm=253&fmt=auto&app=138&f=PNG?w=358&h=500
14.29.98.35200 OK 96 kB URL HTTP/2 img0.baidu.com/it/u=731716699,3423875801&fm=253&fmt=auto&app=138&f=PNG?w=358&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 358x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5cb8ab69019a9f97f0ff9d8003376827
ac9e0975e0a05d5c0d0ec1224f27461cd6d9667b
117ca93fb404dd60aaeb2170580a8edd1567a4fe2212f34b2aa0e70ada39f588
GET /it/u=731716699,3423875801&fm=253&fmt=auto&app=138&f=PNG?w=358&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 96216
expires: Mon, 06 Mar 2023 08:50:23 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 5cb8ab69019a9f97f0ff9d8003376827
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 08:50:23 GMT
ohc-cache-hit: gz3ct50 [2], xiangyix214 [2]
ohc-file-size: 96216
x-cache-status: MISS
X-Firefox-Spdy: h2
12943.url.tudown.com/uploads/images/942410.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/942410.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/942410.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2677810176,1290494268&fm=224&app=112&f=JPEG?w=500&h=500&s=5897049AD00422F95212FC7603005029
12943.url.tudown.com/uploads/images/372773.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12943.url.tudown.com/uploads/images/372773.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/372773.jpg HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1065417731,2806489984&fm=253&fmt=auto&app=138&f=GIF?w=400&h=214
img1.baidu.com/it/u=4293104133,1712007054&fm=253&fmt=auto&app=138&f=PNG?w=500&h=594
14.29.98.35200 OK 143 kB URL HTTP/2 img1.baidu.com/it/u=4293104133,1712007054&fm=253&fmt=auto&app=138&f=PNG?w=500&h=594
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x594, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 143 kB (142964 bytes)
Hash e77172b10df0e999a0f241e577d47c1e
1f5da9eca76fe9eefdc1b31b4527efe55f411d1b
0993cc3e521865eb827e01c006ecfcb2313c49d0e73c8f816e28929b94af6c2c
GET /it/u=4293104133,1712007054&fm=253&fmt=auto&app=138&f=PNG?w=500&h=594 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 142964
expires: Sat, 25 Feb 2023 13:23:21 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: e77172b10df0e999a0f241e577d47c1e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 13:23:21 GMT
ohc-cache-hit: gz3ct53 [2], xaix99 [3]
ohc-file-size: 142964
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=1510615438,330178449&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 52 kB URL HTTP/1.1 t13.baidu.com/it/u=1510615438,330178449&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1a2c249e0941d711358921ca5d8609a6
1117151776ce2c80b25bb6fb0dc55ce0a3c28f8d
76ec29e7d5afe8d6712400f184571257f9b48067e04be52c3a8f29666ddd4fee
GET /it/u=1510615438,330178449&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:23 GMT
Content-Type: image/jpeg
Content-Length: 51591
Connection: keep-alive
Expires: Mon, 13 Feb 2023 13:03:31 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 1a2c249e0941d711358921ca5d8609a6
Age: 367713
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 14 Jan 2023 13:03:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache65 [1], czix163 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51591
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=178931015,1420863776&fm=253&fmt=auto&app=138&f=JPEG?w=550&h=375
14.29.98.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=178931015,1420863776&fm=253&fmt=auto&app=138&f=JPEG?w=550&h=375
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 550x375, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d505c9c93bd120ea9ce8dd62c242654f
9a34213048c69b2b33d53f63a026fb6b856e5684
51e6442742f75befc2d55dfba7c1cb7b8621156eaf983be062f0a77fd813b5c1
GET /it/u=178931015,1420863776&fm=253&fmt=auto&app=138&f=JPEG?w=550&h=375 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 26556
expires: Wed, 22 Feb 2023 12:23:02 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: d505c9c93bd120ea9ce8dd62c242654f
age: 769353
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 12:23:02 GMT
ohc-cache-hit: gz3ct57 [4], xiangyix173 [4]
ohc-file-size: 26556
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2993356702,3285647643&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
14.29.98.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=2993356702,3285647643&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
IP 14.29.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 668x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9168280107ff4d88df7e71173f7fe2c7
208b17e7e94c82c1be61a02912732f94411aeac9
0f9fa7fec1c83f2ca25dc49e33f5b63b4745e914061d1cbde59177b15120d4d8
GET /it/u=2993356702,3285647643&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:23 GMT
content-type: image/webp
content-length: 27904
expires: Wed, 22 Feb 2023 20:55:10 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 9168280107ff4d88df7e71173f7fe2c7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 20:55:10 GMT
ohc-cache-hit: gz3ct57 [1], suzix119 [4]
ohc-file-size: 27904
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=2677810176,1290494268&fm=224&app=112&f=JPEG?w=500&h=500&s=5897049AD00422F95212FC7603005029
185.10.104.124200 OK 71 kB URL HTTP/1.1 t13.baidu.com/it/u=2677810176,1290494268&fm=224&app=112&f=JPEG?w=500&h=500&s=5897049AD00422F95212FC7603005029
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 500x500, components 3\012- data
Hash 8beaf33a3e3ca818a5076e81be5af50d
1435a846a9b31fa0286b2d0668340a7154ac707b
483786a3de6ec0a884c184b295de045d1fc09f5b5da25f54791742ed619522fd
GET /it/u=2677810176,1290494268&fm=224&app=112&f=JPEG?w=500&h=500&s=5897049AD00422F95212FC7603005029 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:24 GMT
Content-Type: image/jpeg
Content-Length: 71101
Connection: keep-alive
Expires: Mon, 27 Feb 2023 01:08:21 GMT
Last-Modified: Sat, 17 Jan 1970 00:00:00 GMT
ETag: 8beaf33a3e3ca818a5076e81be5af50d
Age: 509395
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 28 Jan 2023 01:08:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache54 [4], qdix168 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 71101
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3132515228,2376817732&fm=253&app=120&f=JPEG?w=720&h=1280
14.29.98.35200 OK 91 kB URL HTTP/1.1 img0.baidu.com/it/u=3132515228,2376817732&fm=253&app=120&f=JPEG?w=720&h=1280
IP 14.29.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 720x1280, components 3\012- data
Hash 5e417f1bc4c563b93748e7578f3ad4ac
7f1fded6120d20d79a8e22a2fb6e17677b7db520
e4eb05d26d3081daf9b01584a9444710842a6b183e20f909d8f52e8d2e3463b5
GET /it/u=3132515228,2376817732&fm=253&app=120&f=JPEG?w=720&h=1280 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12943.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:50:24 GMT
Content-Type: image/jpeg
Content-Length: 91436
Connection: keep-alive
Expires: Mon, 06 Feb 2023 05:52:08 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 5e417f1bc4c563b93748e7578f3ad4ac
Age: 2044845
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 05:52:08 GMT
Ohc-Cache-HIT: gz3ct52 [4], bdix125 [4]
Ohc-File-Size: 91436
X-Cache-Status: HIT
img2.baidu.com/it/u=1065417731,2806489984&fm=253&fmt=auto&app=138&f=GIF?w=400&h=214
14.29.98.35200 OK 55 kB URL HTTP/2 img2.baidu.com/it/u=1065417731,2806489984&fm=253&fmt=auto&app=138&f=GIF?w=400&h=214
IP 14.29.98.35:0
File type GIF image data, version 89a, 400 x 214\012- data
Hash 43e92bfe57a1a050eca3ac00e5f3587c
767f9dcab07d5f2bdcd91acfce25fcbb59452ebf
f32a17219a63ab3d051313755d59969e14bc5ad5f5e6a1b664b86ffa2156d682
GET /it/u=1065417731,2806489984&fm=253&fmt=auto&app=138&f=GIF?w=400&h=214 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12943.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:50:24 GMT
content-type: image/gif
content-length: 54838
expires: Tue, 21 Feb 2023 07:15:49 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 43e92bfe57a1a050eca3ac00e5f3587c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 07:15:49 GMT
ohc-cache-hit: gz3ct58 [1], bdix62 [4]
ohc-file-size: 54838
x-cache-status: MISS
X-Firefox-Spdy: h2
12943.url.tudown.com/template/company/moban/images/footer_line.png
154.218.151.71200 OK 9.2 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/images/footer_line.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1392)
Hash db7520e0b1a6e3b36261b6fe3c840630
9d0d51757afb7bd339c6c30d17166955c1718499
65bde0d873fbb5b08a85742d922f136f570a2a823882d5246b2f257cc42907a8
GET /template/company/moban/images/footer_line.png HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675500655; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675500655
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12943.url.tudown.com/template/company/moban/index_files/favicon.ico
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12943.url.tudown.com/template/company/moban/index_files/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 82255b6cc962e6ae6e19b381abacce63
89a73ff1e607fd4dfb5a4fc3d6e1d0d1ec4a2e8e
d7358a12adcb1b04c97af316d799cb4f4d807fe2901e8e162b5d101d4ac9d2d3
GET /template/company/moban/index_files/favicon.ico HTTP/1.1
Host: 12943.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12943.url.tudown.com/down/%E4%B8%80%E8%B7%AF%E5%90%91%E8%A5%BF2%E4%B9%8B%E6%B3%B0%E8%A5%BF%E9%AB%98%E6%B8%85@439_2.exe
Cookie: Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675500655; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675500655
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:50:24 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Mon, 31 Oct 2022 09:44:24 GMT
Connection: keep-alive
ETag: "635f98f8-47e"
Accept-Ranges: bytes