r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5127
Expires: Sun, 29 Jan 2023 03:41:20 GMT
Date: Sun, 29 Jan 2023 02:15:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7564
Expires: Sun, 29 Jan 2023 04:21:57 GMT
Date: Sun, 29 Jan 2023 02:15:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 01:35:33 GMT
content-type: application/json
age: 2420
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Sun, 29 Jan 2023 02:56:44 GMT
Date: Sun, 29 Jan 2023 02:15:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +KS8NbeWHh8NfDeqEZzmQvcSH+FuPhvgHftOkU9KEjcYkNDLH9KJNTv/D958yFB1DQM1kymBFGU=
x-amz-request-id: 6SCVFBRWQX7S4DS5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 01:50:08 GMT
age: 1545
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 02:15:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 01:49:03 GMT
age: 1611
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Sun, 29 Jan 2023 03:55:12 GMT
Date: Sun, 29 Jan 2023 02:15:54 GMT
Connection: keep-alive
12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
154.218.151.71200 OK 4.4 kB URL HTTP/1.1 12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 9ac1b3ccb51ae83342a995eef9c0e758
b07cdd202ca91ddedb4e9276063c4d3c0b78379c
61976cf2e49b9cb0d80412a9a8b3b6063ab113716fd38bc48cefacfe98ba8b56
Analyzer Verdict Alert fortinet Malware
GET /down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:54 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/EyqW1AyOPLo
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/EyqW1AyOPLo
IP 142.250.74.131:0
Hash 41a444c6adcbeb8396ca506cfc1e937a
cb53b0f1b00efdfa20b826f73fd406ea0c7840bb
55a8deae47cd00df84f08c9cad49e68828d0fdcfc19e9c71b55c57dc4e46a0a5
POST /s/gts1p5/EyqW1AyOPLo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:15:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.184.253.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.184.253.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fkQ3M99RAHQPoPzp0FA+Og==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LsPV5KvlZwgAAdmpUjXEDlprPKs=
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/animate.min.css
154.218.151.71200 OK 203 B URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/animate.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a368ebdb8002fbb3142e16bc34b326d8
e727c702fb6be3cbefa0b0847717b2334ce9b8fd
7bb4be9184710e7d3067ce155a3f8e37c248bdf649906ea40af66a324ace61a4
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /template/company/fanmoban/baiduzhongyuandianzi/css/animate.min.css HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:54 GMT
Content-Type: text/css
Content-Length: 203
Last-Modified: Mon, 31 Oct 2022 11:03:36 GMT
Connection: keep-alive
ETag: "635fab88-cb"
Expires: Sun, 29 Jan 2023 14:15:54 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/base.css
154.218.151.71200 OK 805 B URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/base.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type troff or preprocessor input, Unicode text, UTF-8 text, with CRLF line terminators
Hash ba9c1a1662806eb521d5d82f56a38707
0bc96b713dc116fdae15bde149f62d81b697d31f
1099a1de668c533850f34789b31c4171c0aae5931923968792c81258dec3f26e
GET /template/company/fanmoban/baiduzhongyuandianzi/css/base.css HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:54 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 11:03:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635fab8c-4f7"
Expires: Sun, 29 Jan 2023 14:15:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12237.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12237.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/swiper.min.css
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/swiper.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1631), with CRLF line terminators
Hash 6c1c911a889588aec034df8688907c6b
9f619c9642c6b1851ab2c1b6f7d9ab3d79540750
83a4d6a6f88e0a7f6c0b3c6c66a23e407aa92a769d76a883f4acb9eed3ad6b33
GET /template/company/fanmoban/baiduzhongyuandianzi/css/swiper.min.css HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:54 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 11:03:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635fab92-527c"
Expires: Sun, 29 Jan 2023 14:15:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/index.css
154.218.151.71200 OK 9.7 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/index.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d84db55e9e4bd26fa501bb5f2cc50e8d
9c3d5ed5a5056e4b8505882777dbe0d32804bfdb
c120dccd09fdc74ef8808fd133d0b442590443923167493f0f1f58b51e887754
GET /template/company/fanmoban/baiduzhongyuandianzi/css/index.css HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:54 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 11:03:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635fab8f-e15f"
Expires: Sun, 29 Jan 2023 14:15:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/js/base.js
154.218.151.71200 OK 0 B URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/js/base.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/company/fanmoban/baiduzhongyuandianzi/js/base.js HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:54 GMT
Content-Type: application/javascript
Content-Length: 0
Last-Modified: Mon, 31 Oct 2022 11:05:23 GMT
Connection: keep-alive
ETag: "635fabf3-0"
Expires: Sun, 29 Jan 2023 14:15:54 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/js/jquery.superslide.2.1.2.js
154.218.151.71200 OK 4.6 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/js/jquery.superslide.2.1.2.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (12816), with CRLF, CR line terminators
Hash feded6ecce5456a91c6a077773240eba
e3f79015255a1b6411092dd01ef941d6d056aa6f
0c904b5e1b7b083708d43f549497953ae4245f62c5c73990921c7493edf21f36
GET /template/company/fanmoban/baiduzhongyuandianzi/js/jquery.superslide.2.1.2.js HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:54 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 11:05:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635fabfa-34f1"
Expires: Sun, 29 Jan 2023 14:15:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12237.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12237.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/EyqW1AyOPLo
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/EyqW1AyOPLo
IP 142.250.74.131:0
Hash 41a444c6adcbeb8396ca506cfc1e937a
cb53b0f1b00efdfa20b826f73fd406ea0c7840bb
55a8deae47cd00df84f08c9cad49e68828d0fdcfc19e9c71b55c57dc4e46a0a5
POST /s/gts1p5/EyqW1AyOPLo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:15:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/js/public.js
154.218.151.71200 OK 987 B URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/js/public.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 62efacbaa4ca554701433566bf98b861
c23afd9eb4dfcd5daab4b926fc699d34f8198186
5794510f473bf41e87a032cf1cac52bdd7c8e7944604b606fd7e42f4015358f0
GET /template/company/fanmoban/baiduzhongyuandianzi/js/public.js HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 11:05:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635fabfd-aa9"
Expires: Sun, 29 Jan 2023 14:15:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 08a0466f76acc295cdcc615804616fe1
6c5e65d8a5d9566c16bfeb536fca2e53121e960e
4afeb0b7ce01b93812aecac85547be9e62192000368abff19b9dbe6dc21fb53b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AFEB0B7CE01B93812AECAC85547BE9E62192000368ABFF19B9DBE6DC21FB53B"
Last-Modified: Sat, 28 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18532
Expires: Sun, 29 Jan 2023 07:24:47 GMT
Date: Sun, 29 Jan 2023 02:15:55 GMT
Connection: keep-alive
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/js/swiper.min.js
154.218.151.71200 OK 41 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/js/swiper.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1950), with CRLF line terminators
Hash 702b25c4e6228670d8165f67aa85707c
48a097ba16b8bd3cef6d4cc66c6905a9373f8db0
4739a9eaf7eca296233bf2e08c8404efb0c21af7ae9a4db24ce7405db46029f4
GET /template/company/fanmoban/baiduzhongyuandianzi/js/swiper.min.js HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 11:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635fac00-25f8d"
Expires: Sun, 29 Jan 2023 14:15:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/js/jquery.js
154.218.151.71200 OK 42 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/js/jquery.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1880), with CRLF line terminators
Hash b29f30b49b0fdfb07e7de78e280caea4
e772d7c1ee47ae9b99ac71448a43e7a854d87e2c
d1b131c4097dab0a4f0cdb28ed311647c8bdc4c28d1884e13c523f02ffbde912
GET /template/company/fanmoban/baiduzhongyuandianzi/js/jquery.js HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 11:05:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635fabf6-1ec80"
Expires: Sun, 29 Jan 2023 14:15:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/images/dh.png
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/images/dh.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 20 x 21, 8-bit/color RGBA, non-interlaced\012- data
Hash 38c4f0134374e77090f2cddff441021f
19572fdbbbabdd8e9ca109b24b8ab5372c2d0c61
4c72c6eb0f42f704ec357755e0144872ae0797ce95816a28bdad77734b2e85ab
GET /template/company/fanmoban/baiduzhongyuandianzi/images/dh.png HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/index.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: image/png
Content-Length: 1422
Last-Modified: Mon, 31 Oct 2022 11:04:40 GMT
Connection: keep-alive
ETag: "635fabc8-58e"
Accept-Ranges: bytes
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/picture/logo.png
154.218.151.71200 OK 31 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/picture/logo.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 190 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash dfc7c226b275546111f14373741a4986
8584f965ae300227900de77215fab56a39f234f2
7a8da4aad41216e8361b99ffd69b8604c75e146e194fb1839f1dfc101b26c8ba
GET /template/company/fanmoban/baiduzhongyuandianzi/picture/logo.png HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: image/png
Content-Length: 30726
Last-Modified: Mon, 31 Oct 2022 11:06:28 GMT
Connection: keep-alive
ETag: "635fac34-7806"
Accept-Ranges: bytes
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/images/yx.png
154.218.151.71200 OK 4.4 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/images/yx.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 20cb558cd37764e6820ae2035ae64cd5
7406413979ffb1dca85f57c28b7fe9fce77a083c
f91b3466d6a7321b25c9d7dcab526a2aaafde0d7d74e8ad86117d90f4945fd97
GET /template/company/fanmoban/baiduzhongyuandianzi/images/yx.png HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/index.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/images/dz.png
154.218.151.71200 OK 4.4 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/images/dz.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 07f37d8fb4ef4c9e9b997c943f2a3b09
f863d56e4c34faba6f89385413eb59fcec14cec9
ee71594586ef23e13a6bc069a704c5eb6799023edc6f108f37cbca0a889197b1
GET /template/company/fanmoban/baiduzhongyuandianzi/images/dz.png HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/index.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12237.url.tudown.com/api.php?m=Hits&catid=18&id=283
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12237.url.tudown.com/api.php?m=Hits&catid=18&id=283
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /api.php?m=Hits&catid=18&id=283 HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2202
Expires: Sun, 29 Jan 2023 02:52:38 GMT
Date: Sun, 29 Jan 2023 02:15:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2202
Expires: Sun, 29 Jan 2023 02:52:38 GMT
Date: Sun, 29 Jan 2023 02:15:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2202
Expires: Sun, 29 Jan 2023 02:52:38 GMT
Date: Sun, 29 Jan 2023 02:15:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2202
Expires: Sun, 29 Jan 2023 02:52:38 GMT
Date: Sun, 29 Jan 2023 02:15:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57ff6665d99a17d06b75c8fe64c90ab3
05648eed6830a794aa7e30ba4da526ed4c45b0ca
728b809756a0faff1a55bb03f13f33e31518f321e50dd944a0267d585c09264c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5198
x-amzn-requestid: 8117f45b-926a-4cbe-b152-dae983bc3526
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOYdlG6XIAMF_vA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf3abd-7ce531f65f66ac3a73970841;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 01:56:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: naZHCCrUSwrLi2eWi3LOrir9zOGQcNUBJ1iS9wUewWoV3WM2E0kE2w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:47:00 GMT
age: 16136
etag: "05648eed6830a794aa7e30ba4da526ed4c45b0ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVguyG7BIAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 06:42:55 GMT
age: 70381
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7da187381befeffa83fbaed380f2932e
7f4750e505e965f129c096ef40bc24c392051025
f47a20d681386b3341f23d286fb2f0a2a789bde75bdbc2d14c4747721e13d7a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12124
x-amzn-requestid: 4032a848-72f7-4fbf-a0b2-e9cd7a2d1853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVMBEGtwIAMF_Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1f3a0-6eec6555074c2fba0be0d90e;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 03:29:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixuvPYw-yLJbABGhAMsaZPkbpCy6H-R-QXKxMlIBRQgBYvnERkOs_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 12:06:16 GMT
age: 50980
etag: "7f4750e505e965f129c096ef40bc24c392051025"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 19780
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f73f114f8dc452fc0b16825570ad50c
6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575
23fd69e6ccdd2ce2b5d3d8b3f075a07cdb36efd663a4119b5dca22165e7b2090
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10030
x-amzn-requestid: 0c6c82b5-f91b-4468-bb25-d87d4d7dedd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVAbgERRIAMFdcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1e116-7f17c79047447dff2de3ab67;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 02:10:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pHTs5LN29bSjD8GAXY_vstXiEQ7iy9qXsq23Pxl-GdXX16_5H5QKCQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 16:13:35 GMT
age: 36141
etag: "6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167a00fc-5c65-46d1-816e-da9e473736e3.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167a00fc-5c65-46d1-816e-da9e473736e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7433eb3123a1f9b14507c78e38e7b9
fef8b905b580999963758a56be9c3226697929a2
895298ddf6822e9f95e10fe17c1ade0b0782c3753e96eab8a3798df5ba969dbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167a00fc-5c65-46d1-816e-da9e473736e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6518
x-amzn-requestid: 6e9c624a-2036-4161-ad9e-1c66068e3eb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPHz0HmsoAMFljA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf867e-011e1c43072a8dfa22af6e88;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:19:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AxIaCwORa7FhDY5pxcNlrPMoam0z7DxSgKBytx5AG_qcKrxM8NnoOw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:36 GMT
age: 16160
etag: "fef8b905b580999963758a56be9c3226697929a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/images/zk.png
154.218.151.71200 OK 4.4 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/images/zk.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash b313c43e4d95b7c415eff006436acd3a
0dbc4319acf4f9d8bc5f90e2b506b9487fa794ab
fe3ba554843bd0a64707a3552a97f2752d1077e1aceb5390ea44b8259988a8f8
GET /template/company/fanmoban/baiduzhongyuandianzi/images/zk.png HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/template/company/fanmoban/baiduzhongyuandianzi/css/index.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12237.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12237.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:56 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
12237.url.tudown.com/template/company/fanmoban/images/banner3.jpg
154.218.151.71200 OK 264 kB URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/images/banner3.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1919x300, components 3\012- data
Size 264 kB (263493 bytes)
Hash 2dca43ab3b98d15e5abbe174146a3a06
f14eadb9527a9bc102729e2c51fbbd9745545ca1
a26002c22c0bf724370217077fb43c01dfdaba38ad8910ace8ea45364ff03186
GET /template/company/fanmoban/images/banner3.jpg HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: image/jpeg
Content-Length: 263493
Last-Modified: Tue, 01 Nov 2022 08:19:59 GMT
Connection: keep-alive
ETag: "6360d6af-40545"
Accept-Ranges: bytes
12237.url.tudown.com/template/company/fanmoban/images/picture/banner3.jpg
154.218.151.71200 OK 0 B URL HTTP/1.1 12237.url.tudown.com/template/company/fanmoban/images/picture/banner3.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
GET /template/company/fanmoban/images/picture/banner3.jpg HTTP/1.1
Host: 12237.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12237.url.tudown.com/down/%E7%BE%8E%E6%8B%8D%E7%94%B5%E8%84%91%E7%89%88v5.9.5%E5%AE%98%E6%96%B9pc%E7%89%88@135_43023.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 02:15:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
code.jquerycdns.com/jquery-2.3.1.min.js?h=http://12237.url.tudown.com/
172.67.215.8200 OK 0 B URL HTTP/2 code.jquerycdns.com/jquery-2.3.1.min.js?h=http://12237.url.tudown.com/
IP 172.67.215.8:0
GET /jquery-2.3.1.min.js?h=http://12237.url.tudown.com/ HTTP/1.1
Host: code.jquerycdns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12237.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:15:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
last-modified: Sunday, 29-Jan-2023 02:15:55 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2w2sa%2FcDDlnOsbLi2Q00WIcU5r5%2BAlmnjFm9D8HtVXCAGkr6Xg%2FEn0fYEdZQGPJcoNCwDzfqq2AvAQ%2BHBCLoaCOGPMG%2Bn0lzdhTwTc0Z5%2BMuT7oMIw8AD%2Fpt0%2Ffis7PjTQn%2FAXw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790e7677783ab4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2