r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8997
Expires: Wed, 25 Jan 2023 05:59:45 GMT
Date: Wed, 25 Jan 2023 03:29:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17130
Expires: Wed, 25 Jan 2023 08:15:18 GMT
Date: Wed, 25 Jan 2023 03:29:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 02:42:47 GMT
content-type: application/json
age: 2821
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5570
Expires: Wed, 25 Jan 2023 05:02:38 GMT
Date: Wed, 25 Jan 2023 03:29:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FdNGLlHprNRrH54Dhi6osWwxdnkMKuswjE/LTGT/yRvOPjDtAGp6SAz5BBPWeZy5l2gbqb5Wy4E=
x-amz-request-id: DEKAEZQQCNPJPDBA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 02:48:24 GMT
age: 2484
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 03:29:48 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 03:17:31 GMT
age: 737
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16618
Expires: Wed, 25 Jan 2023 08:06:47 GMT
Date: Wed, 25 Jan 2023 03:29:49 GMT
Connection: keep-alive
12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
154.218.151.71200 OK 8.5 kB URL HTTP/1.1 12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash ab7859a044266c143d31b34de877b24f
1f99bce04275e65c4880614cb472f856e0aa4308
8cb483c0216d0be3229801860408e1c6d75a9745ac13e89ff0134d2b3b7aba08
Analyzer Verdict Alert fortinet Malware
GET /down/anybizsoftpdfconverter@418_34821.exe HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.88.218.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.218.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5WTvBxv7MFi5+JGUwuPIjA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MyvjTVRuqnBIhPDZquZ4JvZN+qw=
12741.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12741.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12741.url.tudown.com/template/company/955yx/js/searchword.js
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12741.url.tudown.com/template/company/955yx/js/searchword.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 95c12a0f8944cbd1c05e11f7a72875dd
22430886820419d75b8da5721af251bdeb6811d1
36e33550c0a108df269183b53afe7f8c86316cc7e24a84ee3804e8ae12c627eb
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/searchword.js HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff1-fb5"
Expires: Wed, 25 Jan 2023 15:29:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12741.url.tudown.com/template/company/955yx/js/week_rank.js
154.218.151.71200 OK 656 B URL HTTP/1.1 12741.url.tudown.com/template/company/955yx/js/week_rank.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 00ac918b54dd742e0ec507274205038a
6a2976eb86376f33eb4f7b587f71296f07940da5
11624c98f05816c06f80e2ea5ef22376ce5509cb2c076003f9d5f27ac81f4ec9
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/week_rank.js HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:49 GMT
Content-Type: application/javascript
Content-Length: 656
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-290"
Expires: Wed, 25 Jan 2023 15:29:49 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12741.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
154.218.151.71200 OK 41 kB URL HTTP/1.1 12741.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (65483)
Hash aef63d51fe884fe89d488a2abc96381b
ed39edfb824178566b87b08164c7d382a119705b
51826bef0d69d08144d8605e1c56e1602cb1b6f620f854972c31080cf17d11f5
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/jquery-1.8.3.min.js HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-198c3"
Expires: Wed, 25 Jan 2023 15:29:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12741.url.tudown.com/template/company/955yx/js/script_index2.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12741.url.tudown.com/template/company/955yx/js/script_index2.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ISO-8859 text, with CRLF line terminators
Hash e3f1b130f72b9756f002c6bbbc284fb7
d51b59da45422005ca5f02b66cb02eaf1b44a8fd
3c0e569d33461414b263a4a7e6602577873e4843bb450d5de979f263d02644c9
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/script_index2.js HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff2-1f77"
Expires: Wed, 25 Jan 2023 15:29:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12741.url.tudown.com/template/company/955yx/js/api.js
154.218.151.71200 OK 22 B URL HTTP/1.1 12741.url.tudown.com/template/company/955yx/js/api.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 143a35d673d243f56603ac04a89d8099
677acddc2a341ec711d74ecfd05bb919208c23df
ab368ffd11e345075f085c40cfdd9254280e0db19ed65e2668c287b17508170f
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/api.js HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:49 GMT
Content-Type: application/javascript
Content-Length: 22
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Connection: keep-alive
ETag: "60c86ff2-16"
Expires: Wed, 25 Jan 2023 15:29:49 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12741.url.tudown.com/template/company/955yx/js/gb.js
154.218.151.71200 OK 7.7 kB URL HTTP/1.1 12741.url.tudown.com/template/company/955yx/js/gb.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2a105ecd23c8abe20d0f84a4d10903a7
f3a1339005455be7df05412b2bde5d33ed096da0
9e8e3180840152689c4d7732c3660da6c766645aad88f695c041720ff5ec0a67
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/gb.js HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-7685"
Expires: Wed, 25 Jan 2023 15:29:50 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12741.url.tudown.com/template/company/955yx/css/gb.css
154.218.151.71200 OK 47 kB URL HTTP/1.1 12741.url.tudown.com/template/company/955yx/css/gb.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (393), with CRLF line terminators
Hash 50dd1318432db01d440645564e53edc9
ee0cb6adb44f515312f771197c6c08b951cb7689
2b908ce7540ed6b03b07bdec7eb7eb504b76e78b3304474f40af3b8f3afb2135
GET /template/company/955yx/css/gb.css HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:49 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-30c0d"
Expires: Wed, 25 Jan 2023 15:29:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8003
Expires: Wed, 25 Jan 2023 05:43:13 GMT
Date: Wed, 25 Jan 2023 03:29:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8003
Expires: Wed, 25 Jan 2023 05:43:13 GMT
Date: Wed, 25 Jan 2023 03:29:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8003
Expires: Wed, 25 Jan 2023 05:43:13 GMT
Date: Wed, 25 Jan 2023 03:29:50 GMT
Connection: keep-alive
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
54.230.111.87200 OK 12 kB URL HTTP/2 jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP 54.230.111.87:0
Hash 4c4c99a72ca23d2a78474ee733c7aa6c
a5f5135bc8939909e12296d16bed42adaa3c6d5c
36cd1c04c0f30dee3d1985024d1ed16a4eea9408c59ab454b430507aa31800e3
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12741.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc01.lato;REVALIDATED from w-sc01.lato
date: Wed, 25 Jan 2023 03:27:18 GMT
cache-control: max-age=600
expires: Wed, 25 Jan 2023 03:36:31 GMT
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0WMtzFL4cdnWk5qO-bicjVul3XKz8rVBNZC59FhT-Pe7y9tRSzHoTg==
age: 199
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a487590-ad87-4af1-8dd1-f65f36af5bc9.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a487590-ad87-4af1-8dd1-f65f36af5bc9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a65fb960c9da18a5b0b0301ebf46afbe
87ec376bfb94f098e3c116b39661bc204479300c
7811aac796f07106cdc371444964407b4b7941fe9422e239867869f5f1bf9097
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a487590-ad87-4af1-8dd1-f65f36af5bc9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9482
x-amzn-requestid: 48da7b6a-f216-40cf-a9ab-9ad6b4c1b435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLP5IGemIAMFz_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdf9d3-0038762d211cac0527675cb8;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:06:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TnRVkty9FyscHnII8MRKb5T1gOX4EYyM98wceRTq1VKTp5nfKfnI8g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 05:10:02 GMT
age: 80388
etag: "87ec376bfb94f098e3c116b39661bc204479300c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05ff19472d4870833d7c6b495099a86c
6ad7424d14301c62a93ea71843238d2ff0699a02
1f2c62b3be1147d1ed12d1e28caa86c97684d5c5da87ebe3a709ce01cd878abb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 15ae46cb-c80e-4b94-a8d3-8e2a83be64c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQdAG2BoAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfab9-236ebb6b3fab6b25266203ba;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xkpv0iMm4JNzdmNMQerJZXWXjWJ6YFYJ6WbaREC0S-0GX3WHv71mFw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 03:33:54 GMT
age: 86156
etag: "6ad7424d14301c62a93ea71843238d2ff0699a02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbbcba4403c1ea4e45ff47894d66e984
8555e8d6a38b78829a7dd2f10eb99bdbb254d89a
c9acd732889f9a58b085ceee3ceb8040fedb1e85ddb9f5b933960472c2f8d147
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3109
x-amzn-requestid: 89df621b-47d8-4127-8e4f-8e57f3244419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKV9hFNKIAMFtlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cd9d23-0b4c0b5d2bf8c22b2ada0e9c;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 20:31:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: B62xY4rlFNdJGd5ethwkCIwQTsegDVJy6s7OptIr1g_E8GvwttW2sQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 09:51:04 GMT
age: 63526
etag: "8555e8d6a38b78829a7dd2f10eb99bdbb254d89a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fa8338e574e2b8272ad3ca7cd9d1d63
298cafecdcac99de25fe5c2c4c993487f73ced6b
f75c20ebc4c0db2df40d958337cd87768714bdf53a48609ad0f97b7129b0b100
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6715
x-amzn-requestid: c808c9d9-bbbb-43ff-ab15-33074a760093
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BO5En_oAMFTzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648c5-67151eb46f5a10b0732fbd09;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0pvebF903zoRPgzBK2gxMlcYQTurylOzzCfOO07hYCG5aD7wX_fl9g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 09:51:11 GMT
age: 63519
etag: "298cafecdcac99de25fe5c2c4c993487f73ced6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69bdfbe73749ef39d9b9662b547ba853
ee2c14f82ea1e653b993fda0839a32943c5d9f86
21fa51ce61c1dfdc30c28371940f5dfc83127a691e34299ebab70c4bf0d19231
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b0cb327-c176-43cd-8ce3-7ed2a48e697f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8806
x-amzn-requestid: 5c8a6463-049f-46c6-8595-3230efee793c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-nQkHAPIAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8ec03-332914233e5138ce025afa75;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 07:06:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uw4NZEIk19HZdoUWc1pSpw36gfopSWCC98z11IWLMiXuffloJH-LNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 13:56:29 GMT
age: 48801
etag: "ee2c14f82ea1e653b993fda0839a32943c5d9f86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/723296.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/723296.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/723296.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=386537375,2577027450&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
12741.url.tudown.com/uploads/images/118838.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/118838.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/118838.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2040697761,1407691448&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
12741.url.tudown.com/uploads/images/501389.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/501389.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/501389.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3587721667,3025861923&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=119
12741.url.tudown.com/uploads/images/902800.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/902800.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/902800.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3443770746,879747305&fm=253&app=120&f=JPEG?w=720&h=1280
12741.url.tudown.com/uploads/images/316296.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/316296.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/316296.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2404954209,915275318&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12741.url.tudown.com/uploads/images/908878.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/908878.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/908878.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3256899549,2450678972&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43ec508fd796c65b1616c9dcc896b7f1
b0d21e4e4636c1428b4eb17960e7f0a27ca94ab0
8476b98223e285e450bad8a5762450e0a67edc72b2ccb35c63191601139f37c8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8476B98223E285E450BAD8A5762450E0A67EDC72B2CCB35C63191601139F37C8"
Last-Modified: Tue, 24 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17862
Expires: Wed, 25 Jan 2023 08:27:32 GMT
Date: Wed, 25 Jan 2023 03:29:50 GMT
Connection: keep-alive
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 25 Jan 2023 03:29:50 GMT
Etag: "4078521116"
Expires: Thu, 25 Jan 2024 03:29:50 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=34C1CAB0283578DC0E8A18454B6BE684:FG=1; max-age=31536000; expires=Thu, 25-Jan-24 03:29:50 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash e118b4aa46bb3e8a96489e01c5b9a753
0ee04028647671e48ad7e2104143d40f29035285
b36318c16c700bbb072f0476b8105cce4174af4c58b54e3c5c9cefb9258e018a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 28 Jan 2023 23:30:15 GMT
ETag: "0ee04028647671e48ad7e2104143d40f29035285"
Last-Modified: Tue, 24 Jan 2023 23:30:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2474
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78eded44f995b51d-OSL
12741.url.tudown.com/template/company/955yx/images/home.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12741.url.tudown.com/template/company/955yx/images/home.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 302b4d0465daebb6a02b59b721d92a41
20d18d0cb9f052ec48b775ec2de2e8ce1a233c1e
a7fa550286b2b0974ab70bbadbe26cfa5b6770da8a71445b3b3f87abd896d3f2
GET /template/company/955yx/images/home.png HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/template/company/955yx/css/gb.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/png
Content-Length: 1270
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-4f6"
Accept-Ranges: bytes
12741.url.tudown.com/static/api/http://12741.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465170
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12741.url.tudown.com/static/api/http://12741.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465170
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Malware
GET /static/api/http://12741.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465170 HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12741.url.tudown.com/uploads/images/622860.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/622860.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/622860.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1777911757,1131863397&fm=224&app=112&f=JPEG?w=500&h=500
12741.url.tudown.com/uploads/images/647388.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/647388.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/647388.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=716438161,95876014&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
12741.url.tudown.com/uploads/images/89706.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/89706.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/89706.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2472347964,2075267330&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
ocsp.crlocsp.cn/
101.198.193.5200 OK 472 B IP 101.198.193.5:0
ASN #55992 Beijing Qihu Technology Company Limited
Hash 7292826a2d7127ac31efaf0ee2612171
7ff3dd60e8f41b916aa9184c88da450a165efd3d
e2ee754a34ef9d7a5779a0682da51ac940acc72f48053e588cc3f7d9479d92d8
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.9.14
Date: Wed, 25 Jan 2023 03:29:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Content-Transfer-Encoding: Binary
Last-modified: Tue, 24 Jan 2023 19:32:12 GMT
Expires: Tue, 31 Jan 2023 19:32:11 GMT
ETag: "7FF3DD60E8F41B916AA9184C88DA450A165EFD3D"
cache-control: max-age=172800,public,no-transform,must-revalidate
12741.url.tudown.com/template/company/955yx/images/bgs.png
154.218.151.71200 OK 101 kB URL HTTP/1.1 12741.url.tudown.com/template/company/955yx/images/bgs.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 500 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 101 kB (101362 bytes)
Hash 1621ecee9c5f80ff96ab42e1ee259f58
5867acc872a638e86b981dbd81632c219a8093ec
f7809c07dbf542cc134fa715f678d4fba323bffdc649c9fb85a866b55b0c47f9
GET /template/company/955yx/images/bgs.png HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/template/company/955yx/css/gb.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:50 GMT
Content-Type: image/png
Content-Length: 101362
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Connection: keep-alive
ETag: "60c86fef-18bf2"
Accept-Ranges: bytes
12741.url.tudown.com/uploads/images/276657.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/276657.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/276657.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3352498639,1563742605&fm=224&app=112&f=JPEG?w=500&h=500&s=AF40E112574776E622B59AC7030030A1
12741.url.tudown.com/uploads/images/228797.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/228797.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/228797.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2638539922,2882656900&fm=224&app=112&f=JPEG?w=500&h=500
12741.url.tudown.com/uploads/images/785018.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/785018.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/785018.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=801600846,3794814401&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
api.share.baidu.com/s.gif?l=http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 25 Jan 2023 03:29:51 GMT
12741.url.tudown.com/uploads/images/624972.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/624972.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/624972.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1754256136,1046376279&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
12741.url.tudown.com/uploads/images/482582.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/482582.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/482582.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2971222348,3774757937&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
12741.url.tudown.com/template/company/955yx/images/litterstar.png
154.218.151.71200 OK 1.7 kB URL HTTP/1.1 12741.url.tudown.com/template/company/955yx/images/litterstar.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 73 x 143, 8-bit colormap, non-interlaced\012- data
Hash d130270dc6abd41d1d40acbe01e36739
5dec8c0c88e9c3dfb13cbfc7d1d9818baa7ee96c
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b
GET /template/company/955yx/images/litterstar.png HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/template/company/955yx/css/gb.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/png
Content-Length: 1706
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Connection: keep-alive
ETag: "60c86ff1-6aa"
Accept-Ranges: bytes
12741.url.tudown.com/uploads/images/426716.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/426716.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/426716.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1508137495,276103181&fm=224&app=112&f=JPEG?w=500&h=500
12741.url.tudown.com/uploads/images/101025.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/101025.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/101025.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2990435827,118047766&fm=253&app=120&f=JPEG?w=1280&h=800
s.360.cn/so/zz.gif?url=http%3A%2F%2F12741.url.tudown.com%2Fdown%2Fanybizsoftpdfconverter%40418_34821.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b132f824835_2851f42@drbe
180.163.251.231200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12741.url.tudown.com%2Fdown%2Fanybizsoftpdfconverter%40418_34821.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b132f824835_2851f42@drbe
IP 180.163.251.231:0
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12741.url.tudown.com%2Fdown%2Fanybizsoftpdfconverter%40418_34821.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b132f824835_2851f42@drbe HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Thu, 01 Aug 2019 13:00:35 GMT
Connection: keep-alive
ETag: "5d42e273-0"
Accept-Ranges: bytes
12741.url.tudown.com/uploads/images/93837.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/93837.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/93837.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=775305491,2886062248&fm=253&fmt=auto?w=120&h=80
img1.baidu.com/it/u=3587721667,3025861923&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=119
113.219.142.35200 OK 3.3 kB URL HTTP/2 img1.baidu.com/it/u=3587721667,3025861923&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=119
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x119, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ecf1e4373ab3492c4ce094bb62caebc0
0f8d346fd2f4a2ce81200a75610d19612231e50d
5e71da7cb612593f75419e8e5c0cc57e43c1d5597cecd68d0bbfe70c5263827e
GET /it/u=3587721667,3025861923&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=119 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 3302
expires: Sat, 04 Feb 2023 03:33:04 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: ecf1e4373ab3492c4ce094bb62caebc0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 03:33:04 GMT
ohc-cache-hit: chenzct56 [1], xiangyix56 [4]
ohc-file-size: 3302
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/672390.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/672390.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/672390.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=6973618,1282882433&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=252
img2.baidu.com/it/u=1754256136,1046376279&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
113.219.142.35200 OK 4.5 kB URL HTTP/2 img2.baidu.com/it/u=1754256136,1046376279&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 224x224, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ffee779a64d7b60bba4f12a3cb782100
cc88bd3ff961f59d61d2f89211ab64f9c455e250
910263421737a3a34505f7c22f0c3a939975ee3f4c7dffca10a572578d9cb117
GET /it/u=1754256136,1046376279&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 4502
expires: Tue, 21 Feb 2023 02:20:11 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: ffee779a64d7b60bba4f12a3cb782100
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:20:11 GMT
ohc-cache-hit: chenzct71 [1], suzix71 [4]
ohc-file-size: 4502
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/470891.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/470891.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/470891.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1942069330,4217000948&fm=224&app=112&f=JPEG?w=500&h=500
12741.url.tudown.com/uploads/images/76750.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/76750.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/76750.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=418163684,3314663811&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=3352498639,1563742605&fm=224&app=112&f=JPEG?w=500&h=500&s=AF40E112574776E622B59AC7030030A1
185.10.104.124200 OK 33 kB URL HTTP/1.1 t15.baidu.com/it/u=3352498639,1563742605&fm=224&app=112&f=JPEG?w=500&h=500&s=AF40E112574776E622B59AC7030030A1
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash cadae9e9a0c3f9fee5e0c2399f5ef1e6
1a1f60980ed243f7d59dd984c13cb6a1a618f1dd
fa13d8672488cb679a12e8f7b83f1b34b08509bd1770c100cd4457b173bc0301
GET /it/u=3352498639,1563742605&fm=224&app=112&f=JPEG?w=500&h=500&s=AF40E112574776E622B59AC7030030A1 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpeg
Content-Length: 33106
Connection: keep-alive
Expires: Sat, 04 Feb 2023 08:26:52 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: cadae9e9a0c3f9fee5e0c2399f5ef1e6
Age: 1146342
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 08:26:50 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache53 [2], qdix241 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33106
X-Cache-Status: HIT
Timing-Allow-Origin: *
12741.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674617389306
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12741.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674617389306
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 850bd49f4cfc5eca1fbd096cde2cc049
91357a24e503e1ab47034163064e4138e5213371
613e2740b22e4a36a33d6b2baf51863095070b500611cb826485408b96d3ca35
GET /index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1674617389306 HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
t15.baidu.com/it/u=2638539922,2882656900&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 49 kB URL HTTP/1.1 t15.baidu.com/it/u=2638539922,2882656900&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 35852f52ffde9704b6808b69fca70808
9d0b34934c9e904d49be3b0aaa63162b29df5a0d
0dc534775f0fadec05d7669dd54bb65c79a3a5c0f18f5a2bb14221177d4994cf
GET /it/u=2638539922,2882656900&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpeg
Content-Length: 49151
Connection: keep-alive
Expires: Mon, 20 Feb 2023 03:45:02 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 35852f52ffde9704b6808b69fca70808
Age: 174591
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 03:45:02 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache57 [1], xaix243 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 49151
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1777911757,1131863397&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 45 kB URL HTTP/1.1 t15.baidu.com/it/u=1777911757,1131863397&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 30418460ca4ded09b0b83643d8e9796b
31a78123590bd605fb8a59fa81693d982c8d045d
449e742c03c589815794deca3ee8ca8503fc2e0210dd6bb13a6a15ef4a855fb9
GET /it/u=1777911757,1131863397&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpeg
Content-Length: 44954
Connection: keep-alive
Expires: Tue, 21 Feb 2023 13:44:42 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 30418460ca4ded09b0b83643d8e9796b
Age: 172620
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 13:44:42 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache53 [1], xiangyix221 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44954
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1508137495,276103181&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t15.baidu.com/it/u=1508137495,276103181&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f5ae181dda2c0292f1605600cb31e380
623a247e7f782d19dc086b7119657d2cc9b6736e
9ca5906fcff81e57ddaa07220dd4751a97433abc94ba1139ff5e0b2d81ffdba5
GET /it/u=1508137495,276103181&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpeg
Content-Length: 40304
Connection: keep-alive
Expires: Mon, 06 Feb 2023 14:04:36 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: f5ae181dda2c0292f1605600cb31e380
Age: 1144984
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 14:04:36 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache51 [1], csix83 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 40304
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1942069330,4217000948&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 36 kB URL HTTP/1.1 t15.baidu.com/it/u=1942069330,4217000948&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 44080981f7ebb095e44ade69eecbc136
2372b2fb9cc6325f0cbbefac1f74e309a38d3d06
266d3f79854a4cd4198a69a805381652527596ec2b220b4695b72d356f27ccb2
GET /it/u=1942069330,4217000948&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpeg
Content-Length: 35951
Connection: keep-alive
Expires: Sun, 05 Feb 2023 23:59:39 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 44080981f7ebb095e44ade69eecbc136
Age: 1144568
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 23:59:39 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache53 [4], csix66 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 35951
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=418163684,3314663811&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 45 kB URL HTTP/1.1 t14.baidu.com/it/u=418163684,3314663811&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 46de1597e87b38265683e0247ca65691
f5a10659b5731e49489f22ccb74b4ef9e73c723b
7386b76d4f1dea09a0faf44ef4942710dbb3ec8fda629d1fdb62af25e0d88c54
GET /it/u=418163684,3314663811&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpeg
Content-Length: 44756
Connection: keep-alive
Expires: Mon, 20 Feb 2023 16:20:48 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 46de1597e87b38265683e0247ca65691
Age: 110606
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 16:20:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache57 [4], xiangyix57 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44756
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3443770746,879747305&fm=253&app=120&f=JPEG?w=720&h=1280
113.219.142.35200 OK 79 kB URL HTTP/1.1 img1.baidu.com/it/u=3443770746,879747305&fm=253&app=120&f=JPEG?w=720&h=1280
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 720x1280, components 3\012- data
Hash 690fe70c9ea50f1c544f08a113232bcd
5aa4abab1a6609f1ebc61d581e534114c542a702
f41f68f9770bbd6c7891bda5256ba3894947e1a50c32769291b4c67358962c9c
GET /it/u=3443770746,879747305&fm=253&app=120&f=JPEG?w=720&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpeg
Content-Length: 78916
Connection: keep-alive
Expires: Wed, 22 Feb 2023 09:06:30 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 690fe70c9ea50f1c544f08a113232bcd
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 09:06:30 GMT
Ohc-Cache-HIT: chenzct71 [1], xaix132 [4]
Ohc-File-Size: 78916
X-Cache-Status: MISS
12741.url.tudown.com/uploads/images/656383.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/656383.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/656383.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2259753462,3641194808&fm=253&fmt=auto?w=1280&h=800
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 8754034f81af65c554900db32cfd50f4
72ff8c28bfe8d7e72ed88a3f7ae3cd10de727cec
ec2ff702507adaf56543b52f1cb0b3a34e0af9ced229a07d6d656bcfa2b4bfe7
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12741.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Wed, 25 Jan 2023 03:29:51 GMT
Etag: 02ef3cbeca4f7e620024d4bb20d760b7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1FF7EE865AEF8B81; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img1.baidu.com/it/u=2040697761,1407691448&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
113.219.142.35200 OK 33 kB URL HTTP/2 img1.baidu.com/it/u=2040697761,1407691448&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 68392ebaaac948b89a13eb8147d0565d
a3fca95b32d9b451565638d659a1835120f2347a
0be41c13ddc07153885ab92891766a07d83f4b1b3e28d739f2ea61cb997691fe
GET /it/u=2040697761,1407691448&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 32808
expires: Wed, 22 Feb 2023 02:31:06 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 68392ebaaac948b89a13eb8147d0565d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:31:06 GMT
ohc-cache-hit: chenzct57 [1], xaix57 [4]
ohc-file-size: 32808
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=386537375,2577027450&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
113.219.142.35200 OK 32 kB URL HTTP/2 img1.baidu.com/it/u=386537375,2577027450&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x312, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e00b2adac9eb259ca6155a51bc18dd0
d1b7c00f7452c0e84abefb0f7a55f0c227d8555c
b28d6475a1d9fd3fcbc4fc46f1e170324ed6bb11a22bbb3b4e33a4445b3abde9
GET /it/u=386537375,2577027450&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 31864
expires: Fri, 17 Feb 2023 07:06:31 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0e00b2adac9eb259ca6155a51bc18dd0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 07:06:31 GMT
ohc-cache-hit: chenzct75 [1], czix151 [2]
ohc-file-size: 31864
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/594646.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/594646.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/594646.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2762903417,203884732&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=3256899549,2450678972&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
113.219.142.35200 OK 47 kB URL HTTP/2 img2.baidu.com/it/u=3256899549,2450678972&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c1a5b7177aee2bee3d63951798bf1080
f24a6dac0260846704dc9710754c852f51afc280
59ccd2d98257523c7eac848c910a6c0da6330242e05240b46edd333f0e221491
GET /it/u=3256899549,2450678972&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 46578
expires: Tue, 21 Feb 2023 05:33:57 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c1a5b7177aee2bee3d63951798bf1080
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:33:57 GMT
ohc-cache-hit: chenzct73 [1], qdix196 [4]
ohc-file-size: 46578
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2971222348,3774757937&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
113.219.142.35200 OK 3.9 kB URL HTTP/2 img2.baidu.com/it/u=2971222348,3774757937&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash def18d44d97940acca2d09fea5a008ec
828f8814e55783d18afa9f9616929ffdd93890ff
8c9dbe0a51f098757b3cbea767ee95c4a967f142b3aa2e90606ed6c927f05301
GET /it/u=2971222348,3774757937&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 3862
expires: Wed, 08 Feb 2023 09:00:52 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: def18d44d97940acca2d09fea5a008ec
age: 4879
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 09:00:52 GMT
ohc-cache-hit: chenzct63 [4], csix115 [4]
ohc-file-size: 3862
x-cache-status: HIT
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/850744.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/850744.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/850744.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2123641741,3702092927&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
t13.baidu.com/it/u=2762903417,203884732&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t13.baidu.com/it/u=2762903417,203884732&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a7b0a5f37f3b23acaccbe844e509ccaf
3523e75840c17a55d53e08f1599a1cf73ce7a596
79b7630524161a8fc2ac68f09a3166ecb38c373b05b4c1b100b1c7fe2ca9d06a
GET /it/u=2762903417,203884732&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpeg
Content-Length: 39694
Connection: keep-alive
Expires: Fri, 27 Jan 2023 02:59:50 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: a7b0a5f37f3b23acaccbe844e509ccaf
Age: 1146357
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 02:59:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache58 [1], czix163 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39694
X-Cache-Status: HIT
Timing-Allow-Origin: *
12741.url.tudown.com/uploads/images/491092.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/491092.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/491092.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=4082067138,2474433319&fm=253&app=120&f=JPEG?w=432&h=432
12741.url.tudown.com/uploads/images/752244.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/752244.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/752244.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=590195865,3500622902&fm=253&app=120&f=JPEG?w=750&h=1334
img1.baidu.com/it/u=716438161,95876014&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
113.219.142.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=716438161,95876014&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f414daa8d66ec48999285313cfd1ab96
9f7e4e71f011155648651515103b831e051e7f37
ccad2c52374e85f987dad3f370ce1c84a4c8ddb2095a0127ad413d5c16a41058
GET /it/u=716438161,95876014&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 26970
expires: Wed, 08 Feb 2023 01:52:00 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: f414daa8d66ec48999285313cfd1ab96
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 01:52:00 GMT
ohc-cache-hit: chenzct70 [1], xaix104 [4]
ohc-file-size: 26970
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/310205.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/310205.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/310205.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=741595287,158271964&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=2990435827,118047766&fm=253&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 84 kB URL HTTP/1.1 img1.baidu.com/it/u=2990435827,118047766&fm=253&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 79b0691ce3445b2cc946303e99ed6cd9
5763cf057ce8aae22b78492a0256c2ea63ffacd7
9f07ca69eacfcd25894a3291dc2c04da3dbbc8e8667ff0c1df5ec59ca726cce2
GET /it/u=2990435827,118047766&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:51 GMT
Content-Type: image/jpeg
Content-Length: 84398
Connection: keep-alive
Expires: Fri, 10 Feb 2023 21:16:08 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 79b0691ce3445b2cc946303e99ed6cd9
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 21:16:08 GMT
Ohc-Cache-HIT: chenzct56 [1], qdix148 [4]
Ohc-File-Size: 84398
X-Cache-Status: MISS
t13.baidu.com/it/u=741595287,158271964&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 53 kB URL HTTP/1.1 t13.baidu.com/it/u=741595287,158271964&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2bb838cd0894c394d754665084cb985d
50132e2ed80f891e6487afdba28d924ede79e825
9937c6d4098def521eb1a12d596554feec9d9641b9e1ec73a0aab5863432912a
GET /it/u=741595287,158271964&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpeg
Content-Length: 53266
Connection: keep-alive
Expires: Sun, 29 Jan 2023 11:01:49 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 2bb838cd0894c394d754665084cb985d
Age: 2219283
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 30 Dec 2022 11:01:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache57 [1], xiangyix103 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53266
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=801600846,3794814401&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
113.219.142.35200 OK 11 kB URL HTTP/2 img1.baidu.com/it/u=801600846,3794814401&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x185, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ecc59f1038f1b5f1dc95b89542e58b58
7db0950aac26583a9be9594221ef547bf0cbba92
e459c2aa93bf62328eabc89447e7644c186701489d0aa155a3cea792273fc133
GET /it/u=801600846,3794814401&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 11190
expires: Tue, 21 Feb 2023 00:16:32 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ecc59f1038f1b5f1dc95b89542e58b58
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 00:16:32 GMT
ohc-cache-hit: chenzct65 [1], qdix89 [2]
ohc-file-size: 11190
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=775305491,2886062248&fm=253&fmt=auto?w=120&h=80
113.219.142.35200 OK 3.6 kB URL HTTP/1.1 img0.baidu.com/it/u=775305491,2886062248&fm=253&fmt=auto?w=120&h=80
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5bedb19d5c1b1467aead221f3d36f82f
edcc00154c5875e1729dd50812f6f91aecca488f
d5eeab4ccd3a59db381763e9fc8ad1edb706ebbfda331ce7be85dfc279fb88a0
GET /it/u=775305491,2886062248&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/webp
Content-Length: 3564
Connection: keep-alive
Expires: Fri, 24 Feb 2023 03:03:33 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 5bedb19d5c1b1467aead221f3d36f82f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 03:03:33 GMT
Ohc-Cache-HIT: chenzct65 [1], xaix249 [4]
Ohc-File-Size: 3564
X-Cache-Status: MISS
img1.baidu.com/it/u=6973618,1282882433&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=252
113.219.142.35200 OK 9.0 kB URL HTTP/2 img1.baidu.com/it/u=6973618,1282882433&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=252
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 448x252, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 98622efc5caafe14c10066f22979c836
d8b43a474c6bdec60360274578b9bf1f7a082d1b
9604f7f8194f5f0abeac08fa2fd89686990e5dab1db0560c13fbb362c3e1e465
GET /it/u=6973618,1282882433&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=252 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 9006
expires: Mon, 06 Feb 2023 14:04:35 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 98622efc5caafe14c10066f22979c836
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 14:04:35 GMT
ohc-cache-hit: chenzct53 [1], xaix221 [4]
ohc-file-size: 9006
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1674617390&rnd=590224375&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=1535&r=0&ww=1280&u=http%3A%2F%2F12741.url.tudown.com%2Fdown%2Fanybizsoftpdfconverter%40418_34821.exe&tt=ebet%E7%9C%9F%E4%BA%BA%E7%94%B5%E7%AB%9E%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1674617390&rnd=590224375&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=1535&r=0&ww=1280&u=http%3A%2F%2F12741.url.tudown.com%2Fdown%2Fanybizsoftpdfconverter%40418_34821.exe&tt=ebet%E7%9C%9F%E4%BA%BA%E7%94%B5%E7%AB%9E%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1674617390&rnd=590224375&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=1535&r=0&ww=1280&u=http%3A%2F%2F12741.url.tudown.com%2Fdown%2Fanybizsoftpdfconverter%40418_34821.exe&tt=ebet%E7%9C%9F%E4%BA%BA%E7%94%B5%E7%AB%9E%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12741.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 25 Jan 2023 03:29:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=702304234793C475; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img0.baidu.com/it/u=2404954209,915275318&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
113.219.142.35200 OK 28 kB URL HTTP/2 img0.baidu.com/it/u=2404954209,915275318&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7921a124057457616296306d91040f43
3ae833334df239837ea493a1f78bb3621f330b40
31780d4749b90be1455560ce9cfb0a638dea3925277ebf4536707850dfa57929
GET /it/u=2404954209,915275318&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 27516
expires: Sun, 29 Jan 2023 18:32:55 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 7921a124057457616296306d91040f43
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 18:32:55 GMT
ohc-cache-hit: chenzct83 [1], suzix236 [2]
ohc-file-size: 27516
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/api.php?op=digg&action=show&id=23038
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12741.url.tudown.com/api.php?op=digg&action=show&id=23038
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /api.php?op=digg&action=show&id=23038 HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
img2.baidu.com/it/u=2123641741,3702092927&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
113.219.142.35200 OK 27 kB URL HTTP/2 img2.baidu.com/it/u=2123641741,3702092927&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e3e7f219b058a2675ff0c38b14a5a7b6
1e319ba3ae4304126c30019349ec2b2b83b57992
b446e230a5209e5454c62d5d01957da1eb75c11b2c07c5114e792f9fe73cdf92
GET /it/u=2123641741,3702092927&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:52 GMT
content-type: image/webp
content-length: 27256
expires: Tue, 14 Feb 2023 01:46:19 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: e3e7f219b058a2675ff0c38b14a5a7b6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 01:46:19 GMT
ohc-cache-hit: chenzct87 [1], xiangyix243 [2]
ohc-file-size: 27256
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2472347964,2075267330&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
113.219.142.35200 OK 19 kB URL HTTP/2 img0.baidu.com/it/u=2472347964,2075267330&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e1ce3cd4b31f8b8b0ff50891ece2f121
dbd8ebb0f19dc0958c0919713ab18edecbfb82e5
839035d3a622ce37356ea5dda7ca6bfdb1637c19ed8bfef08afe415825c6bf82
GET /it/u=2472347964,2075267330&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:51 GMT
content-type: image/webp
content-length: 19246
expires: Sun, 19 Feb 2023 17:46:51 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: e1ce3cd4b31f8b8b0ff50891ece2f121
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 17:46:51 GMT
ohc-cache-hit: chenzct64 [1], xaix142 [2]
ohc-file-size: 19246
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/611105.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/611105.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/611105.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=511502182,17843893&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=121
12741.url.tudown.com/uploads/images/787920.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/787920.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/787920.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2579793078,23974777&fm=253&fmt=auto&app=138&f=JPEG?w=231&h=500
12741.url.tudown.com/uploads/images/222907.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/222907.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/222907.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3242870378,644031755&fm=253&fmt=auto?w=130&h=170
img1.baidu.com/it/u=2259753462,3641194808&fm=253&fmt=auto?w=1280&h=800
113.219.142.35200 OK 36 kB URL HTTP/2 img1.baidu.com/it/u=2259753462,3641194808&fm=253&fmt=auto?w=1280&h=800
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c7d0704265db77cd84d93bb862c5120
a4c0edaf1adabf43f13d0e43d39c28f9c4672b5b
09fc8ce98a3308d53fa20fb5afa16cd364fb7bdcf4899a50cad880775a912512
GET /it/u=2259753462,3641194808&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:52 GMT
content-type: image/webp
content-length: 36000
expires: Fri, 24 Feb 2023 03:10:21 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 8c7d0704265db77cd84d93bb862c5120
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 03:10:21 GMT
ohc-cache-hit: chenzct52 [1], xiangyix52 [4]
ohc-file-size: 36000
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.7 kB URL HTTP/1.1 12741.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 8e1148b1329bb78eb910544173377e16
38721ee7c89a5f06f79b60797daff7de91dd9a79
41af1b6ee92850bcca089e3555cd27773fbd14646c8e5273fe59d5078af9edac
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
img0.baidu.com/it/u=4082067138,2474433319&fm=253&app=120&f=JPEG?w=432&h=432
113.219.142.35200 OK 18 kB URL HTTP/1.1 img0.baidu.com/it/u=4082067138,2474433319&fm=253&app=120&f=JPEG?w=432&h=432
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 432x432, components 3\012- data
Hash 2a27ea01ce1859d5bba3da6bf24386cf
77051ecf110fc5148bb9a0ef5edf2ba9952a6509
13fc89a6a061e76d829af1b631f5f5efadf41e7276165aea35dcab432e285b1b
GET /it/u=4082067138,2474433319&fm=253&app=120&f=JPEG?w=432&h=432 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpeg
Content-Length: 17917
Connection: keep-alive
Expires: Thu, 23 Feb 2023 20:16:22 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 2a27ea01ce1859d5bba3da6bf24386cf
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 20:16:22 GMT
Ohc-Cache-HIT: chenzct83 [1], suzix215 [4]
Ohc-File-Size: 17917
X-Cache-Status: MISS
12741.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.7 kB URL HTTP/1.1 12741.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 9cbc937f0ac19ee1324c9ed7dc885b82
fa9bebf9d6e23d5384e9d32d70466249047bf4c8
951d923fd8c68f778bbd2a3c1850f8052442d8409a37c2ffbc2df8f7642d50b3
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12741.url.tudown.com/uploads/images/931543.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/931543.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/931543.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2526389969,98179592&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img1.baidu.com/it/u=2579793078,23974777&fm=253&fmt=auto&app=138&f=JPEG?w=231&h=500
113.219.142.35200 OK 12 kB URL HTTP/2 img1.baidu.com/it/u=2579793078,23974777&fm=253&fmt=auto&app=138&f=JPEG?w=231&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 231x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b87af3227390d55be2cfe69c9603d5af
350de64b3c47661c225f375b4be7d8d8eb018a3f
224184137b3b644fab35ec1efcf581da7ed69b7ff6a344da1f5d5c3bacad7e5d
GET /it/u=2579793078,23974777&fm=253&fmt=auto&app=138&f=JPEG?w=231&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:52 GMT
content-type: image/webp
content-length: 11608
expires: Mon, 20 Feb 2023 09:56:28 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: b87af3227390d55be2cfe69c9603d5af
age: 169004
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 09:56:28 GMT
ohc-cache-hit: chenzct69 [4], czix161 [2]
ohc-file-size: 11608
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=511502182,17843893&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=121
113.219.142.35200 OK 2.8 kB URL HTTP/2 img2.baidu.com/it/u=511502182,17843893&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=121
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x121, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e814b3777b34c831ab987560e49b334
ebc525d6da5fb79f0ad0f7723e8461f7910887d8
40988ed75ffa0230da6aec0c4b7672a943d33a9144e86875fa079eebfe17b9c1
GET /it/u=511502182,17843893&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=121 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:52 GMT
content-type: image/webp
content-length: 2774
expires: Wed, 01 Feb 2023 04:54:10 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 0e814b3777b34c831ab987560e49b334
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 04:54:10 GMT
ohc-cache-hit: chenzct85 [1], csix103 [2]
ohc-file-size: 2774
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/848999.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/848999.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/848999.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3499774136,2999062280&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
12741.url.tudown.com/uploads/images/320961.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/320961.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/320961.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2496879742,877807975&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=2496879742,877807975&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 53 kB URL HTTP/1.1 t13.baidu.com/it/u=2496879742,877807975&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9372627c46f636f739d6491491a7e700
852abebdfea44c3042da2984eeca29c1259898bb
95c3ec0444f1401466e48c2dfda98bf47957bf60465aa019552e33c76015b877
GET /it/u=2496879742,877807975&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpeg
Content-Length: 53041
Connection: keep-alive
Expires: Wed, 01 Feb 2023 13:35:11 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 9372627c46f636f739d6491491a7e700
Age: 1214783
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 13:35:11 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache63 [1], xaix92 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53041
X-Cache-Status: HIT
Timing-Allow-Origin: *
12741.url.tudown.com/uploads/images/768830.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/768830.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/768830.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4270984546,254599256&fm=224&app=112&f=JPEG?w=500&h=333
img2.baidu.com/it/u=3242870378,644031755&fm=253&fmt=auto?w=130&h=170
113.219.142.35200 OK 8.3 kB URL HTTP/2 img2.baidu.com/it/u=3242870378,644031755&fm=253&fmt=auto?w=130&h=170
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d3c9ae4b4c6cc3171b9f6172d9902e7f
0c61d6eafbe1e98f13ed3fd8bdd6acadc4dcea77
480d3a44bbd18ecd8ec7693b864261127c3e5490a724275d711664e151a4efa5
GET /it/u=3242870378,644031755&fm=253&fmt=auto?w=130&h=170 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:52 GMT
content-type: image/webp
content-length: 8324
expires: Tue, 21 Feb 2023 09:57:48 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d3c9ae4b4c6cc3171b9f6172d9902e7f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 09:57:48 GMT
ohc-cache-hit: chenzct78 [1], suzix214 [2]
ohc-file-size: 8324
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=4270984546,254599256&fm=224&app=112&f=JPEG?w=500&h=333
185.10.104.124200 OK 34 kB URL HTTP/1.1 t15.baidu.com/it/u=4270984546,254599256&fm=224&app=112&f=JPEG?w=500&h=333
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x333, components 3\012- data
Hash a58436765944b227baf091ae642c4041
16a9b10cc4ffed02dd4c62068644e35d3f10da86
edbf9d70af6142aec3f95494d4106dba96e3014973c4844fb348ca7d2cc9def8
GET /it/u=4270984546,254599256&fm=224&app=112&f=JPEG?w=500&h=333 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpeg
Content-Length: 33826
Connection: keep-alive
Expires: Sat, 04 Feb 2023 06:58:38 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: a58436765944b227baf091ae642c4041
Age: 1482482
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 06:58:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache51 [4], csix113 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33826
X-Cache-Status: HIT
Timing-Allow-Origin: *
12741.url.tudown.com/uploads/images/5662.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/5662.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/5662.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1157702051,1726732525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400
12741.url.tudown.com/uploads/images/998917.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/998917.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/998917.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=852640142,1624941626&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
12741.url.tudown.com/uploads/images/273609.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/273609.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/273609.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2460471329,3071393228&fm=253&fmt=auto&app=120&f=PNG?w=500&h=899
12741.url.tudown.com/uploads/images/345303.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/345303.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/345303.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=269132397,19628342&fm=253&fmt=auto&app=138&f=JPG?w=300&h=300
img1.baidu.com/it/u=3499774136,2999062280&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
113.219.142.35200 OK 30 kB URL HTTP/1.1 img1.baidu.com/it/u=3499774136,2999062280&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1c9be6a7bc2aa9eb8903fa5025ce4790
1b72174984a64be1c2189ceeba618b233a21261f
a4abaef6f47a6758961856d190fb92a1ef86c7205fdc4bc94fd35c3b949e5d8f
GET /it/u=3499774136,2999062280&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/webp
Content-Length: 29804
Connection: keep-alive
Expires: Fri, 03 Feb 2023 16:31:17 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 1c9be6a7bc2aa9eb8903fa5025ce4790
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 16:31:17 GMT
Ohc-Cache-HIT: chenzct53 [1], qdix233 [4]
Ohc-File-Size: 29804
X-Cache-Status: MISS
12741.url.tudown.com/uploads/images/322396.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/322396.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/322396.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1030619465,2324699286&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=489
12741.url.tudown.com/uploads/images/869100.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/869100.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/869100.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3793382937,3969258334&fm=224&app=112&f=JPEG?w=500&h=500
12741.url.tudown.com/uploads/images/251417.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/251417.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/251417.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3591137541,3947222763&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
t14.baidu.com/it/u=3793382937,3969258334&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 43 kB URL HTTP/1.1 t14.baidu.com/it/u=3793382937,3969258334&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9b460839b20572661f2d45e9f659d4a7
cd8b92947dc58fec1c78b5abf02daf1e179e57b9
59c999e855b433597fc48b804bb939b18a9e13268700b0071f0694da6e976329
GET /it/u=3793382937,3969258334&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpeg
Content-Length: 43356
Connection: keep-alive
Expires: Thu, 23 Feb 2023 17:24:45 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 9b460839b20572661f2d45e9f659d4a7
Age: 1642
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 24 Jan 2023 17:24:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache58 [1], xiangyix80 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43356
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=590195865,3500622902&fm=253&app=120&f=JPEG?w=750&h=1334
113.219.142.35200 OK 152 kB URL HTTP/1.1 img0.baidu.com/it/u=590195865,3500622902&fm=253&app=120&f=JPEG?w=750&h=1334
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x1334, components 3\012- data
Size 152 kB (152453 bytes)
Hash 460c6ebbd2ab52f459c8c3e96e31b119
07c48237796bb7a37b593e324bf075d7c22da9a2
ff72f18f70f81a7c19feddbd8e726937e145e9d4ca992548719cd153d4df0e05
GET /it/u=590195865,3500622902&fm=253&app=120&f=JPEG?w=750&h=1334 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:52 GMT
Content-Type: image/jpeg
Content-Length: 152453
Connection: keep-alive
Expires: Fri, 03 Feb 2023 06:50:14 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 460c6ebbd2ab52f459c8c3e96e31b119
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 06:50:14 GMT
Ohc-Cache-HIT: chenzct81 [2], wzix93 [4]
Ohc-File-Size: 152453
X-Cache-Status: MISS
12741.url.tudown.com/uploads/images/logo.png?n=42l2lz4fu7s3raxgw2bori4f4w32lz5irpsyrnxjqcqolduc&w=250
154.218.151.71200 OK 3.2 kB URL HTTP/1.1 12741.url.tudown.com/uploads/images/logo.png?n=42l2lz4fu7s3raxgw2bori4f4w32lz5irpsyrnxjqcqolduc&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 8eec23e2a11f9218b7e67d2db366d501
58071b804168615efc06b2177f588f82cb6545cd
984bee7ead4b3db2cbe21d53006d14ec7262e3981a3d182f28bf626e5b98aef1
GET /uploads/images/logo.png?n=42l2lz4fu7s3raxgw2bori4f4w32lz5irpsyrnxjqcqolduc&w=250 HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
img2.baidu.com/it/u=269132397,19628342&fm=253&fmt=auto&app=138&f=JPG?w=300&h=300
113.219.142.35200 OK 5.4 kB URL HTTP/2 img2.baidu.com/it/u=269132397,19628342&fm=253&fmt=auto&app=138&f=JPG?w=300&h=300
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 86aa9932139213bcaf22a13dc238ffb0
9b8399fcaafab018f77ea53443b0f576f9eba794
59020af1b5999c0cbf4318890121083275b618cf1cfec7594f67e5e065c97a11
GET /it/u=269132397,19628342&fm=253&fmt=auto&app=138&f=JPG?w=300&h=300 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 5358
expires: Thu, 02 Feb 2023 03:38:12 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 86aa9932139213bcaf22a13dc238ffb0
age: 3089
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 03:38:12 GMT
ohc-cache-hit: chenzct77 [4], csix103 [4]
ohc-file-size: 5358
x-cache-status: HIT
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/926143.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/926143.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/926143.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3672415628,631277731&fm=253&fmt=auto&app=138&f=JPEG?w=482&h=265
12741.url.tudown.com/uploads/images/538214.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/538214.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/538214.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1832424167,726485546&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
12741.url.tudown.com/uploads/images/665956.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/665956.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/665956.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1709833242,1523527873&fm=253&fmt=auto&app=138&f=PNG?w=455&h=500
12741.url.tudown.com/uploads/images/659006.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/659006.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/659006.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=242830820,2180024681&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=310
img2.baidu.com/it/u=3591137541,3947222763&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
113.219.142.35200 OK 14 kB URL HTTP/2 img2.baidu.com/it/u=3591137541,3947222763&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d27f6ec9bb0fe7e145964dad7b17ea1
a840fc4e1b4f56902f20c5d26b2a7f2923e1227e
03cd3ea66ceb5d90751a161210d64f5b0b47380aeaa4ea67e0ab25be0151043e
GET /it/u=3591137541,3947222763&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 14472
expires: Mon, 30 Jan 2023 08:51:45 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 0d27f6ec9bb0fe7e145964dad7b17ea1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 31 Dec 2022 08:51:45 GMT
ohc-cache-hit: chenzct69 [1], xiangyix220 [4]
ohc-file-size: 14472
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/441594.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/441594.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/441594.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=683178593,3295633161&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
img1.baidu.com/it/u=2460471329,3071393228&fm=253&fmt=auto&app=120&f=PNG?w=500&h=899
113.219.142.35200 OK 111 kB URL HTTP/2 img1.baidu.com/it/u=2460471329,3071393228&fm=253&fmt=auto&app=120&f=PNG?w=500&h=899
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x899, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 111 kB (111000 bytes)
Hash cce05f3dafda2c97224bcb5328178f88
ab7e37fcd46238a851f666df3b211c911b2554f3
c0c4b44cbd9ffcd872bc2443dada1e852d2cece60bc01d3e218e3658290c4ea8
GET /it/u=2460471329,3071393228&fm=253&fmt=auto&app=120&f=PNG?w=500&h=899 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 111000
expires: Wed, 01 Feb 2023 21:32:25 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: cce05f3dafda2c97224bcb5328178f88
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 21:32:25 GMT
ohc-cache-hit: chenzct68 [1], csix117 [4]
ohc-file-size: 111000
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/483946.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/483946.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/483946.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=4285219697,4044719564&fm=253&app=120&f=JPEG?w=1422&h=800
12741.url.tudown.com/uploads/images/857238.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/857238.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/857238.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=31806588,1448239071&fm=253&fmt=auto?w=92&h=69
img1.baidu.com/it/u=852640142,1624941626&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
113.219.142.35200 OK 99 kB URL HTTP/2 img1.baidu.com/it/u=852640142,1624941626&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e301f5beee92a620094d9c25693102f5
c082aa755295de208287c0604bf9fe89a797d677
7b56bd13ecc97a7c45e1af105e18e98d2a44ebdce7d133eea4ade5c586e47bd8
GET /it/u=852640142,1624941626&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 98974
expires: Sun, 29 Jan 2023 13:49:13 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: e301f5beee92a620094d9c25693102f5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 13:49:13 GMT
ohc-cache-hit: chenzct85 [1], csix91 [4]
ohc-file-size: 98974
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1030619465,2324699286&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=489
113.219.142.35200 OK 7.8 kB URL HTTP/2 img0.baidu.com/it/u=1030619465,2324699286&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=489
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x489, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e644257bac9dd9196b4d50fc3b0e0e87
5e61d4f9bdcc895185b37051b1dae37f0a75b5e8
189e33df170c6320b8f9f6b7acca43a86101f53d6ea0910c91dd7e1b207229fc
GET /it/u=1030619465,2324699286&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=489 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 7792
expires: Mon, 13 Feb 2023 03:49:18 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: e644257bac9dd9196b4d50fc3b0e0e87
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 14 Jan 2023 03:49:18 GMT
ohc-cache-hit: chenzct85 [1], xiangyix204 [4]
ohc-file-size: 7792
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/697149.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/697149.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/697149.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=679936791,1520268450&fm=253&fmt=auto?w=130&h=170
img0.baidu.com/it/u=2526389969,98179592&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
113.219.142.35200 OK 34 kB URL HTTP/2 img0.baidu.com/it/u=2526389969,98179592&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f26ffbc8184d5f24c1c322ef1efab81
c3f3715e75ace0897d9493ec9394b30793dc5bde
e560785417d4fdd167ef8b2d267cdbadecc3dd36b1e9de16ab3a82a238b55528
GET /it/u=2526389969,98179592&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 34260
expires: Tue, 21 Feb 2023 15:18:26 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 5f26ffbc8184d5f24c1c322ef1efab81
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 15:18:26 GMT
ohc-cache-hit: chenzct70 [1], czix174 [2]
ohc-file-size: 34260
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/703666.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/703666.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/703666.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3413453283,1500585036&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
img0.baidu.com/it/u=1157702051,1726732525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400
113.219.142.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=1157702051,1726732525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 839b7d405388084c18478f2aa00232d5
3d27b580c098647554d91c0c7a6809789271e42a
9e4b290c072242da37b1b20c6c4b16fce25fa0200cfbac09d9c267570efb55b8
GET /it/u=1157702051,1726732525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 17374
expires: Thu, 26 Jan 2023 04:18:33 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 839b7d405388084c18478f2aa00232d5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 04:18:33 GMT
ohc-cache-hit: chenzct59 [1], suzix109 [4]
ohc-file-size: 17374
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3672415628,631277731&fm=253&fmt=auto&app=138&f=JPEG?w=482&h=265
113.219.142.35200 OK 14 kB URL HTTP/2 img2.baidu.com/it/u=3672415628,631277731&fm=253&fmt=auto&app=138&f=JPEG?w=482&h=265
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 482x265, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fd601c0dc5ef58bbdd307eca1b19e00d
78c5464632c902d8f390f6503f182cbacb25f8b7
2e5447b27fe4502505693f64593910baa6e3655683ac7dcde3ad3353bba74c5f
GET /it/u=3672415628,631277731&fm=253&fmt=auto&app=138&f=JPEG?w=482&h=265 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 13750
expires: Tue, 21 Feb 2023 10:21:12 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: fd601c0dc5ef58bbdd307eca1b19e00d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 10:21:12 GMT
ohc-cache-hit: chenzct69 [1], czix230 [2]
ohc-file-size: 13750
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/386887.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/386887.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/386887.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3483534519,63594415&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
img0.baidu.com/it/u=242830820,2180024681&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=310
113.219.142.35200 OK 26 kB URL HTTP/2 img0.baidu.com/it/u=242830820,2180024681&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=310
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x310, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cfed0dd49c3c23a1270d47ff83100879
a5c7301139617ffaba11e707217bc48d8db7777f
5d3e53849d3a60ba97d05dd6862039f6e3ac82970ca790d63e625c4fd1bf2efe
GET /it/u=242830820,2180024681&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=310 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 26344
expires: Thu, 26 Jan 2023 18:47:42 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: cfed0dd49c3c23a1270d47ff83100879
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 18:47:42 GMT
ohc-cache-hit: chenzct50 [1], xaix237 [4]
ohc-file-size: 26344
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/205710.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/205710.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/205710.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1464330783,2403961584&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=440
img0.baidu.com/it/u=1832424167,726485546&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
113.219.142.35200 OK 49 kB URL HTTP/2 img0.baidu.com/it/u=1832424167,726485546&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x312, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 32a13760bc1ad27fdc3792e73364cd81
6bcc962c51f639ffb2d3037ab5dbb0100d53e706
299aa7c163e15347cfa227e8037b2349193013da38b6d626009ea6c5e5cc1e2d
GET /it/u=1832424167,726485546&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 48978
expires: Wed, 22 Feb 2023 02:05:54 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 32a13760bc1ad27fdc3792e73364cd81
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:05:54 GMT
ohc-cache-hit: chenzct58 [1], qdix58 [2]
ohc-file-size: 48978
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=683178593,3295633161&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
113.219.142.35200 OK 8.8 kB URL HTTP/2 img2.baidu.com/it/u=683178593,3295633161&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6383cd6e0a3ff3b26e6e21996bde813b
3cdce40c42ca43c885a7303a4d825e5449aeef54
547f0e90619858987ab30fe191a55211fdd215579216ef31a2d47df749904d9f
GET /it/u=683178593,3295633161&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 8834
expires: Thu, 26 Jan 2023 08:43:23 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 6383cd6e0a3ff3b26e6e21996bde813b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 08:43:23 GMT
ohc-cache-hit: chenzct79 [1], wzix79 [2]
ohc-file-size: 8834
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/17719.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/17719.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/17719.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1555309984,341195358&fm=253&fmt=auto?w=889&h=500
img1.baidu.com/it/u=4285219697,4044719564&fm=253&app=120&f=JPEG?w=1422&h=800
113.219.142.35200 OK 145 kB URL HTTP/1.1 img1.baidu.com/it/u=4285219697,4044719564&fm=253&app=120&f=JPEG?w=1422&h=800
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 145 kB (144846 bytes)
Hash ade13a242ec533556919b9486784437e
7bf287dfb3cd139782eb7a5bbb0a242ca5c8ede6
cf219aae12aa6da02700ef62e83fcf118e525d02eb181e1273056bc224c2b504
GET /it/u=4285219697,4044719564&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpeg
Content-Length: 144846
Connection: keep-alive
Expires: Sat, 11 Feb 2023 09:01:14 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: ade13a242ec533556919b9486784437e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 09:01:14 GMT
Ohc-Cache-HIT: chenzct87 [2], qdix201 [4]
Ohc-File-Size: 144846
X-Cache-Status: MISS
12741.url.tudown.com/uploads/images/545136.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/545136.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/545136.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1515663354,3513911221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
12741.url.tudown.com/uploads/images/590297.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/590297.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/590297.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2388655278,1699777075&fm=253&fmt=auto&app=138&f=JPEG?w=483&h=599
12741.url.tudown.com/uploads/images/857002.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/857002.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/857002.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1981117841,1549350870&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=659
img0.baidu.com/it/u=3413453283,1500585036&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
113.219.142.35200 OK 113 kB URL HTTP/2 img0.baidu.com/it/u=3413453283,1500585036&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 113 kB (112734 bytes)
Hash 50d89e8101e5c943479164c958d23d94
88dfc978c1f47bdf2e3019aaae31303f41a59c6a
3d34b86236304253125c40f9cc2a0f6e6a602350e323ae06a73fe365ce1fe3db
GET /it/u=3413453283,1500585036&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:53 GMT
content-type: image/webp
content-length: 112734
expires: Sat, 18 Feb 2023 12:31:06 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 50d89e8101e5c943479164c958d23d94
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 12:31:06 GMT
ohc-cache-hit: chenzct51 [1], xiangyix51 [2]
ohc-file-size: 112734
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/uploads/images/926618.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12741.url.tudown.com/uploads/images/926618.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/926618.jpg HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:29:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3595601559,4133678615&fm=253&fmt=auto&app=138&f=JPEG?w=873&h=500
img0.baidu.com/it/u=1464330783,2403961584&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=440
113.219.142.35200 OK 22 kB URL HTTP/2 img0.baidu.com/it/u=1464330783,2403961584&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=440
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 440x440, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 76c62caeef6e3e0070c463775bacf797
c70d1b64f02ba32462a52fbbf875e3f620ca84d0
7a398e561040e4695f31cf5bbe913d315d1bc804aecbaa1b2afdc64ae795a7eb
GET /it/u=1464330783,2403961584&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=440 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:54 GMT
content-type: image/webp
content-length: 21592
expires: Fri, 27 Jan 2023 09:33:48 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 76c62caeef6e3e0070c463775bacf797
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 09:33:48 GMT
ohc-cache-hit: chenzct73 [1], czix73 [4]
ohc-file-size: 21592
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1709833242,1523527873&fm=253&fmt=auto&app=138&f=PNG?w=455&h=500
113.219.142.35200 OK 50 kB URL HTTP/1.1 img2.baidu.com/it/u=1709833242,1523527873&fm=253&fmt=auto&app=138&f=PNG?w=455&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 455x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c21ba214e4caa06588fe791849e1a65
605ddce05efdfa74f853b1651fc6bc421f12f114
6159225de3069a23bb665f9143652863b045ef7b0849e4861e8e858f84541a84
GET /it/u=1709833242,1523527873&fm=253&fmt=auto&app=138&f=PNG?w=455&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12741.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:29:53 GMT
Content-Type: image/webp
Content-Length: 49916
Connection: keep-alive
Expires: Wed, 08 Feb 2023 08:35:14 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 4c21ba214e4caa06588fe791849e1a65
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 08:35:14 GMT
Ohc-Cache-HIT: chenzct74 [1], suzix109 [4]
Ohc-File-Size: 49916
X-Cache-Status: MISS
img0.baidu.com/it/u=1515663354,3513911221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
113.219.142.35200 OK 34 kB URL HTTP/2 img0.baidu.com/it/u=1515663354,3513911221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d1aa55e2260a9caf3334ed034802f0ad
b4b519dac76c316ad633f47e362a9ea4842d3076
5022e19dff551409c07ebb823baa6f32362683943988c7d005f50ee734b58593
GET /it/u=1515663354,3513911221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:54 GMT
content-type: image/webp
content-length: 34542
expires: Mon, 20 Feb 2023 07:29:47 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: d1aa55e2260a9caf3334ed034802f0ad
age: 90962
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 07:29:47 GMT
ohc-cache-hit: chenzct51 [4], xaix232 [4]
ohc-file-size: 34542
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2388655278,1699777075&fm=253&fmt=auto&app=138&f=JPEG?w=483&h=599
113.219.142.35200 OK 23 kB URL HTTP/2 img2.baidu.com/it/u=2388655278,1699777075&fm=253&fmt=auto&app=138&f=JPEG?w=483&h=599
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 483x599, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4f9e879eb31e05e111c4da5fe4b2244b
27e039f7d89a26e4abf2f8aa10385982f09cc362
ed34348ace360262e003d3a28f1ce53616980523cdf3158ed669bc4463f97e19
GET /it/u=2388655278,1699777075&fm=253&fmt=auto&app=138&f=JPEG?w=483&h=599 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:54 GMT
content-type: image/webp
content-length: 22820
expires: Fri, 10 Feb 2023 21:05:27 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 4f9e879eb31e05e111c4da5fe4b2244b
age: 3851
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:05:27 GMT
ohc-cache-hit: chenzct61 [4], bdix229 [4]
ohc-file-size: 22820
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=679936791,1520268450&fm=253&fmt=auto?w=130&h=170
113.219.142.35200 OK 11 kB URL HTTP/2 img2.baidu.com/it/u=679936791,1520268450&fm=253&fmt=auto?w=130&h=170
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6eb27e67e953452bd8aa193de5261063
bf213f8bfc11c5b46ac957a538e2c638766bf5a3
65fd5973ae85f912637644635f0e28d0ef885312fe574ca86b9545feb0e1f827
GET /it/u=679936791,1520268450&fm=253&fmt=auto?w=130&h=170 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:54 GMT
content-type: image/webp
content-length: 11032
expires: Wed, 01 Feb 2023 10:59:46 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 6eb27e67e953452bd8aa193de5261063
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 10:59:46 GMT
ohc-cache-hit: chenzct80 [1], csix109 [4]
ohc-file-size: 11032
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3483534519,63594415&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
113.219.142.35200 OK 806 B URL HTTP/2 img2.baidu.com/it/u=3483534519,63594415&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d612eea623cd502ae4de49e10998410
9d791708649a2ac89f24b4ccb155206bb9a39a11
f5dc2fa37d9a20d6e5e5d3460e5f6ac7f424174361e43f6e06e451dbee30af7d
GET /it/u=3483534519,63594415&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:54 GMT
content-type: image/webp
content-length: 806
expires: Tue, 21 Feb 2023 03:31:34 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 7d612eea623cd502ae4de49e10998410
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:31:34 GMT
ohc-cache-hit: chenzct68 [1], suzix235 [4]
ohc-file-size: 806
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=31806588,1448239071&fm=253&fmt=auto?w=92&h=69
113.219.142.35200 OK 2.7 kB URL HTTP/2 img2.baidu.com/it/u=31806588,1448239071&fm=253&fmt=auto?w=92&h=69
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 92x69, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3e42ce8fe8aae413f688824e9b4f9cb9
6a7973024b8b772ef4b3882884b1e805a0bf4392
265ffd8f67f2613bee7d7c0746ba82c168cee38859b0b855e30a836b5d23e180
GET /it/u=31806588,1448239071&fm=253&fmt=auto?w=92&h=69 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:54 GMT
content-type: image/webp
content-length: 2730
expires: Sat, 11 Feb 2023 01:18:15 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3e42ce8fe8aae413f688824e9b4f9cb9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 01:18:15 GMT
ohc-cache-hit: chenzct58 [1], bdix156 [2]
ohc-file-size: 2730
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1555309984,341195358&fm=253&fmt=auto?w=889&h=500
113.219.142.35200 OK 77 kB URL HTTP/2 img0.baidu.com/it/u=1555309984,341195358&fm=253&fmt=auto?w=889&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e5f2efadad29345a354ae1b23c0673a4
217914cc5c701733b6b25c50af4ae6a5a5a4ed2d
2ebdbc78d5259ebf52a0a827b6737746a9d0f1ec4cb297a31b5fb71fe8063084
GET /it/u=1555309984,341195358&fm=253&fmt=auto?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:54 GMT
content-type: image/webp
content-length: 77244
expires: Mon, 20 Feb 2023 07:11:01 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: e5f2efadad29345a354ae1b23c0673a4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 07:11:01 GMT
ohc-cache-hit: chenzct73 [1], bdix73 [4]
ohc-file-size: 77244
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1981117841,1549350870&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=659
113.219.142.35200 OK 41 kB URL HTTP/2 img1.baidu.com/it/u=1981117841,1549350870&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=659
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x659, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd76c05640433471c1a8ecc67d4dc1e4
785c8e9ee66a6a3586bf4691f6dfc02ac6a95ee0
d3b6d577db0dfe8a681b0672cf8313fdc043dc54dbba5f5c08d8612406e8de5b
GET /it/u=1981117841,1549350870&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=659 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:54 GMT
content-type: image/webp
content-length: 41414
expires: Mon, 06 Feb 2023 06:41:55 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: cd76c05640433471c1a8ecc67d4dc1e4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 06:41:55 GMT
ohc-cache-hit: chenzct58 [1], csix58 [2]
ohc-file-size: 41414
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3595601559,4133678615&fm=253&fmt=auto&app=138&f=JPEG?w=873&h=500
113.219.142.35200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=3595601559,4133678615&fm=253&fmt=auto&app=138&f=JPEG?w=873&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 873x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e0b589798db541bd05dedadfcd9ce94d
e13ea96a75460c20320f08347a01a8e1e2bc7ae3
d2da963e8a0f261f6adbb2aa12a9492eac7444f68cef798aa44bf33c9670df25
GET /it/u=3595601559,4133678615&fm=253&fmt=auto&app=138&f=JPEG?w=873&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12741.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:29:54 GMT
content-type: image/webp
content-length: 18758
expires: Fri, 27 Jan 2023 03:31:05 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: e0b589798db541bd05dedadfcd9ce94d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 03:31:05 GMT
ohc-cache-hit: chenzct70 [1], qdix70 [2]
ohc-file-size: 18758
x-cache-status: MISS
X-Firefox-Spdy: h2
12741.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12741.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12741.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12741.url.tudown.com/down/anybizsoftpdfconverter@418_34821.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674613299,1674617390; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1674617390
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:29:54 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff81ab3e7-027d-456c-a5b3-82591ae21bfb.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff81ab3e7-027d-456c-a5b3-82591ae21bfb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f4a3897e3588aee59378b696d2cbc78
7e02cf82b3c24f2ac0d8c105ce0ff6b3c3818847
f5171b5be7635518d40fc609d27cb2ec3706b7852c7a7dc308b7299bc1913aaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff81ab3e7-027d-456c-a5b3-82591ae21bfb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9124
x-amzn-requestid: 3a17cdd7-b883-4f91-bdae-0b278145c26b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqxwGNHIAMF3MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb580b-01b883bb2a32f45778866d89;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tt9cwMzd-hLKmEDzQnWBtTbO8qtTPMwBBkkzu1Otw-O2jY5MbqQaVw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 05:44:23 GMT
age: 78334
etag: "7e02cf82b3c24f2ac0d8c105ce0ff6b3c3818847"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2