r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16264
Expires: Sat, 04 Feb 2023 16:24:57 GMT
Date: Sat, 04 Feb 2023 11:53:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19801
Expires: Sat, 04 Feb 2023 17:23:54 GMT
Date: Sat, 04 Feb 2023 11:53:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 11:36:14 GMT
content-type: application/json
age: 1059
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8016
Expires: Sat, 04 Feb 2023 14:07:29 GMT
Date: Sat, 04 Feb 2023 11:53:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oJYXh06P5Ue+rk06mSPfDpN2P0gu0e+57f2mW7Rp+5RYomYSBhlXfe19jclak7o4AEt/wBrYDMQ=
x-amz-request-id: NTPEH9AB61SQT292
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 11:23:58 GMT
age: 1795
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 11:53:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 11:07:19 GMT
age: 2794
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10435
Expires: Sat, 04 Feb 2023 14:47:48 GMT
Date: Sat, 04 Feb 2023 11:53:53 GMT
Connection: keep-alive
12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 06bedadff78d77dc64e19863d8ee60cd
b1fb7de10c5ff58a7858a0bcbc75a4316bee8d90
6e92ba346f2c95a5ef60e27559c644ec9a7d538a2ec3853054d6da10d021bb85
Analyzer Verdict Alert fortinet Malware
GET /down/type34.6.0.0@376_33660.exe HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.185.138.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.185.138.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 064RurQ2XxaXk83HF/3gfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kZJcm58K7tuPLsK8DhTi5AMCgUo=
12804.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12804.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12804.url.tudown.com/template/company/955yx/js/searchword.js
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12804.url.tudown.com/template/company/955yx/js/searchword.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 95c12a0f8944cbd1c05e11f7a72875dd
22430886820419d75b8da5721af251bdeb6811d1
36e33550c0a108df269183b53afe7f8c86316cc7e24a84ee3804e8ae12c627eb
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/searchword.js HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff1-fb5"
Expires: Sat, 04 Feb 2023 23:53:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12804.url.tudown.com/template/company/955yx/js/week_rank.js
154.218.151.71200 OK 656 B URL HTTP/1.1 12804.url.tudown.com/template/company/955yx/js/week_rank.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 00ac918b54dd742e0ec507274205038a
6a2976eb86376f33eb4f7b587f71296f07940da5
11624c98f05816c06f80e2ea5ef22376ce5509cb2c076003f9d5f27ac81f4ec9
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/week_rank.js HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: application/javascript
Content-Length: 656
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-290"
Expires: Sat, 04 Feb 2023 23:53:54 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12804.url.tudown.com/template/company/955yx/js/script_index2.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12804.url.tudown.com/template/company/955yx/js/script_index2.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ISO-8859 text, with CRLF line terminators
Hash e3f1b130f72b9756f002c6bbbc284fb7
d51b59da45422005ca5f02b66cb02eaf1b44a8fd
3c0e569d33461414b263a4a7e6602577873e4843bb450d5de979f263d02644c9
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/script_index2.js HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff2-1f77"
Expires: Sat, 04 Feb 2023 23:53:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12804.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
154.218.151.71200 OK 41 kB URL HTTP/1.1 12804.url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (65483)
Hash aef63d51fe884fe89d488a2abc96381b
ed39edfb824178566b87b08164c7d382a119705b
51826bef0d69d08144d8605e1c56e1602cb1b6f620f854972c31080cf17d11f5
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/jquery-1.8.3.min.js HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-198c3"
Expires: Sat, 04 Feb 2023 23:53:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12804.url.tudown.com/template/company/955yx/js/api.js
154.218.151.71200 OK 22 B URL HTTP/1.1 12804.url.tudown.com/template/company/955yx/js/api.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 143a35d673d243f56603ac04a89d8099
677acddc2a341ec711d74ecfd05bb919208c23df
ab368ffd11e345075f085c40cfdd9254280e0db19ed65e2668c287b17508170f
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/api.js HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: application/javascript
Content-Length: 22
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Connection: keep-alive
ETag: "60c86ff2-16"
Expires: Sat, 04 Feb 2023 23:53:54 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12804.url.tudown.com/template/company/955yx/css/gb.css
154.218.151.71200 OK 47 kB URL HTTP/1.1 12804.url.tudown.com/template/company/955yx/css/gb.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (393), with CRLF line terminators
Hash 50dd1318432db01d440645564e53edc9
ee0cb6adb44f515312f771197c6c08b951cb7689
2b908ce7540ed6b03b07bdec7eb7eb504b76e78b3304474f40af3b8f3afb2135
GET /template/company/955yx/css/gb.css HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:54 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-30c0d"
Expires: Sat, 04 Feb 2023 23:53:54 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12804.url.tudown.com/template/company/955yx/js/gb.js
154.218.151.71200 OK 7.7 kB URL HTTP/1.1 12804.url.tudown.com/template/company/955yx/js/gb.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2a105ecd23c8abe20d0f84a4d10903a7
f3a1339005455be7df05412b2bde5d33ed096da0
9e8e3180840152689c4d7732c3660da6c766645aad88f695c041720ff5ec0a67
Analyzer Verdict Alert fortinet Malware
GET /template/company/955yx/js/gb.js HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-7685"
Expires: Sat, 04 Feb 2023 23:53:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ae58d39edb7923f0dac8e7b20767f306
827e75323edf1548d2b898b96caaec9556893e3a
2c18f66718230665099bdc4a96dbed4e667ff233f9853aebd3e0802235c658d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C18F66718230665099BDC4A96DBED4E667FF233F9853AEBD3E0802235C658D8"
Last-Modified: Thu, 02 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7892
Expires: Sat, 04 Feb 2023 14:05:27 GMT
Date: Sat, 04 Feb 2023 11:53:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11013
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 11:53:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11013
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 11:53:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11013
Expires: Sat, 04 Feb 2023 14:57:28 GMT
Date: Sat, 04 Feb 2023 11:53:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 49402
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 49225
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 50751
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 49414
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 518bba9a8770e8ff15229a68be5bddc3
139f944b3f4279e640901f7a6b993f1a49b51a22
0591e73dec2190752677f06525bc993dc8c7a5aa20984a5eda64c323188e2b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: b6c1caa9-72e4-476f-9c3d-4a746c410ba3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHLJoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-1289ef383fbad59621eda6d0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nIp2nUVnamnoTpFwrN1L4K1dqjYvcDGuV2yFqYskkXb14k72AZsjMg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:41 GMT
age: 49514
etag: "139f944b3f4279e640901f7a6b993f1a49b51a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 49414
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12804.url.tudown.com/template/company/955yx/images/home.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12804.url.tudown.com/template/company/955yx/images/home.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 302b4d0465daebb6a02b59b721d92a41
20d18d0cb9f052ec48b775ec2de2e8ce1a233c1e
a7fa550286b2b0974ab70bbadbe26cfa5b6770da8a71445b3b3f87abd896d3f2
GET /template/company/955yx/images/home.png HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/png
Content-Length: 1270
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-4f6"
Accept-Ranges: bytes
12804.url.tudown.com/static/api/http://12804.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465418
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12804.url.tudown.com/static/api/http://12804.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465418
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Malware
GET /static/api/http://12804.url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465418 HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12804.url.tudown.com/uploads/images/481750.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/481750.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/481750.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2531747096,3390494620&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/622106.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/622106.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/622106.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2762903417,203884732&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/781405.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/781405.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/781405.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3419313249,3550778672&fm=253&fmt=auto&app=120&f=JPEG?w=560&h=535
12804.url.tudown.com/uploads/images/121962.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/121962.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/121962.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2918729760,2340825081&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=120
12804.url.tudown.com/uploads/images/160054.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/160054.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/160054.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2932591613,194713924&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
12804.url.tudown.com/uploads/images/932259.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/932259.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/932259.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=925997618,3741724389&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=334
push.zhanzhang.baidu.com/push.js
182.61.240.101200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 11:53:55 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 11:53:55 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=85A1BCA42DE36105E38F30D7BFCF59D8:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 11:53:55 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
t13.baidu.com/it/u=2762903417,203884732&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t13.baidu.com/it/u=2762903417,203884732&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a7b0a5f37f3b23acaccbe844e509ccaf
3523e75840c17a55d53e08f1599a1cf73ce7a596
79b7630524161a8fc2ac68f09a3166ecb38c373b05b4c1b100b1c7fe2ca9d06a
GET /it/u=2762903417,203884732&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpeg
Content-Length: 39694
Connection: keep-alive
Expires: Sun, 26 Feb 2023 07:12:06 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: a7b0a5f37f3b23acaccbe844e509ccaf
Age: 556107
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 27 Jan 2023 07:12:06 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache58 [1], czix163 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39694
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=2531747096,3390494620&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t13.baidu.com/it/u=2531747096,3390494620&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e3ba37c306eb1faf6e13c4787a33ccdf
781ef73c9269a59524021bfbf34838846ac37991
5f5ae8cd181e235c0504cf649cfe9f71aa764268e798885aa847c6fd8eda802e
GET /it/u=2531747096,3390494620&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpeg
Content-Length: 38957
Connection: keep-alive
Expires: Fri, 03 Mar 2023 19:06:41 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e3ba37c306eb1faf6e13c4787a33ccdf
Age: 37362
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Feb 2023 19:06:41 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache51 [1], xaix186 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 38957
X-Cache-Status: HIT
Timing-Allow-Origin: *
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 896527e9b74cc1e9b5b97c09ad3b321c
77f8053e0989f43e0820de5d8ca4fa2c011dabf0
c3e179932c16e93245a00ae2c3575f1e6c0e7632a8bde1898e9e27c0b9b41e4c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 10:09:59 GMT
ETag: "77f8053e0989f43e0820de5d8ca4fa2c011dabf0"
Last-Modified: Sat, 04 Feb 2023 10:10:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2508
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7943356c2be9b523-OSL
12804.url.tudown.com/uploads/images/354872.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/354872.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/354872.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2132978343,3494159982&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/160559.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/160559.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/160559.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12804.url.tudown.com/uploads/images/999002.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/999002.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/999002.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=571008181,2799222386&fm=253&app=120&f=JPEG?w=1422&h=800
12804.url.tudown.com/uploads/images/361029.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/361029.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/361029.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=236305182,3032447140&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
12804.url.tudown.com/uploads/images/34417.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/34417.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/34417.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3978242597,2173715815&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
t14.baidu.com/it/u=2132978343,3494159982&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t14.baidu.com/it/u=2132978343,3494159982&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1755875aad2b97a57cba5b566ca56069
85ff88a3f44a5edde0c9a2fbe7bb9153874cdf1f
fbfcdfd52101bf963c17db087e494b90c1fabdf312a264b48b7064ede8735a28
GET /it/u=2132978343,3494159982&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpeg
Content-Length: 38792
Connection: keep-alive
Expires: Tue, 07 Feb 2023 15:44:03 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 1755875aad2b97a57cba5b566ca56069
Age: 2072832
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 15:44:02 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache60 [1], suzix140 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 38792
X-Cache-Status: HIT
Timing-Allow-Origin: *
12804.url.tudown.com/template/company/955yx/images/litterstar.png
154.218.151.71200 OK 1.7 kB URL HTTP/1.1 12804.url.tudown.com/template/company/955yx/images/litterstar.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 73 x 143, 8-bit colormap, non-interlaced\012- data
Hash d130270dc6abd41d1d40acbe01e36739
5dec8c0c88e9c3dfb13cbfc7d1d9818baa7ee96c
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b
GET /template/company/955yx/images/litterstar.png HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/png
Content-Length: 1706
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Connection: keep-alive
ETag: "60c86ff1-6aa"
Accept-Ranges: bytes
12804.url.tudown.com/uploads/images/800320.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/800320.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/800320.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3892276928,2071996742&fm=253&app=138&f=JPEG?w=500&h=889
api.share.baidu.com/s.gif?l=http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 11:53:56 GMT
12804.url.tudown.com/uploads/images/276288.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/276288.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/276288.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=644985597,781025333&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1918
12804.url.tudown.com/uploads/images/120072.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/120072.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/120072.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=294990675,548373592&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/893177.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/893177.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/893177.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2938893668,2106611319&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=236305182,3032447140&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
42.81.98.35200 OK 4.0 kB URL HTTP/2 img2.baidu.com/it/u=236305182,3032447140&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a235ffc5f1a815e55a9e5393fbe7a73
d3d98059344f2cea5e3ea68ac5786d43e385a7a2
e7044bcfdf85539cadb2f1e267012875256429feb2d41bd69554812cde39b582
GET /it/u=236305182,3032447140&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:56 GMT
content-type: image/webp
content-length: 3950
expires: Mon, 20 Feb 2023 05:17:25 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 1a235ffc5f1a815e55a9e5393fbe7a73
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 05:17:25 GMT
ohc-cache-hit: tj5ct54 [1], qdix130 [4]
ohc-file-size: 3950
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=294990675,548373592&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 29 kB URL HTTP/1.1 t15.baidu.com/it/u=294990675,548373592&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash cecddc59ac7b1abbaeb159c4e39db6f5
95cf2644fc1dc72d797d88970751d72d70523f11
7d3fb025d5a500cf4972861758606ffe67a0d1b12e0869880923c0da79df45b0
GET /it/u=294990675,548373592&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpeg
Content-Length: 29264
Connection: keep-alive
Expires: Mon, 27 Feb 2023 06:51:43 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: cecddc59ac7b1abbaeb159c4e39db6f5
Age: 381661
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 28 Jan 2023 06:51:43 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache63 [1], qdix76 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 29264
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=2938893668,2106611319&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 91 kB URL HTTP/1.1 t15.baidu.com/it/u=2938893668,2106611319&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash dc001a057c5b5938f3a2ab93fca8dd9c
1bdf094a45488a80ae252acabeaf228c564f3487
49496aa7dcd2cae348d7c1b0170c3e28891a6e5f27fe0089985e8565447359ac
GET /it/u=2938893668,2106611319&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpeg
Content-Length: 91204
Connection: keep-alive
Expires: Sat, 11 Feb 2023 02:35:09 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: dc001a057c5b5938f3a2ab93fca8dd9c
Age: 1873302
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 02:35:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache57 [4], xiangyix72 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 91204
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=2918729760,2340825081&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=120
58.42.14.35200 OK 5.7 kB URL HTTP/2 img1.baidu.com/it/u=2918729760,2340825081&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=120
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a6d338e990ca7f7f42e45f3c19679733
e21c6977545eaeeada2a8c42335631f5fd8a99f2
be6a05b5a3520bca58fb5b749a480cb4f4f3711d47c90462926160cf66763268
GET /it/u=2918729760,2340825081&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=120 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:56 GMT
content-type: image/webp
content-length: 5694
expires: Sun, 19 Feb 2023 12:04:23 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: a6d338e990ca7f7f42e45f3c19679733
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 12:04:23 GMT
ohc-cache-hit: gyct60 [1], qdix157 [4]
ohc-file-size: 5694
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=925997618,3741724389&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=334
58.42.14.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=925997618,3741724389&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=334
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x334, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 086cea989804f511a785de95c32c1108
cf03fe6e96e89a3bd50a9ee75d4bbfe1e55f732e
71b9a893a78b9601c0243b433b8f120a90b71c2a20a4c11bc06055610cc4b567
GET /it/u=925997618,3741724389&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=334 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:56 GMT
content-type: image/webp
content-length: 15236
expires: Mon, 20 Feb 2023 12:32:20 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 086cea989804f511a785de95c32c1108
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 12:32:20 GMT
ohc-cache-hit: gyct57 [1], czix57 [4]
ohc-file-size: 15236
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3978242597,2173715815&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
42.81.98.35200 OK 22 kB URL HTTP/2 img2.baidu.com/it/u=3978242597,2173715815&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14588f7e4af307f526dd90393decd73c
3764c660d8e351f658d3794e403e7df2e67d2d1c
c435472a1a5a386f180f0954f77b151221344e5bc89afa86a566d6977ffb6952
GET /it/u=3978242597,2173715815&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:56 GMT
content-type: image/webp
content-length: 22398
expires: Fri, 10 Feb 2023 01:55:22 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 14588f7e4af307f526dd90393decd73c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 01:55:22 GMT
ohc-cache-hit: tj5ct53 [1], qdix177 [4]
ohc-file-size: 22398
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3419313249,3550778672&fm=253&fmt=auto&app=120&f=JPEG?w=560&h=535
42.81.98.35200 OK 18 kB URL HTTP/2 img2.baidu.com/it/u=3419313249,3550778672&fm=253&fmt=auto&app=120&f=JPEG?w=560&h=535
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 560x535, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1af5ce0f617f2618a35f31f1f49334b7
4f7f20afa046a9b6d270a5d7ec1aba712a1d25e6
1cebdec399ac7fb1a01f8a1a3c956fd0f9f52610d52f572753d18b897bdbc1ad
GET /it/u=3419313249,3550778672&fm=253&fmt=auto&app=120&f=JPEG?w=560&h=535 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:56 GMT
content-type: image/webp
content-length: 18522
expires: Thu, 02 Mar 2023 04:02:18 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 1af5ce0f617f2618a35f31f1f49334b7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 04:02:18 GMT
ohc-cache-hit: tj5ct57 [2], xiangyix236 [4]
ohc-file-size: 18522
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2932591613,194713924&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
113.219.142.35200 OK 32 kB URL HTTP/2 img0.baidu.com/it/u=2932591613,194713924&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc5f6215dd0b1f4c7227452203a9db3a
69b7308f2108ac18e3f3abe2a9da3229f3c6fb2e
7e213503934b99989417c7624e89479a67e972aecc41b77eb46a11b9e67d61c4
GET /it/u=2932591613,194713924&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:56 GMT
content-type: image/webp
content-length: 31942
expires: Fri, 24 Feb 2023 11:21:37 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: dc5f6215dd0b1f4c7227452203a9db3a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 11:21:37 GMT
ohc-cache-hit: chenzct67 [1], xiangyix100 [2]
ohc-file-size: 31942
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/694425.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/694425.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/694425.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4071208146,1908421947&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
12804.url.tudown.com/uploads/images/356359.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/356359.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/356359.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=602985293,2551316718&fm=224&app=112&f=JPEG?w=400&h=400
12804.url.tudown.com/uploads/images/964495.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/964495.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/964495.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3801753224,1519685346&fm=253&app=120&f=JPEG?w=1422&h=800
12804.url.tudown.com/uploads/images/99854.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/99854.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/99854.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2098225162,3321434586&fm=253&app=120&f=JPEG?w=1280&h=800
s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
54.230.111.78200 OK 478 B URL HTTP/2 s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
IP 54.230.111.78:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /ssl/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s.ssl.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12804.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 478
date: Fri, 06 Jan 2023 02:40:18 GMT
x-qstatic-hit: 1
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"67d74adaac6d2f43"
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
expires: Mon, 03 Jan 2033 02:40:18 GMT
kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lato
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rULn4AxCOvr4JP_a4ItsGjZ86mJtvdpxkMHMXaWCfkglMcW7NF1Pog==
age: 2538818
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/156408.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/156408.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/156408.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3395640963,3704212994&fm=253&fmt=auto&app=138&f=JPG?w=265&h=136
img1.baidu.com/it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
58.42.14.35200 OK 38 kB URL HTTP/2 img1.baidu.com/it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66ada9292d240b59d68b307647bd49fa
9fa61a1d9bfaf0dbd4b878a24ef0fa2e0c2c9367
d591e5bfca293eb899821a18de26e06a1c00365055e95dc3c30362ce7d60c36a
GET /it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:56 GMT
content-type: image/webp
content-length: 38406
expires: Thu, 23 Feb 2023 10:22:27 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 66ada9292d240b59d68b307647bd49fa
age: 271379
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 10:22:27 GMT
ohc-cache-hit: gyct59 [4], xiangyix86 [2]
ohc-file-size: 38406
x-cache-status: HIT
X-Firefox-Spdy: h2
12804.url.tudown.com/template/company/955yx/images/bgs.png
154.218.151.71200 OK 101 kB URL HTTP/1.1 12804.url.tudown.com/template/company/955yx/images/bgs.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 500 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 101 kB (101362 bytes)
Hash 1621ecee9c5f80ff96ab42e1ee259f58
5867acc872a638e86b981dbd81632c219a8093ec
f7809c07dbf542cc134fa715f678d4fba323bffdc649c9fb85a866b55b0c47f9
GET /template/company/955yx/images/bgs.png HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/template/company/955yx/css/gb.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:55 GMT
Content-Type: image/png
Content-Length: 101362
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Connection: keep-alive
ETag: "60c86fef-18bf2"
Accept-Ranges: bytes
t14.baidu.com/it/u=602985293,2551316718&fm=224&app=112&f=JPEG?w=400&h=400
185.10.104.124200 OK 47 kB URL HTTP/1.1 t14.baidu.com/it/u=602985293,2551316718&fm=224&app=112&f=JPEG?w=400&h=400
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 3bdad709eac831aafb548e9b7751ebb7
b65c347000e2647f8632d118c8edf8c88d640bec
94c9628d601ed3a00688a7f594c96acb4d3147d03c50d338afa7653c89d8cd3f
GET /it/u=602985293,2551316718&fm=224&app=112&f=JPEG?w=400&h=400 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpeg
Content-Length: 47226
Connection: keep-alive
Expires: Fri, 24 Feb 2023 19:24:11 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 3bdad709eac831aafb548e9b7751ebb7
Age: 724375
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 19:24:11 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache52 [1], xiangyix102 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 47226
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=4071208146,1908421947&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
42.81.98.35200 OK 5.7 kB URL HTTP/2 img2.baidu.com/it/u=4071208146,1908421947&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5542bb0f5194e392ef02123eb7fcbe2e
cc26f9707c737b37dda91af65e975933bd8c5bc6
a88eea80e97e641ad83bf99732c33fc2f1335a3c9d2e7fb6596c23a79464da9a
GET /it/u=4071208146,1908421947&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:56 GMT
content-type: image/webp
content-length: 5668
expires: Sat, 04 Mar 2023 04:32:35 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 5542bb0f5194e392ef02123eb7fcbe2e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 04:32:35 GMT
ohc-cache-hit: tj5ct56 [1], csix56 [4]
ohc-file-size: 5668
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=571008181,2799222386&fm=253&app=120&f=JPEG?w=1422&h=800
42.81.98.35200 OK 139 kB URL HTTP/1.1 img2.baidu.com/it/u=571008181,2799222386&fm=253&app=120&f=JPEG?w=1422&h=800
IP 42.81.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 139 kB (138629 bytes)
Hash ade066dbdcb6f3335589cbf08f288b12
02989d23553ffabff9a151510a76bfe0a9f153bb
eec1adf1a396e6e7b08f72473aa9792f8b152a96f5528dd9fce6975bf2689627
GET /it/u=571008181,2799222386&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpeg
Content-Length: 138629
Connection: keep-alive
Expires: Fri, 10 Feb 2023 21:24:09 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: ade066dbdcb6f3335589cbf08f288b12
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 21:24:09 GMT
Ohc-Cache-HIT: tj5ct51 [2], xiangyix158 [2]
Ohc-File-Size: 138629
X-Cache-Status: MISS
12804.url.tudown.com/uploads/images/362084.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/362084.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/362084.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=642720602,2636034757&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=716
12804.url.tudown.com/uploads/images/498789.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/498789.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/498789.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=919719485,1616636353&fm=253&fmt=auto?w=1280&h=800
12804.url.tudown.com/uploads/images/903075.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/903075.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/903075.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1738563677,1054407183&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/617732.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/617732.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/617732.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=518278225,3610822463&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/942907.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/942907.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/942907.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3833388121,827270344&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=766
img0.baidu.com/it/u=644985597,781025333&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1918
113.219.142.35200 OK 96 kB URL HTTP/2 img0.baidu.com/it/u=644985597,781025333&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1918
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1918, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2288cd0714b936f31f7e9925808983ef
bd77427cef349b2d25f9e988551bbac2868dbf0b
45c09d1973cf9dcfa72fc8491903f7ff0ad1da403b58421e670c3a0a05f89501
GET /it/u=644985597,781025333&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1918 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:56 GMT
content-type: image/webp
content-length: 95990
expires: Fri, 10 Feb 2023 21:09:33 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 2288cd0714b936f31f7e9925808983ef
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:09:33 GMT
ohc-cache-hit: chenzct69 [1], wzix109 [4]
ohc-file-size: 95990
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3892276928,2071996742&fm=253&app=138&f=JPEG?w=500&h=889
58.42.14.35200 OK 43 kB URL HTTP/1.1 img1.baidu.com/it/u=3892276928,2071996742&fm=253&app=138&f=JPEG?w=500&h=889
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash 3a15832bacd4b656b7167c1d444d13e2
52b77df86a23c03d054e6e36f378a9d011c1eafd
bdae3f3899f0234ed2a805a2c341e220d9ed04fcff42ee392513fd7a0e4dcd6a
GET /it/u=3892276928,2071996742&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpeg
Content-Length: 42812
Connection: keep-alive
Expires: Wed, 15 Feb 2023 02:47:41 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 3a15832bacd4b656b7167c1d444d13e2
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 02:47:41 GMT
Ohc-Cache-HIT: gyct60 [1], xaix120 [4]
Ohc-File-Size: 42812
X-Cache-Status: MISS
img0.baidu.com/it/u=3395640963,3704212994&fm=253&fmt=auto&app=138&f=JPG?w=265&h=136
113.219.142.35200 OK 7.5 kB URL HTTP/2 img0.baidu.com/it/u=3395640963,3704212994&fm=253&fmt=auto&app=138&f=JPG?w=265&h=136
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 265x136, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb61b005398fb56c48b12479a04b9065
df489bfcea08184bbe1e55744b0d03aa934953b5
5a1eed16570eecdd713f8dcabf58e41a7a23372c4b72a7d062f2d76d21474062
GET /it/u=3395640963,3704212994&fm=253&fmt=auto&app=138&f=JPG?w=265&h=136 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:57 GMT
content-type: image/webp
content-length: 7476
expires: Mon, 06 Mar 2023 11:53:57 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: bb61b005398fb56c48b12479a04b9065
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 11:53:56 GMT
ohc-cache-hit: chenzct69 [1], xiangyix69 [2]
ohc-file-size: 7476
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1738563677,1054407183&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 36 kB URL HTTP/1.1 t14.baidu.com/it/u=1738563677,1054407183&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6da49ecac61793d36d817e3f99b331fb
76992663d1a118dd4185dc9b4cc2c19ee8630d07
135756b1ff58e59d25accca45d6c377a16443ffd208802e57ce6961e3b6ca588
GET /it/u=1738563677,1054407183&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpeg
Content-Length: 36505
Connection: keep-alive
Expires: Sat, 18 Feb 2023 01:29:57 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 6da49ecac61793d36d817e3f99b331fb
Age: 726044
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 01:29:57 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache50 [1], csix88 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 36505
X-Cache-Status: HIT
Timing-Allow-Origin: *
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash ec134770d84ba6aee932235518819fcb
b2049b93cd262e87dc444776fd6912c16f72b0d9
33052184803cfb40aefb1ba9edebc00e9257aaf150179b1e68344379b34242cb
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12804.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 11:53:56 GMT
Etag: 88b4996fc6fcd615e32a32ef40bfe7c8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BB6EF1956BE8B6B3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
t13.baidu.com/it/u=518278225,3610822463&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 69 kB URL HTTP/1.1 t13.baidu.com/it/u=518278225,3610822463&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4cbd13f08689eb9dde8edc34c98843fe
8dec1358a878a2d00ba0ce335dbce91c53a515bb
4d67b3045182feab551ced72a4bd81e20140b83a6d4dacf7edf750079d317780
GET /it/u=518278225,3610822463&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpeg
Content-Length: 68730
Connection: keep-alive
Expires: Sun, 05 Feb 2023 06:47:27 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 4cbd13f08689eb9dde8edc34c98843fe
Age: 2040334
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 06:47:26 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache62 [1], suzix62 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 68730
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=642720602,2636034757&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=716
42.81.98.35200 OK 58 kB URL HTTP/2 img2.baidu.com/it/u=642720602,2636034757&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=716
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x716, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c90343fc78b76a841d2db979f469ee2d
74825d6f042a2c76a7cba4aa0e466a824e062ee1
878ebbe86c729d3c6f3b7820b6cd8697799c1a63c3ebaaba16f43608368dbbe0
GET /it/u=642720602,2636034757&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=716 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:57 GMT
content-type: image/webp
content-length: 58336
expires: Tue, 21 Feb 2023 16:59:24 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: c90343fc78b76a841d2db979f469ee2d
age: 153508
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 16:59:24 GMT
ohc-cache-hit: tj5ct52 [4], wzix116 [4]
ohc-file-size: 58336
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=919719485,1616636353&fm=253&fmt=auto?w=1280&h=800
113.219.142.35200 OK 28 kB URL HTTP/2 img0.baidu.com/it/u=919719485,1616636353&fm=253&fmt=auto?w=1280&h=800
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c163b17939f9564234a4ef835eaae129
3482c4b0dc684760d3d02cac86487935d46e28a1
c2b0ee7056448ee70183f915844db98232315cdddbcc149cf880bbabb62b592e
GET /it/u=919719485,1616636353&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:57 GMT
content-type: image/webp
content-length: 28248
expires: Fri, 24 Feb 2023 08:55:09 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c163b17939f9564234a4ef835eaae129
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 08:55:09 GMT
ohc-cache-hit: chenzct52 [1], wzix52 [4]
ohc-file-size: 28248
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/856029.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/856029.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/856029.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4106691203,1891598399&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/353519.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/353519.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/353519.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=647329524,4277617722&fm=253&app=120&f=JPEG?w=1280&h=800
12804.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675511672108
154.218.151.71200 OK 8.7 kB URL HTTP/1.1 12804.url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675511672108
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 59b7b4f90a594692663ae16f7e4c3d25
ba44cf2a7c3155be550014625cdfe552c0e141b0
30003676fd89a6681eb9ba13b86dfab59d59f24738a73a777312a44f949b335c
GET /index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675511672108 HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12804.url.tudown.com/uploads/images/644013.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/644013.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/644013.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3378133988,651244564&fm=253&app=120&f=JPEG?w=1280&h=800
12804.url.tudown.com/uploads/images/459169.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/459169.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/459169.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1667079470,24568140&fm=253&fmt=auto&app=138&f=JPEG?w=712&h=500
12804.url.tudown.com/uploads/images/370839.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/370839.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/370839.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1564936366,2730791944&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=350
t15.baidu.com/it/u=4106691203,1891598399&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 33 kB URL HTTP/1.1 t15.baidu.com/it/u=4106691203,1891598399&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9e9161e803d04212dec66bb73b745ef5
3ccd2e59ddaf7b87f0ecac02c3c8915dd34fe51a
9196479ea4499ac8ae637cfe7eca24aaf46ba8203dad229901840a0ecc895951
GET /it/u=4106691203,1891598399&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpeg
Content-Length: 33312
Connection: keep-alive
Expires: Sat, 04 Mar 2023 04:55:14 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 9e9161e803d04212dec66bb73b745ef5
Age: 30417
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 04:55:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache53 [1], csix119 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33312
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=3833388121,827270344&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=766
42.81.98.35200 OK 33 kB URL HTTP/2 img2.baidu.com/it/u=3833388121,827270344&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=766
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x766, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d5ec6d6345ea1749032d5da4f1f30a8
d6317de2db5d367e8273618fe75b366e30a1bf63
d5788af2fecb1104c22647101dd3174a1337403fe1e21611f5cc6539146b6302
GET /it/u=3833388121,827270344&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=766 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:57 GMT
content-type: image/webp
content-length: 32956
expires: Thu, 02 Mar 2023 10:01:50 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 5d5ec6d6345ea1749032d5da4f1f30a8
age: 211686
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 10:01:50 GMT
ohc-cache-hit: tj5ct65 [4], csix109 [2]
ohc-file-size: 32956
x-cache-status: HIT
X-Firefox-Spdy: h2
s.360.cn/so/zz.gif?url=http%3A%2F%2F12804.url.tudown.com%2Fdown%2Ftype34.6.0.0%40376_33660.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b036f623835_2657f32@d0b.
171.8.167.90200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12804.url.tudown.com%2Fdown%2Ftype34.6.0.0%40376_33660.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b036f623835_2657f32@d0b.
IP 171.8.167.90:0
ASN #137687 Luoyang, Henan Province, P.R.China.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12804.url.tudown.com%2Fdown%2Ftype34.6.0.0%40376_33660.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b036f623835_2657f32@d0b. HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Mon, 29 Oct 2018 06:10:47 GMT
Connection: keep-alive
ETag: "5bd6a467-0"
Accept-Ranges: bytes
img2.baidu.com/it/u=1564936366,2730791944&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=350
42.81.98.35200 OK 27 kB URL HTTP/2 img2.baidu.com/it/u=1564936366,2730791944&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=350
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6d5715bd79eb50d6e686f1c9df4c0444
4926d19b4709cedf008bd3ff8710ba23f48d8218
36d606e328eeac5ca358129cc06fb1f48a844a2e41bd05fbb2a3e5fdb7503d7f
GET /it/u=1564936366,2730791944&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=350 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:57 GMT
content-type: image/webp
content-length: 27204
expires: Thu, 23 Feb 2023 12:36:05 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 6d5715bd79eb50d6e686f1c9df4c0444
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 12:36:05 GMT
ohc-cache-hit: tj5ct51 [1], qdix210 [4]
ohc-file-size: 27204
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1667079470,24568140&fm=253&fmt=auto&app=138&f=JPEG?w=712&h=500
113.219.142.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=1667079470,24568140&fm=253&fmt=auto&app=138&f=JPEG?w=712&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 712x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 86f24c09882f706ca8eb2270ea671613
76d7d9efa25f885b12ca45203b7a976c83b5857c
bf24124444d3a9c1908e9046a8cddd003132c11ba74210da269fc2a82e56da18
GET /it/u=1667079470,24568140&fm=253&fmt=auto&app=138&f=JPEG?w=712&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:57 GMT
content-type: image/webp
content-length: 20278
expires: Thu, 23 Feb 2023 12:48:40 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 86f24c09882f706ca8eb2270ea671613
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 12:48:40 GMT
ohc-cache-hit: chenzct68 [1], czix214 [4]
ohc-file-size: 20278
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/236348.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/236348.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/236348.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4111011894,4053120491&fm=253&fmt=auto&app=138&f=JPEG?w=524&h=500
12804.url.tudown.com/uploads/images/524119.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/524119.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/524119.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1388280153,821147864&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
img1.baidu.com/it/u=3801753224,1519685346&fm=253&app=120&f=JPEG?w=1422&h=800
58.42.14.35200 OK 118 kB URL HTTP/1.1 img1.baidu.com/it/u=3801753224,1519685346&fm=253&app=120&f=JPEG?w=1422&h=800
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 118 kB (117640 bytes)
Hash 20353bcda7a023efc740b4e27a44be2a
780a14d20fb570245d2f32841224710fc775b27d
eddd15447590e62f863a02ffe61cffed6c86e465a2d1168959575c253c52de08
GET /it/u=3801753224,1519685346&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:56 GMT
Content-Type: image/jpeg
Content-Length: 117640
Connection: keep-alive
Expires: Fri, 24 Feb 2023 14:34:44 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 20353bcda7a023efc740b4e27a44be2a
Age: 280084
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 14:34:44 GMT
Ohc-Cache-HIT: gyct59 [4], suzix243 [4]
Ohc-File-Size: 117640
X-Cache-Status: HIT
img2.baidu.com/it/u=2098225162,3321434586&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 130 kB URL HTTP/1.1 img2.baidu.com/it/u=2098225162,3321434586&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 130 kB (129808 bytes)
Hash 35acacbb607b2956a05bc7cabd95d4f5
de867187a65c9080598a64ab5492ff706f5102bb
450ca77ab20101caeee3f03e05503c3836492f4ab04faa5f11732fdb09e83161
GET /it/u=2098225162,3321434586&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpeg
Content-Length: 129808
Connection: keep-alive
Expires: Sun, 12 Feb 2023 19:34:03 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 35acacbb607b2956a05bc7cabd95d4f5
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 19:34:03 GMT
Ohc-Cache-HIT: ntct61 [1], czix78 [4]
Ohc-File-Size: 129808
X-Cache-Status: MISS
12804.url.tudown.com/uploads/images/683596.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/683596.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/683596.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3307679162,4014621668&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/180310.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/180310.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/180310.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=49254398,2769923046&fm=253&fmt=auto&app=120&f=JPEG?w=666&h=1000
t15.baidu.com/it/u=3307679162,4014621668&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t15.baidu.com/it/u=3307679162,4014621668&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 27ed60644f7f7d12f585757af6e0745b
e659ef424a7a422d2ea97c3811d05d5c552212e1
48a8727b3e37c8bc9c0b3cffb63be2d6be4db59a782abaea0dbc7f5771a52a7a
GET /it/u=3307679162,4014621668&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpeg
Content-Length: 43962
Connection: keep-alive
Expires: Sun, 05 Feb 2023 11:55:42 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 27ed60644f7f7d12f585757af6e0745b
Age: 2320961
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 11:55:42 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache59 [1], wzix83 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43962
X-Cache-Status: HIT
Timing-Allow-Origin: *
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1377340631&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=43863&r=0&ww=1280&u=http%3A%2F%2F12804.url.tudown.com%2Fdown%2Ftype34.6.0.0%40376_33660.exe&tt=%E6%AC%A2%E8%BF%8E%E4%BD%BF%E7%94%A8%E4%B9%90%E9%B1%BCApp(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1377340631&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=43863&r=0&ww=1280&u=http%3A%2F%2F12804.url.tudown.com%2Fdown%2Ftype34.6.0.0%40376_33660.exe&tt=%E6%AC%A2%E8%BF%8E%E4%BD%BF%E7%94%A8%E4%B9%90%E9%B1%BCApp(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1377340631&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=43863&r=0&ww=1280&u=http%3A%2F%2F12804.url.tudown.com%2Fdown%2Ftype34.6.0.0%40376_33660.exe&tt=%E6%AC%A2%E8%BF%8E%E4%BD%BF%E7%94%A8%E4%B9%90%E9%B1%BCApp(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12804.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 11:53:57 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9A435D5A753CF4DB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img2.baidu.com/it/u=4111011894,4053120491&fm=253&fmt=auto&app=138&f=JPEG?w=524&h=500
42.81.98.35200 OK 25 kB URL HTTP/2 img2.baidu.com/it/u=4111011894,4053120491&fm=253&fmt=auto&app=138&f=JPEG?w=524&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 524x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f3e676716ac0d96e6f4123c27196b606
e9e646cf27ee8e729bde10eaebea65a89e38e631
8b205d58d94760c2416881fb530c9cec626cc416e4cc451c644a36ac6ed720fd
GET /it/u=4111011894,4053120491&fm=253&fmt=auto&app=138&f=JPEG?w=524&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:57 GMT
content-type: image/webp
content-length: 24978
expires: Wed, 15 Feb 2023 06:01:48 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: f3e676716ac0d96e6f4123c27196b606
age: 521461
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 06:01:48 GMT
ohc-cache-hit: tj5ct52 [4], xaix147 [4]
ohc-file-size: 24978
x-cache-status: HIT
X-Firefox-Spdy: h2
12804.url.tudown.com/api.php?op=digg&action=show&id=23038
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12804.url.tudown.com/api.php?op=digg&action=show&id=23038
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /api.php?op=digg&action=show&id=23038 HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12804.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12804.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash baab827ecc0316ec280560968c992ab6
61af87c2acdac855e62591410a79626371867407
b2d6229f8c78d782ad602304b220bf5838c6d9a77f3597e2b3c5dd3c5c93371e
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12804.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.5 kB URL HTTP/1.1 12804.url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (371), with CRLF, LF line terminators
Hash 3f1be99d0523f6e699b96298f7d9cec6
4927635e05998caf61d5b787de0c393cdff77881
dbfcc4562987ce6272e91c5b83c5ceb6567bfdda04ed1a2b415929dfbfae1e77
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
img2.baidu.com/it/u=1388280153,821147864&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
42.81.98.35200 OK 94 kB URL HTTP/2 img2.baidu.com/it/u=1388280153,821147864&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8a15ef819938ddd2ca02425ad314b70f
0a3904c5a7745bf47189c83854ab38b2ae1064e3
aa4d8b74ab594555e8eb49d47ba0e022b8f8becdf68254d2f506eceecf7f26de
GET /it/u=1388280153,821147864&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:57 GMT
content-type: image/webp
content-length: 94020
expires: Mon, 20 Feb 2023 06:53:54 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 8a15ef819938ddd2ca02425ad314b70f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:53:54 GMT
ohc-cache-hit: tj5ct66 [1], czix197 [4]
ohc-file-size: 94020
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/557509.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/557509.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/557509.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=252652519,930334746&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
12804.url.tudown.com/uploads/images/377399.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/377399.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/377399.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1195700003,973030002&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/788394.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/788394.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/788394.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1103894331,3435416922&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=291
img1.baidu.com/it/u=49254398,2769923046&fm=253&fmt=auto&app=120&f=JPEG?w=666&h=1000
58.42.14.35200 OK 34 kB URL HTTP/1.1 img1.baidu.com/it/u=49254398,2769923046&fm=253&fmt=auto&app=120&f=JPEG?w=666&h=1000
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 666x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 252cc7205c9da04d1b37af195ffceaea
491621baf83a774eebbd4cceb3bfe074feccb932
41def0b9f3de28e2a44c55bf976a607bfa836427a337f1dd9ec51f83a8350376
GET /it/u=49254398,2769923046&fm=253&fmt=auto&app=120&f=JPEG?w=666&h=1000 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/webp
Content-Length: 33508
Connection: keep-alive
Expires: Tue, 21 Feb 2023 02:16:32 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 252cc7205c9da04d1b37af195ffceaea
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 02:16:31 GMT
Ohc-Cache-HIT: gyct56 [1], qdix66 [4]
Ohc-File-Size: 33508
X-Cache-Status: MISS
t13.baidu.com/it/u=1195700003,973030002&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 33 kB URL HTTP/1.1 t13.baidu.com/it/u=1195700003,973030002&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash df25b24e426a9a4b03546044e292870e
88c0b8b7b582fa7b161c0d890e82ecb399d05cb2
711c39a692d317a1c8c111f60d20f1676d06ceba7b8644b2ad4ba1d052dad4ea
GET /it/u=1195700003,973030002&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpeg
Content-Length: 33072
Connection: keep-alive
Expires: Tue, 07 Feb 2023 07:37:03 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: df25b24e426a9a4b03546044e292870e
Age: 2038987
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 07:37:02 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache59 [1], qdix104 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33072
X-Cache-Status: HIT
Timing-Allow-Origin: *
12804.url.tudown.com/uploads/images/700582.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/700582.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/700582.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2528764270,3891143217&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img0.baidu.com/it/u=252652519,930334746&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
113.219.142.35200 OK 26 kB URL HTTP/2 img0.baidu.com/it/u=252652519,930334746&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1dbfd13ed383cf3048b26878c2360a44
6ba36d4db8f4deec5776d0c5b27e900f53ed45dc
b7973693f5db73e7c5c7dc3575eb63b6810b7d4b5cd07112f7f35ffe93f361ac
GET /it/u=252652519,930334746&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:58 GMT
content-type: image/webp
content-length: 25528
expires: Mon, 20 Feb 2023 14:30:23 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 1dbfd13ed383cf3048b26878c2360a44
age: 162729
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 14:30:23 GMT
ohc-cache-hit: chenzct59 [4], suzix59 [2]
ohc-file-size: 25528
x-cache-status: HIT
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/200940.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/200940.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/200940.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2837231489,836826710&fm=253&fmt=auto&app=138&f=PNG?w=500&h=379
12804.url.tudown.com/uploads/images/507767.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/507767.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/507767.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1777928489,2479107019&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480
12804.url.tudown.com/uploads/images/933015.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/933015.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/933015.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=4180698253,435028942&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/721570.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/721570.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/721570.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2251868659,3974194909&fm=253&fmt=auto&app=138&f=JPEG?w=522&h=500
img0.baidu.com/it/u=1103894331,3435416922&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=291
113.219.142.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=1103894331,3435416922&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=291
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x291, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash faf16fe82c67cd33e908fd10b95535b4
965a5d109d521b161fec5c358f9fea13ae58f03a
f2f3ee928ec680e23a65ed5b7da3996bbcb1779bb6fc8bf1404e56553909d6fd
GET /it/u=1103894331,3435416922&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=291 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:58 GMT
content-type: image/webp
content-length: 17886
expires: Tue, 28 Feb 2023 02:26:46 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: faf16fe82c67cd33e908fd10b95535b4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 02:26:46 GMT
ohc-cache-hit: chenzct74 [1], xiangyix223 [4]
ohc-file-size: 17886
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/logo.png?n=4w53nznorhs3raxfrsloln5f4whie&w=250
154.218.151.71200 OK 3.4 kB URL HTTP/1.1 12804.url.tudown.com/uploads/images/logo.png?n=4w53nznorhs3raxfrsloln5f4whie&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 326aa5a03854b50492807276b4ecc078
ecb10880e67e38fb0977d8b047e5b0fbaab61cc2
ebb015f220dd56ee5a52f1a9bcf261bc3a88ad664532563dbb6cdc9f6cd1c80b
GET /uploads/images/logo.png?n=4w53nznorhs3raxfrsloln5f4whie&w=250 HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
t13.baidu.com/it/u=4180698253,435028942&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 41 kB URL HTTP/1.1 t13.baidu.com/it/u=4180698253,435028942&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 284aa3a20c516191556039edcea4d46b
68a2e4e3c778ad08e89a6636842e2d7a3c48e525
11f126fe55b7134c959d55cedd6e1aeadeecf904965aa82319f455704b9c1786
GET /it/u=4180698253,435028942&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpeg
Content-Length: 41132
Connection: keep-alive
Expires: Fri, 10 Feb 2023 21:33:58 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 284aa3a20c516191556039edcea4d46b
Age: 2038800
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 21:33:58 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache59 [1], wzix119 [1]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 41132
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=2528764270,3891143217&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
42.81.98.35200 OK 25 kB URL HTTP/2 img2.baidu.com/it/u=2528764270,3891143217&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66a26de624464912a5eac2c272090cbb
0cb74294c1717440a11ff684e6062db604c7f5ad
9092f7ecc1c324b671b763ddd2306af310ebd47d5ad32b18e705ee4ee4aa152e
GET /it/u=2528764270,3891143217&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:58 GMT
content-type: image/webp
content-length: 24688
expires: Sun, 05 Mar 2023 02:57:53 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 66a26de624464912a5eac2c272090cbb
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 02:57:53 GMT
ohc-cache-hit: tj5ct68 [1], czix74 [4]
ohc-file-size: 24688
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1777928489,2479107019&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480
42.81.98.35200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=1777928489,2479107019&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 971d0c4c4aa82908170492f5832607b8
e231d3f0d3212f2128e7028be6522074f4dac072
00671e34a22b8abd0f3b6470e46a28e21ed2bfd2ce37fbee8a44432a7f08d6f5
GET /it/u=1777928489,2479107019&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:58 GMT
content-type: image/webp
content-length: 30414
expires: Wed, 22 Feb 2023 01:48:24 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 971d0c4c4aa82908170492f5832607b8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:48:24 GMT
ohc-cache-hit: tj5ct61 [1], qdix121 [4]
ohc-file-size: 30414
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=647329524,4277617722&fm=253&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 169 kB URL HTTP/1.1 img0.baidu.com/it/u=647329524,4277617722&fm=253&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 169 kB (169147 bytes)
Hash 7464ae6cdf86444c0701ba147087fcef
1dc6e4f5520a16a6a11d3e2eac5743574ba57b52
f681f8ae1f21091c1b1b11f8c3dd3663a7e2126c929e9e50233e83ff7007bd58
GET /it/u=647329524,4277617722&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:57 GMT
Content-Type: image/jpeg
Content-Length: 169147
Connection: keep-alive
Expires: Tue, 14 Feb 2023 03:17:15 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 7464ae6cdf86444c0701ba147087fcef
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 03:17:15 GMT
Ohc-Cache-HIT: chenzct66 [2], xaix89 [2]
Ohc-File-Size: 169147
X-Cache-Status: MISS
12804.url.tudown.com/uploads/images/556986.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/556986.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/556986.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2520478630,1430925515&fm=253&fmt=auto&app=138&f=JPEG?w=582&h=500
img0.baidu.com/it/u=2837231489,836826710&fm=253&fmt=auto&app=138&f=PNG?w=500&h=379
113.219.142.35200 OK 44 kB URL HTTP/2 img0.baidu.com/it/u=2837231489,836826710&fm=253&fmt=auto&app=138&f=PNG?w=500&h=379
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6026bc82f279f5e4ef87fd68133d90db
edbb5fafa6062bd9fe2928e2f5f372fd1d0fc428
7a155746135b77f25b6bfab2fc59bfdb2e9c04c50a3aaae039efc35832e8f7c2
GET /it/u=2837231489,836826710&fm=253&fmt=auto&app=138&f=PNG?w=500&h=379 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:58 GMT
content-type: image/webp
content-length: 44054
expires: Wed, 08 Feb 2023 11:35:29 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 6026bc82f279f5e4ef87fd68133d90db
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 11:35:29 GMT
ohc-cache-hit: chenzct64 [1], czix116 [4]
ohc-file-size: 44054
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/958379.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/958379.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/958379.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=998546231,2627594&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img1.baidu.com/it/u=2251868659,3974194909&fm=253&fmt=auto&app=138&f=JPEG?w=522&h=500
58.42.14.35200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=2251868659,3974194909&fm=253&fmt=auto&app=138&f=JPEG?w=522&h=500
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 522x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0496317610d9a5a22dd674e9dda46e62
18c20fa403f189926e3efac2c8a9b21fb6553598
b8c7507a59e2b67613259c11135aa9507b54b105e5e6d14ae766a46a354737db
GET /it/u=2251868659,3974194909&fm=253&fmt=auto&app=138&f=JPEG?w=522&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:58 GMT
content-type: image/webp
content-length: 14012
expires: Sun, 05 Mar 2023 07:17:23 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 0496317610d9a5a22dd674e9dda46e62
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 07:17:23 GMT
ohc-cache-hit: gyct56 [2], csix56 [4]
ohc-file-size: 14012
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/375118.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/375118.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/375118.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4253177709,3679019934&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
12804.url.tudown.com/uploads/images/134794.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/134794.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/134794.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3378133988,651244564&fm=253&fmt=auto?w=1280&h=800
12804.url.tudown.com/uploads/images/984822.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/984822.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/984822.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3177038747,470637396&fm=253&fmt=auto?w=800&h=1280
12804.url.tudown.com/uploads/images/25008.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/25008.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/25008.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2781183149,676470470&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img0.baidu.com/it/u=2520478630,1430925515&fm=253&fmt=auto&app=138&f=JPEG?w=582&h=500
113.219.142.35200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=2520478630,1430925515&fm=253&fmt=auto&app=138&f=JPEG?w=582&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 582x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1ecd83b1cdcf91f1ac576c4d6dcd9d59
0113dc1762b600f0fbbf274ca01b1720528a1dce
c20abb7b7d42daf2ccc2f01dbf23331667161ecf964f73d3f48cf308461d6586
GET /it/u=2520478630,1430925515&fm=253&fmt=auto&app=138&f=JPEG?w=582&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 22662
expires: Wed, 08 Feb 2023 04:07:16 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 1ecd83b1cdcf91f1ac576c4d6dcd9d59
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 04:07:16 GMT
ohc-cache-hit: chenzct67 [1], csix92 [4]
ohc-file-size: 22662
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/30031.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/30031.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/30031.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=97040658,2737538612&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=638
img0.baidu.com/it/u=3378133988,651244564&fm=253&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 220 kB URL HTTP/1.1 img0.baidu.com/it/u=3378133988,651244564&fm=253&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 220 kB (220355 bytes)
Hash 591fcd2ee53669f9a0609c7c4958c1fe
d25171121cb43048feab102af6516be143bbc499
99b8cf06dd49268084defe53a331947df5c63af65bdf23ebd7f7272c4f97c33f
GET /it/u=3378133988,651244564&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:58 GMT
Content-Type: image/jpeg
Content-Length: 220355
Connection: keep-alive
Expires: Mon, 27 Feb 2023 13:55:15 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 591fcd2ee53669f9a0609c7c4958c1fe
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 28 Jan 2023 13:55:15 GMT
Ohc-Cache-HIT: chenzct85 [2], suzix200 [2]
Ohc-File-Size: 220355
X-Cache-Status: MISS
12804.url.tudown.com/uploads/images/869781.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/869781.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/869781.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=4092263864,1641878710&fm=253&app=120&f=JPEG?w=1280&h=800
img2.baidu.com/it/u=3177038747,470637396&fm=253&fmt=auto?w=800&h=1280
42.81.98.35200 OK 97 kB URL HTTP/2 img2.baidu.com/it/u=3177038747,470637396&fm=253&fmt=auto?w=800&h=1280
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9f7c254f6e2701c08c28ca9ff5213d2c
aa546a68f7b71c61e2e52a1cd4b625a334e6a759
19bd124740c85c912ff1fc4d766fc81b86fb14f8d4f6838c8352c6e156a2c312
GET /it/u=3177038747,470637396&fm=253&fmt=auto?w=800&h=1280 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 96608
expires: Mon, 20 Feb 2023 10:51:57 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 9f7c254f6e2701c08c28ca9ff5213d2c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 10:51:57 GMT
ohc-cache-hit: tj5ct59 [1], suzix104 [4]
ohc-file-size: 96608
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/86981.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/86981.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/86981.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=4114631815,1463011445&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/67133.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/67133.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/67133.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3572222837,121085746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=731
img2.baidu.com/it/u=4253177709,3679019934&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
42.81.98.35200 OK 11 kB URL HTTP/2 img2.baidu.com/it/u=4253177709,3679019934&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5ce28e8423547a1867288b68b6867c50
ebc8ba66bc0763df2715155b297884aeb733b968
6b8f9e50c9575bef6fc341a95856338e4634b6b1f3c27db1978603aa4a701398
GET /it/u=4253177709,3679019934&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 10976
expires: Mon, 27 Feb 2023 10:04:48 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 5ce28e8423547a1867288b68b6867c50
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 28 Jan 2023 10:04:48 GMT
ohc-cache-hit: tj5ct52 [1], wzix105 [2]
ohc-file-size: 10976
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/517875.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/517875.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/517875.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2600301718,2735652905&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
img1.baidu.com/it/u=998546231,2627594&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
58.42.14.35200 OK 35 kB URL HTTP/2 img1.baidu.com/it/u=998546231,2627594&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1acdaf02b7912b2f8b233b8751ad4c8a
fe92400c1172154f972c93442912f3f18eaab8b5
f679cd76294c3ca51e5599245ca93c79184fe3055151022b6518f97d750a01f4
GET /it/u=998546231,2627594&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 35260
expires: Sat, 25 Feb 2023 02:22:19 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 1acdaf02b7912b2f8b233b8751ad4c8a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 02:22:19 GMT
ohc-cache-hit: gyct56 [1], xiangyix56 [4]
ohc-file-size: 35260
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2781183149,676470470&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
42.81.98.35200 OK 38 kB URL HTTP/2 img2.baidu.com/it/u=2781183149,676470470&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 07d022e71c6e0d7cb9b226fa7fd5560d
b00be8dd02cf82bfd41ffcfea18254b5da43abbe
1cedd22adc0ee111fe52c6d7d363d294eafe5e08e0dab6e460b19e22f7ca0712
GET /it/u=2781183149,676470470&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 38402
expires: Fri, 17 Feb 2023 08:21:09 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 07d022e71c6e0d7cb9b226fa7fd5560d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 08:21:09 GMT
ohc-cache-hit: tj5ct68 [1], qdix186 [4]
ohc-file-size: 38402
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=4114631815,1463011445&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 46 kB URL HTTP/1.1 t13.baidu.com/it/u=4114631815,1463011445&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0b19437f0edba83d16fc208ff04cc9ef
6fe404b20cdb5b2adc768ea1e2d24a4f204a89b1
ca5f9846c909f9f68ad804ab03da0a6d91e3df329598106b7b90f2adf89b37a9
GET /it/u=4114631815,1463011445&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpeg
Content-Length: 46407
Connection: keep-alive
Expires: Mon, 06 Feb 2023 14:45:06 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 0b19437f0edba83d16fc208ff04cc9ef
Age: 2040065
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 14:45:06 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache51 [4], bdix195 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 46407
X-Cache-Status: HIT
Timing-Allow-Origin: *
12804.url.tudown.com/uploads/images/777484.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/777484.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/777484.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2958945660,1305960227&fm=253&fmt=auto&app=138&f=JPEG?w=334&h=500
img1.baidu.com/it/u=2600301718,2735652905&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
58.42.14.35200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=2600301718,2735652905&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 940bdacb46fcf9e5e190eead6fe5d7d0
dbb99f786feff141c0c168816b721c6dcdc7b7b1
dbc193b23ddd84b09c824fd5b4a107069d5b98580169f7070c3263964afab16b
GET /it/u=2600301718,2735652905&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 19448
expires: Tue, 21 Feb 2023 02:56:07 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 940bdacb46fcf9e5e190eead6fe5d7d0
age: 793175
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:56:07 GMT
ohc-cache-hit: gyct53 [4], czix124 [2]
ohc-file-size: 19448
x-cache-status: HIT
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/553979.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/553979.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/553979.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3106084175,2776644671&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=3572222837,121085746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=731
58.42.14.35200 OK 24 kB URL HTTP/2 img1.baidu.com/it/u=3572222837,121085746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=731
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x731, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d76f661623fd4abe336286f5f6eaaf5e
570fa7a7e129bdb0272e6bfd136c17b60e508adf
5b423348ac2945e2b2f442a5a62242e2f97c41c80e8eb9f762b58232dee3bae1
GET /it/u=3572222837,121085746&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=731 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 23728
expires: Tue, 21 Feb 2023 04:08:03 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d76f661623fd4abe336286f5f6eaaf5e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 04:08:03 GMT
ohc-cache-hit: gyct62 [1], suzix67 [4]
ohc-file-size: 23728
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/uploads/images/519245.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/519245.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/519245.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2026357231,1274254347&fm=224&app=112&f=JPEG?w=500&h=500
12804.url.tudown.com/uploads/images/25785.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/25785.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/25785.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3657497261,12670201&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
12804.url.tudown.com/uploads/images/31641.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/31641.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/31641.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=518394472,1008597378&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
12804.url.tudown.com/uploads/images/124542.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12804.url.tudown.com/uploads/images/124542.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/124542.jpg HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2099595416,2246468256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=905
t13.baidu.com/it/u=2026357231,1274254347&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 29 kB URL HTTP/1.1 t13.baidu.com/it/u=2026357231,1274254347&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 84752e968c1a07331217d5e4e924ad12
1f2fbceecab976d64b34b284a761ad428b28c45c
676c4c4d308bb87d44739357f97cec445c432c47adf4cfefd1f67a6db5ee6ac7
GET /it/u=2026357231,1274254347&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpeg
Content-Length: 29126
Connection: keep-alive
Expires: Tue, 07 Feb 2023 05:28:56 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 84752e968c1a07331217d5e4e924ad12
Age: 2040281
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 05:28:56 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache51 [4], suzix70 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 29126
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=4092263864,1641878710&fm=253&app=120&f=JPEG?w=1280&h=800
42.81.98.35200 OK 273 kB URL HTTP/1.1 img2.baidu.com/it/u=4092263864,1641878710&fm=253&app=120&f=JPEG?w=1280&h=800
IP 42.81.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 273 kB (273402 bytes)
Hash 2a3cf76cde6a5e4460fce475d6be59ec
94510c454407bde911996a3ee1d723355bc32370
b46adc8418f219871fd6546ab9d308c507a9b5b2a89a3c3e247d4de0d90498cd
GET /it/u=4092263864,1641878710&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpeg
Content-Length: 273402
Connection: keep-alive
Expires: Tue, 07 Feb 2023 11:19:43 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: 2a3cf76cde6a5e4460fce475d6be59ec
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 11:19:43 GMT
Ohc-Cache-HIT: tj5ct63 [2], bdix187 [4]
Ohc-File-Size: 273402
X-Cache-Status: MISS
img0.baidu.com/it/u=2958945660,1305960227&fm=253&fmt=auto&app=138&f=JPEG?w=334&h=500
113.219.142.35200 OK 13 kB URL HTTP/2 img0.baidu.com/it/u=2958945660,1305960227&fm=253&fmt=auto&app=138&f=JPEG?w=334&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 334x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a96d7b4ab3c5d7ef7563da2e2e94591d
89ad7e1b20945a039bfb8f030728e8615b7d1090
851f42fec5f5fd537f4580675e9655bf207eb50334e2dd4d9f862757f8e6b3b5
GET /it/u=2958945660,1305960227&fm=253&fmt=auto&app=138&f=JPEG?w=334&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 12730
expires: Fri, 17 Feb 2023 12:36:09 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a96d7b4ab3c5d7ef7563da2e2e94591d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 12:36:09 GMT
ohc-cache-hit: chenzct67 [1], suzix130 [4]
ohc-file-size: 12730
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=97040658,2737538612&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=638
113.219.142.35200 OK 29 kB URL HTTP/2 img0.baidu.com/it/u=97040658,2737538612&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=638
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x638, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash abe88d977fbbececae72b3167e36966e
abf82fad41c012c9f7684b14eebe05576bc7b339
f05e685b21d7b49464dc2d670124547bdceee1d33058573c0b9fbe041f5f3223
GET /it/u=97040658,2737538612&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=638 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 29422
expires: Sat, 18 Feb 2023 04:11:41 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: abe88d977fbbececae72b3167e36966e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 04:11:41 GMT
ohc-cache-hit: chenzct52 [1], qdix124 [4]
ohc-file-size: 29422
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3106084175,2776644671&fm=253&app=120&f=JPEG?w=1280&h=800
49.79.225.35200 OK 66 kB URL HTTP/1.1 img2.baidu.com/it/u=3106084175,2776644671&fm=253&app=120&f=JPEG?w=1280&h=800
IP 49.79.225.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 74bc7e8b7221d5aed6da4d4138e68f42
63c59c3bc0a67a3415559fd182c5be87c7c42d90
5fbff76cc16f5099a30d9b6c610dd4826529944ed410c4e2d5bda1d16d3bd316
GET /it/u=3106084175,2776644671&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12804.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 11:53:59 GMT
Content-Type: image/jpeg
Content-Length: 65487
Connection: keep-alive
Expires: Sun, 05 Feb 2023 13:41:29 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 74bc7e8b7221d5aed6da4d4138e68f42
Age: 196770
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 13:41:29 GMT
Ohc-Cache-HIT: ntct52 [4], czix124 [2]
Ohc-File-Size: 65487
X-Cache-Status: HIT
img2.baidu.com/it/u=518394472,1008597378&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
42.81.98.35200 OK 36 kB URL HTTP/2 img2.baidu.com/it/u=518394472,1008597378&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6ad7b7a25e499b09d985e71a07ab1588
f249d8d348bccff99c658c01ea7d87891d6a36cd
335d6d1370938c9ea81045bb77f0aafdcb10cd5882d3b26e691d2d9f81e7e2de
GET /it/u=518394472,1008597378&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 36318
expires: Sat, 18 Feb 2023 16:45:46 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 6ad7b7a25e499b09d985e71a07ab1588
age: 127254
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 16:45:46 GMT
ohc-cache-hit: tj5ct62 [4], suzix138 [4]
ohc-file-size: 36318
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3378133988,651244564&fm=253&fmt=auto?w=1280&h=800
113.219.142.35200 OK 168 kB URL HTTP/2 img0.baidu.com/it/u=3378133988,651244564&fm=253&fmt=auto?w=1280&h=800
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 168 kB (168454 bytes)
Hash a15380e9fcdb732967b6eb3026b31b03
8075f6377af3b67d72d961340296f6c960b20aa8
117c73f640537d1b8adf4c744c5e3e3dd5f1f2878c098060bd15db771eb2328c
GET /it/u=3378133988,651244564&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 168454
expires: Sun, 05 Feb 2023 07:31:32 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: a15380e9fcdb732967b6eb3026b31b03
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 07:31:32 GMT
ohc-cache-hit: chenzct52 [2], wzix52 [4]
ohc-file-size: 168454
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3657497261,12670201&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
58.42.14.35200 OK 44 kB URL HTTP/2 img1.baidu.com/it/u=3657497261,12670201&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
IP 58.42.14.35:0
ASN #139203 Guizhou GuiAn IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b194e9fa768154749c73de4933586be6
589436fd9d63a0a403e03b21245a8511cc524df4
e0f89e63a66b35ff06edb6969700f35933057d756ce1ca88575ed141a3d32c06
GET /it/u=3657497261,12670201&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 44440
expires: Tue, 21 Feb 2023 02:43:23 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: b194e9fa768154749c73de4933586be6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:43:23 GMT
ohc-cache-hit: gyct51 [1], czix51 [4]
ohc-file-size: 44440
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2099595416,2246468256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=905
113.219.142.35200 OK 56 kB URL HTTP/2 img0.baidu.com/it/u=2099595416,2246468256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=905
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x905, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bec30330094a6d614b040b659191fada
f46bdbf45be5b2adf30fe64748d8b8b2cc96a258
284463d6ecaa75576925fddd5df8a0440308d0adf51c000443492ebe663ffdee
GET /it/u=2099595416,2246468256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=905 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12804.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 11:53:59 GMT
content-type: image/webp
content-length: 56350
expires: Fri, 17 Feb 2023 12:27:46 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: bec30330094a6d614b040b659191fada
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 12:27:46 GMT
ohc-cache-hit: chenzct58 [1], czix114 [2]
ohc-file-size: 56350
x-cache-status: MISS
X-Firefox-Spdy: h2
12804.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12804.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12804.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12804.url.tudown.com/down/type34.6.0.0@376_33660.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675511673; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675511673
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 11:54:00 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
54.230.111.122200 OK 0 B URL HTTP/2 jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP 54.230.111.122:0
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12804.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc01.lato;REVALIDATED from w-sc01.lato
date: Sat, 04 Feb 2023 11:49:39 GMT
cache-control: max-age=600
expires: Sat, 04 Feb 2023 11:59:30 GMT
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2fQfbZwber1Mkwvo_QzdQq1og2geSn5t6CXoMVlFfBUko_ejiFN-lQ==
age: 265
X-Firefox-Spdy: h2