r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2540
Expires: Sat, 04 Feb 2023 05:42:22 GMT
Date: Sat, 04 Feb 2023 05:00:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15019
Expires: Sat, 04 Feb 2023 09:10:22 GMT
Date: Sat, 04 Feb 2023 05:00:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16861
Expires: Sat, 04 Feb 2023 09:41:04 GMT
Date: Sat, 04 Feb 2023 05:00:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 04:43:35 GMT
content-type: application/json
age: 988
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 34Vpso3GjIz2oAjRhk9RtbNS6KLcaVjrDcWZRBxy4VoPBEGYvYJQBlq0OPmSVY5odnaGNFcBCOI=
x-amz-request-id: KQ2PBT8G40Z8Z0EP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 04:52:42 GMT
age: 441
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:00:03 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 04:49:07 GMT
age: 656
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2800
Expires: Sat, 04 Feb 2023 05:46:43 GMT
Date: Sat, 04 Feb 2023 05:00:03 GMT
Connection: keep-alive
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D97wD2/WzEA7c+aqwYJvEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /8iiU4pBJyJei5dlRBidn+7jJ6M=
12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
154.218.151.71200 OK 17 kB URL HTTP/1.1 12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 0d6e23c46e90a3b1c33330a8a69ab6da
2f7d0aa695ebb5988ed21cdf6b1a583ef6d0a40e
1288e3c6917a4615efeefbaa68ceedf14ac31f3b01e309d5b62c25b267d63a0b
GET /down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12635.url.tudown.com/template/company/duote-xiazai/css/global.css
154.218.151.71200 OK 7.6 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/css/global.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (710)
Hash b2502d4c36bc519e47bce519ffb3a295
d252dd5c34dbd231f5c120d8f45ded16e0aa3f4c
10bec4c97bde3cac4a43e4d86604e1ff2c54926ec350419e404435f0616d1a1a
GET /template/company/duote-xiazai/css/global.css HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6b-935f"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12635.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12635.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12635.url.tudown.com/template/company/duote-xiazai/css/soft.css
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 952b2841668e8303c2ee8bc817394790
1e7d159d8d75df0112f06eedab3ecd62b7075a52
51c463da96c71adce2a234968d1e46949fa82804f680861cb6562da84239e209
GET /template/company/duote-xiazai/css/soft.css HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6e-a090"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12635.url.tudown.com/template/company/duote-xiazai/css/news.css
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/css/news.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 4d5f155ee78bab18dd989f8fedda8ebc
d3e3353e7a3da786e2a1342ca13407fd432e3398
6754cc7b30008e41d53b0ebfb6b52a0c59712348880d235a77a07c3af02d9886
GET /template/company/duote-xiazai/css/news.css HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-16fd"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12635.url.tudown.com/template/company/duote-xiazai/css/message.css
154.218.151.71200 OK 1.6 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/css/message.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 90d699f8127fe2e7210c0f31f0b90bb0
245191b7026614b76c7234e8e82724d463d4adf1
50d4eaf1d089edb739f43068f78330d22700b47f9ea8acb14fa5606637aeaf23
GET /template/company/duote-xiazai/css/message.css HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-17a8"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12635.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
154.218.151.71200 OK 353 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 6fc35ccb15b461bc6b549a85ea398894
21581ad4fc3db4acc99bb2fb4ed2fde1dfa50049
8d88f6d1d76a2cf300e9378742dc29f48060c9747cfdeb6b05050cf25cc5ebfb
GET /template/company/duote-xiazai/css/scrollbar.css HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/css
Content-Length: 353
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Connection: keep-alive
ETag: "63676e6e-161"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12635.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/company/duote-xiazai/css/scrollStyle.css HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
42.81.8.130200 OK 2.2 kB URL HTTP/1.1 bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5411), with no line terminators
Hash 5871fcd549aa0ada79216f55fc6eca14
711298c5227c79a85f9eb60392b3c478519396dc
20b238083b6a55c4dae9970e637bae8cee9ea2236c76a7e9932aa25d586267a3
Analyzer Verdict Alert fortinet Malware
GET /common/xsoa-r/openjs/pu/ao.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2204
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 06:00:04 GMT
Last-Modified: Sun, 29 Jan 2023 16:31:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c201584e8aac37de-143
Server: yunjiasu
12635.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
154.218.151.71200 OK 37 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d4e282e0e1e69d378568eac0d45bfd24
8b62528373788e473676aa025a72aae45ec17d01
b5bbdf5ae69bfc2b39919ac018f41b27efac22f98ab92848db65022eb03dfd12
GET /template/company/duote-xiazai/js/jquery.min.js HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-16f44"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
bdcode.2345.com/source/g/common/by/ht_jy_qx.js
42.81.8.130200 OK 2.2 kB URL HTTP/1.1 bdcode.2345.com/source/g/common/by/ht_jy_qx.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5410), with no line terminators
Hash 6678dc6a8a8fc16c4a00d61519463626
7b22b064442c4b9de39636c71ffb897562af4a0e
dc754f24d3f70158f2d834c577cab3caf5c79975b839c8a4925b75b217b2cf9f
Analyzer Verdict Alert fortinet Malware
GET /source/g/common/by/ht_jy_qx.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2205
Connection: keep-alive
Cache-Control: max-age=14400
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 09:00:04 GMT
Last-Modified: Sun, 29 Jan 2023 02:02:23 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c201584e8aad37de-143
Server: yunjiasu
12635.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
154.218.151.71200 OK 799 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash ac93d373f5090fbc3e8a7152aab7170d
160c0bc3072bccced250979b7999ae060941eb06
e15e1cefcdcd40db68eecbd7a02af32a8a97e5749791b07b434f8454408c1570
GET /template/company/duote-xiazai/js/duotecommon_top.js HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-a0b"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12635.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
154.218.151.71200 OK 8.9 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (29165), with CRLF line terminators
Hash fd0bdc561b4f37fa8e4539d86c5fd0e4
663b932af8ef82dff4cfeb56351bd32853e54804
98161b22bc6e6613ecf1c230ff9664ba032c3abfe8d6a4079263f9daeb1829db
GET /template/company/duote-xiazai/css/jquery-ui.min.css HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-7d6e"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12635.url.tudown.com/template/company/duote-xiazai/css/index.css
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/css/index.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash fbfd831dee308c5094076e0b4022a222
fa69c04bf3f0c911d2b1697717e05706362f0c57
ab5a9d33745256917eb22abecd3d8ed4790e612720f2a743206d00b85aa5ff4f
GET /template/company/duote-xiazai/css/index.css HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6c-42b3"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12635.url.tudown.com/template/company/duote-xiazai/css/teach.css
154.218.151.71200 OK 4.1 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/css/teach.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (499)
Hash 16ca38b11b525a142c6086c2c2802545
88ed9d1c7088344b24f18132ad025ed63623bb7e
c7d5eef240fb383c039b0141854336a78a07597b0bff022ae71514e913351d7a
GET /template/company/duote-xiazai/css/teach.css HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e70-503f"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8b051ecaa1ec17dd8e5563a1a93550b7
7ced547bd54076c7e4242f4bc8501c6e6d3fe3ad
6bb317f453da2286304bd5669a482b7d5ce5b2016ffd49da51f324e670e1c1ad
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 05:00:04 GMT
Last-Modified: Fri, 03 Feb 2023 07:12:33 GMT
ETag: "63dcb3e1-1d7"
Expires: Sun, 05 Feb 2023 07:12:33 GMT
Cache-Control: max-age=94349
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675486805
Via: cache17.l2de2[139,138,200-0,M], cache17.l2de2[140,0], cache1.se1[162,161,200-0,M], cache1.se1[163,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 05:00:05 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516754868048842329e
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4642
Expires: Sat, 04 Feb 2023 06:17:27 GMT
Date: Sat, 04 Feb 2023 05:00:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 24584
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a032104cf4ccc6ea31f163ca16386487
a0573916c3d72f0554928963c0a74413fdcb3558
8ba7b6e9b3fa28f6fd27f5f006cedac10f50d7da6c109155a2476cf04f4df932
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8909
x-amzn-requestid: 051806fe-c051-4948-a46a-48ed1df321a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFIMFLNoAMFY5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8234-212ec9a838fc64a9164f21f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:52:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 24zolqnsQilbFdqM8BnmjaH7DXfFunFyXgmOyF_FkPoatjLi137xgQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:53 GMT
age: 24552
etag: "a0573916c3d72f0554928963c0a74413fdcb3558"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc91044ea257e54846f8dd907b48d29e
6d2231e05dabe5ee55f8dbf8687d7b7a92c25d64
8e77e1a87ab035ed1affd01159d1c899e46d7c247d0bc085dd57d1b1c6fed830
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E77E1A87AB035ED1AFFD01159D1C899E46D7C247D0BC085DD57D1B1C6FED830"
Last-Modified: Thu, 02 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9065
Expires: Sat, 04 Feb 2023 07:31:10 GMT
Date: Sat, 04 Feb 2023 05:00:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
age: 24584
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
age: 23369
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8b051ecaa1ec17dd8e5563a1a93550b7
7ced547bd54076c7e4242f4bc8501c6e6d3fe3ad
6bb317f453da2286304bd5669a482b7d5ce5b2016ffd49da51f324e670e1c1ad
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 05:00:05 GMT
Ali-Swift-Global-Savetime: 1675486805
Via: cache14.l2de2[188,188,200-0,M], cache14.l2de2[189,0], cache5.se1[211,211,200-0,M], cache5.se1[212,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 05:00:05 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916754868048843576e
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 24584
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 54c06759-6fab-455c-be34-496ee42a2580
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZLQEqroAMFyWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d57b-2237358a5cc22b8003af1852;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:08:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oc3NhvAmcrO3msFYF2ITsEpq8a2wsOLkXtmZxRQpmse84yml0l9PNA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:46:57 GMT
age: 25988
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
151.101.130.133200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 151.101.130.133:0
Hash bb1a2a2857ced328d8f4754a188da279
32452bcc72a066f08905e904939f486016cfad64
b149d6c1365034fca8951f35a9e56145345ffc64bd165c826b80f97cff477f18
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 03:30:22 GMT
ETag: "32452bcc72a066f08905e904939f486016cfad64"
Last-Modified: Sat, 04 Feb 2023 03:30:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 05:00:05 GMT
Age: 5382
X-Served-By: cache-qpg1252-QPG, cache-bma1653-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 25, 1
X-Timer: S1675486805.158380,VS0,VE1
12635.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
154.218.151.71200 OK 741 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1844)
Hash 64d8d6bbbe2129e883c5af163b76600d
5c0f7df223f7f0ca25cc5c8247ae8b8f0cae4805
66f01728ee43d433d4fd4c0409354667cc543ae51cd362376d3f053da321369b
GET /template/company/duote-xiazai/js/super_slider.js HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-763"
Expires: Sat, 04 Feb 2023 17:00:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b8a4c77c7ee364638279ce8d97a2bc55
031bca0ada3f868941f00828c84c2d3fef15d1c0
1a9b32d9c121d50269142d0342b51c0996fd3df1f095f115d21690017008dd97
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 04:31:47 GMT
last-modified: Tue, 31 Jan 2023 16:54:59 GMT
expires: Tue, 07 Feb 2023 16:54:58 GMT
etag: "031bca0ada3f868941f00828c84c2d3fef15d1c0"
cache-control: max-age=602827,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7940adbfaf8d2bad-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675485107
via: cache2.l2de2[0,0,304-0,H], cache3.l2de2[1,0], cache3.se1[0,0,200-0,H], cache5.se1[2,0], cache2.se1[4,0]
age: 1698
x-cache: HIT TCP_MEM_HIT dirn:11:376751105
x-swift-savetime: Sat, 04 Feb 2023 04:31:57 GMT
x-swift-cachetime: 1790
timing-allow-origin: *, *
eagleid: 2ff62c9616754868051746003e, 2ff62c9616754868051746003e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8b051ecaa1ec17dd8e5563a1a93550b7
7ced547bd54076c7e4242f4bc8501c6e6d3fe3ad
6bb317f453da2286304bd5669a482b7d5ce5b2016ffd49da51f324e670e1c1ad
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 05:00:05 GMT
Last-Modified: Fri, 03 Feb 2023 07:12:33 GMT
ETag: "63dcb3e1-1d7"
Expires: Sun, 05 Feb 2023 07:12:33 GMT
Cache-Control: max-age=94348
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675486805
Via: cache15.l2de2[292,292,200-0,M], cache15.l2de2[293,0], cache4.se1[314,313,200-0,M], cache4.se1[315,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 05:00:05 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816754868048872463e
12635.url.tudown.com/template/company/duote-xiazai/js/index.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/js/index.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (8638)
Hash a1f3815ea981db7480ca3c4d5d54aac6
f3961cccb17dc2190e2a8c249d936d0b1185fd7e
7adb4d2ea2856125d829deeabfc70e92f87a5e50f84187ed8d570b810c807d6f
GET /template/company/duote-xiazai/js/index.js HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e97-223b"
Expires: Sat, 04 Feb 2023 17:00:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12635.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 33db5499343abb12f6c7d980cfdf5af0
ca9f7d2be1dd0f229f709b2effd22d57413fc7d4
3ca1208b56597372cccafd9817375f08e7e85ab84b310cb882ff8a76bac1c388
GET /template/company/duote-xiazai/js/soft_comment.js HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-f1c"
Expires: Sat, 04 Feb 2023 17:00:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8b051ecaa1ec17dd8e5563a1a93550b7
7ced547bd54076c7e4242f4bc8501c6e6d3fe3ad
6bb317f453da2286304bd5669a482b7d5ce5b2016ffd49da51f324e670e1c1ad
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 05:00:05 GMT
Ali-Swift-Global-Savetime: 1675486805
Via: cache17.l2de2[274,274,200-0,M], cache17.l2de2[275,0], cache5.se1[296,295,200-0,M], cache5.se1[297,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 05:00:05 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916754868049213592e
12635.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
154.218.151.71200 OK 577 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d2fd0ff89c3e773f8cfb6e5e57ae2909
537114b9b969f30770ba619a17d217bb69efb759
9665a3c5c2aa7e032819815b24dccc0dd5fbfbbef8876d7d42dfe2751e06d8f7
GET /template/company/duote-xiazai/js/clickdown_stat_ajax.js HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-57a"
Expires: Sat, 04 Feb 2023 17:00:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img4.duote.com/duoteimg/js/front_ad.js
58.215.47.190200 OK 0 B URL HTTP/2 img4.duote.com/duoteimg/js/front_ad.js
IP 58.215.47.190:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /duoteimg/js/front_ad.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 0
date: Mon, 30 Jan 2023 14:45:14 GMT
x-oss-request-id: 63D7D7FA375B533033D1ED45
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D41D8CD98F00B204E9800998ECF8427E"
last-modified: Wed, 02 Sep 2020 01:55:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 0
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 1B2M2Y8AsgTpgAmY7PhCfg==
ali-swift-global-savetime: 1675089914
via: cache29.l2cn2641[0,0,200-0,H], cache43.l2cn2641[1,0], vcache18.cn4730[0,0,200-0,H], vcache13.cn4730[1,0]
age: 396891
x-cache: HIT TCP_MEM_HIT dirn:9:300161027
x-swift-savetime: Thu, 02 Feb 2023 03:30:33 GMT
x-swift-cachetime: 15333281
timing-allow-origin: *
eagleid: 3ad72f2116754868051852501e
X-Firefox-Spdy: h2
12635.url.tudown.com/template/company/duote-xiazai/js/new_global.js
154.218.151.71200 OK 592 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/js/new_global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 232fd4a41f68cb95c02a365b6aca84e9
4d17747184f32abc1b922759c510bdbab4eccedd
0d50c1f4db8f330ef99775e40dadb29b531eb33314540560567b1f2623d4885e
GET /template/company/duote-xiazai/js/new_global.js HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9d-685"
Expires: Sat, 04 Feb 2023 17:00:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 8b051ecaa1ec17dd8e5563a1a93550b7
7ced547bd54076c7e4242f4bc8501c6e6d3fe3ad
6bb317f453da2286304bd5669a482b7d5ce5b2016ffd49da51f324e670e1c1ad
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 05:00:05 GMT
Ali-Swift-Global-Savetime: 1675486805
Via: cache19.l2de2[277,277,200-0,M], cache19.l2de2[278,0], cache5.se1[299,298,200-0,M], cache5.se1[302,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 05:00:05 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916754868049993626e
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.209301 Moved Permanently 262 B URL HTTP/1.1 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://www.2345.com/js/index/activity/20171111/widget.min.js
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Via: cache4.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9816754868053012654e
12635.url.tudown.com/template/company/duote-xiazai/images/stars.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/images/stars.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/stars.png HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:35 GMT
Connection: keep-alive
ETag: "63676e8f-199"
Accept-Ranges: bytes
img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
58.215.47.190200 OK 1.0 kB URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
IP 58.215.47.190:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash 8c6a6de562181b71d2867e2711f31df9
6e3aed7b36431b15293f6a3a1c66567a6fec5334
f65233dc7f87033f78a736238467c78ce1973af259b67f932c285a0f180174ee
GET /duoteimg/dtnew_assets/pc/js/soft/auto_complete.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 1015
date: Wed, 19 Oct 2022 10:50:39 GMT
vary: Accept-Encoding
x-oss-request-id: 634FD67F528A2F373455466A
x-oss-cdn-auth: success
last-modified: Wed, 19 Oct 2022 02:15:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3181168464323094172
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVRiBgICaq4y4nxgiIDJjNjljMDkwMWY0MjQ4N2JhZTA2NmEwOWJkZmNhMWYx
content-md5: 5qfmF/GrELbus726BAkyLQ==
x-oss-server-time: 22
content-encoding: gzip
ali-swift-global-savetime: 1666176639
via: cache58.l2cn3055[0,0,200-0,H], cache52.l2cn3055[2,0], vcache13.cn4730[0,0,200-0,H], vcache13.cn4730[1,0]
age: 9310166
x-cache: HIT TCP_HIT dirn:9:359604671
x-swift-savetime: Thu, 02 Feb 2023 04:10:48 GMT
x-swift-cachetime: 6417591
timing-allow-origin: *
eagleid: 3ad72f2116754868052472552e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/js/baidu_js_push.js
58.215.47.190200 OK 359 B URL HTTP/2 img4.duote.com/duoteimg/js/baidu_js_push.js
IP 58.215.47.190:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type ASCII text, with CRLF line terminators
Hash f63ef5e096ef52af0cb95b8d2f3fda32
8d6dcc307c816618f7b26e1482d16d447f382e51
e0679eaf3f94f9353f167a1ebe1a8424c61631cc9be2d5a5445ba35e77f58932
GET /duoteimg/js/baidu_js_push.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 359
date: Wed, 01 Feb 2023 02:30:12 GMT
x-oss-request-id: 63D9CEB468498337333C47D0
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "F63EF5E096EF52AF0CB95B8D2F3FDA32"
last-modified: Tue, 21 Jun 2022 08:41:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2603761381065918884
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Wed, 22 Jun 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQUxiBgID4uNiVjBgiIDdjODgyMTExYzA2OTQ5NmU4NjMxZTI4MDZmMTc2NGEx
content-md5: 9j714JbvUq8MuVuNLz/aMg==
x-oss-server-time: 42
ali-swift-global-savetime: 1675218612
via: cache24.l2cn2641[0,1,200-0,H], cache27.l2cn2641[3,0], vcache27.cn4730[0,0,200-0,H], vcache13.cn4730[3,0]
age: 268193
x-cache: HIT TCP_MEM_HIT dirn:9:63396267
x-swift-savetime: Thu, 02 Feb 2023 03:30:33 GMT
x-swift-cachetime: 15461979
timing-allow-origin: *
eagleid: 3ad72f2116754868053392648e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
58.215.47.190200 OK 895 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
IP 58.215.47.190:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash f8f676d38231dad63dfc1144b4739051
978c21f9675780eb755412efc1ddc8fe098c5d7f
2ab62b8459e616fbc36456facba7af14984e90a3a5522a317d46cdb6f133f871
GET /duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 895
date: Thu, 08 Dec 2022 06:30:46 GMT
x-oss-request-id: 63918496AFFD703338923AEB
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "4C7F46FF62D37B2CC7456F8F9EB96611"
last-modified: Thu, 10 Sep 2020 02:00:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13670043018340852857
x-oss-storage-class: Standard
x-oss-meta-mode: 33188
x-oss-meta-mtime: 1599017058
x-oss-expiration: expiry-date="Fri, 11 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
vary: Accept-Encoding
content-md5: TH9G/2LTeyzHRW+PnrlmEQ==
x-oss-server-time: 24
content-encoding: gzip
ali-swift-global-savetime: 1670481046
via: cache8.l2cn3037[0,0,200-0,H], cache72.l2cn3037[1,0], vcache13.cn4730[0,0,200-0,H], vcache13.cn4730[0,0]
age: 5005759
x-cache: HIT TCP_MEM_HIT dirn:9:364955679
x-swift-savetime: Tue, 03 Jan 2023 18:34:40 GMT
x-swift-cachetime: 13262166
timing-allow-origin: *
eagleid: 3ad72f2116754868053482655e
X-Firefox-Spdy: h2
12635.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
154.218.151.71200 OK 63 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 827609f4f6b6dbef37e7bbb2c6cb8535
09929f83133df43c4ec28623065e3af7647a1f11
f7f82084b7a593e189a56487ea3179a61e6d8c93ec6ffdfada18e8c5e8863375
GET /template/company/duote-xiazai/js/keyword_new.js HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: application/javascript
Content-Length: 63
Last-Modified: Sun, 06 Nov 2022 08:21:47 GMT
Connection: keep-alive
ETag: "63676e9b-3f"
Expires: Sat, 04 Feb 2023 17:00:05 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
58.215.47.190200 OK 361 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
IP 58.215.47.190:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type HTML document text\012- HTML document, ASCII text, with very long lines (361), with no line terminators
Hash d7877f2308efe72c7913b65816859daa
755606b601ae85ebcbf0dd47660fb028d1bf30d7
3af5e226f01cd0faf44433ba44517cc6b0fe9596de061a613c8d719227cc2c1a
GET /duoteimg/dtnew_recom_img/duoteself/softdown_1.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 361
date: Wed, 04 Jan 2023 11:04:14 GMT
x-oss-request-id: 63B55D2EC8A4583930BA3DD0
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D7877F2308EFE72C7913B65816859DAA"
last-modified: Wed, 04 Jan 2023 09:53:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13587884656729146177
x-oss-storage-class: Standard
x-oss-meta-mtime: 1672826010
x-oss-expiration: expiry-date="Thu, 05 Jan 2023 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVxiBgMCnu.bwqxgiIGMwYmRlOGE3NDQ3MjQxYmY4Y2NiYWYyOWExMzU2Zjdi
content-md5: 14d/Iwjv5yx5E7ZYFoWdqg==
x-oss-server-time: 9
ali-swift-global-savetime: 1672830254
via: cache7.l2cn2641[0,0,200-0,H], cache17.l2cn2641[0,0], vcache8.cn4730[0,0,200-0,H], vcache13.cn4730[1,0]
age: 2656551
x-cache: HIT TCP_MEM_HIT dirn:9:139960763
x-swift-savetime: Thu, 02 Feb 2023 03:35:18 GMT
x-swift-cachetime: 13073336
timing-allow-origin: *
eagleid: 3ad72f2116754868054332723e
X-Firefox-Spdy: h2
static.mediav.com/js/mvf_g2.js
101.198.192.8200 OK 9.0 kB URL HTTP/1.1 static.mediav.com/js/mvf_g2.js
IP 101.198.192.8:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (25539), with no line terminators
Hash 1baf9fc7116527b1a41307a6653030ca
f854953834e70e842d0d3fe6c8966ffb38e16744
d601207a5fa9a6b11008bc0a5a295c46ed62707d4a4b7b04a276eef33c3dcbd3
GET /js/mvf_g2.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:41 GMT
Vary: Accept-Encoding
Expires: Sat, 04 Feb 2023 10:00:05 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.hkht;HIT from w-sc01.bjyt
s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
180.97.251.250200 OK 20 B URL HTTP/2 s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
IP 180.97.251.250:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1277770517&web_id=1277770517 HTTP/1.1
Host: s5.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Sat, 04 Feb 2023 04:36:54 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sat, 04 Feb 2023 04:36:53 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1675485414
via: cache6.l2ea120-8[66,65,200-0,M], cache35.l2ea120-8[67,0], cache9.cn2205[0,0,200-0,H], cache15.cn2205[0,0]
age: 1391
x-cache: HIT TCP_MEM_HIT dirn:12:736043805
x-swift-savetime: Sat, 04 Feb 2023 04:36:54 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb2b16754868054384876e
X-Firefox-Spdy: h2
12635.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
154.218.151.71200 OK 80 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32074), with CRLF line terminators
Hash e81ec1034a64ade1aa8b290326108e91
67aa74b0a4d0039f59acacca2ee6eee5ebaa312e
825cd708c0562c4b038d007351af36e0c4b34a32c0a1e8fd5852206417cbf94e
GET /template/company/duote-xiazai/js/jquery-ui.min.js HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:04 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-3def1"
Expires: Sat, 04 Feb 2023 17:00:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12635.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
154.218.151.71200 OK 738 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1755)
Hash 941e223b206b2f389ba88e5c62146e05
1ea47333441413a3afd2fbc6e335810513cd3b5f
c0034343dbd842fc5ba9dfae6be7145ec000eb017fc0ca9a7fd6e245811df660
GET /template/company/duote-xiazai/js/scrollbar.js HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9e-707"
Expires: Sat, 04 Feb 2023 17:00:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
180.101.199.211404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 180.101.199.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Sat, 04 Feb 2023 05:00:05 GMT
ali-swift-global-savetime: 1675486805
via: cache48.l2cn3037[13,12,404-1280,M], cache46.l2cn3037[14,0], cache46.l2cn3037[14,0], vcache19.cn4733[15,15,404-1280,M], vcache11.cn4733[16,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sat, 04 Feb 2023 05:00:05 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: b465c71f16754868055456253e
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/logo.png?n=42fjv2nbxls3raxgv6g6lknu46kkrzmtqhtjzcpjtgiornfd4s53xzmfvtsy7oa&w=250
154.218.151.71200 OK 3.3 kB URL HTTP/1.1 12635.url.tudown.com/uploads/images/logo.png?n=42fjv2nbxls3raxgv6g6lknu46kkrzmtqhtjzcpjtgiornfd4s53xzmfvtsy7oa&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 4d9c0382e4b913706013dd001d1527f2
5b0b1a396e4200ff29c1586140d878c9e432c7c8
6ec064115a72b7ca824a3283b80b9e9f16c783448ac3b6e6d12289f2890b6de9
GET /uploads/images/logo.png?n=42fjv2nbxls3raxgv6g6lknu46kkrzmtqhtjzcpjtgiornfd4s53xzmfvtsy7oa&w=250 HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
static.mediav.com/js/mvf_pm_slider.js
101.198.192.8200 OK 40 kB URL HTTP/1.1 static.mediav.com/js/mvf_pm_slider.js
IP 101.198.192.8:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (65536), with no line terminators, with escape sequences
Hash b23b60a7adefb62f50583079ed66f03b
965ea6506ea6c004b1135f23c10c67484fc0d238
987d03cb317bd411589ab916be6ea0e5aaabf8de0e94a2de7712beff577a62f8
GET /js/mvf_pm_slider.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:42 GMT
Vary: Accept-Encoding
Expires: Sat, 04 Feb 2023 10:00:05 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.hkht;HIT from w-sc01.bjyt
12635.url.tudown.com/uploads/images/460940.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/460940.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/460940.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/soft-down.png HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:32 GMT
Connection: keep-alive
ETag: "63676e8c-199"
Accept-Ranges: bytes
12635.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/softfastdownbtn.png HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:33 GMT
Connection: keep-alive
ETag: "63676e8d-199"
Accept-Ranges: bytes
12635.url.tudown.com/template/company/duote-xiazai/images/left.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/images/left.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/left.png HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:20 GMT
Connection: keep-alive
ETag: "63676e80-199"
Accept-Ranges: bytes
12635.url.tudown.com/uploads/images/762765.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/762765.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/762765.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=817302204,2822119471&fm=253&fmt=auto&app=138&f=JPEG?w=416&h=500
12635.url.tudown.com/template/company/duote-xiazai/images/right.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/images/right.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/right.png HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:30 GMT
Connection: keep-alive
ETag: "63676e8a-199"
Accept-Ranges: bytes
img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
180.101.198.208200 OK 2.6 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 74dc1aa4f1e4f7219da7ad597c91b8e7
bfda85aaa1fd81b79b792ee83cd448cd2cde5005
733f3dc6aa38aaad278d72cbef942326c77b0f872727e5971cc8fb9b3b683efe
GET /duoteimg/zhuanti/comment/images/12.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2575
date: Tue, 03 Jan 2023 14:51:52 GMT
x-oss-request-id: 63B44108E8761339321255DD
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "74DC1AA4F1E4F7219DA7AD597C91B8E7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17001896356624891276
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: dNwapPHk9yGdp61ZfJG45w==
x-oss-server-time: 66
ali-swift-global-savetime: 1672757512
via: cache35.l2cn3055[0,0,200-0,H], cache31.l2cn3055[1,0], vcache9.cn4732[0,0,200-0,H], vcache30.cn4732[2,0]
age: 2729293
x-cache: HIT TCP_MEM_HIT dirn:9:354643125
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 13002341
timing-allow-origin: *
eagleid: b465c63216754868058415943e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
180.101.198.208200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 26df8be954a888cd2b29429bcc7d91de
2fa6246adde0616962ed672907c5da94893ce35e
9c73781c61d66f4af9043f08da67a47653fe9662e0aabd4cfa133cfbe55eaa76
GET /duoteimg/zhuanti/comment/images/1.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1771
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3AEF36B303982E532
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "26DF8BE954A888CD2B29429BCC7D91DE"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7119512290700278717
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Jt+L6VSoiM0rKUKbzH2R3g==
x-oss-server-time: 72
ali-swift-global-savetime: 1675307171
via: cache12.l2cn3055[131,130,200-0,M], cache52.l2cn3055[132,0], vcache16.cn4732[0,0,200-0,H], vcache30.cn4732[3,0]
age: 179634
x-cache: HIT TCP_MEM_HIT dirn:9:360338099
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c63216754868058415945e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
180.101.198.208200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 52c2ef213baaff54c731557b999a0bf7
804e7ac80e4255b27247350265bbc92ce8d075bb
6bc6cc4739fbf0b9257b84549097c06651f82bcb2edef386710f4bb88e5b1676
GET /duoteimg/zhuanti/comment/images/9.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1733
date: Tue, 03 Jan 2023 11:51:50 GMT
x-oss-request-id: 63B416D62B654B3335D3555D
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "52C2EF213BAAFF54C731557B999A0BF7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7207152638915174298
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: UsLvITuq/1THMVV7mZoL9w==
x-oss-server-time: 135
ali-swift-global-savetime: 1672746710
via: cache4.l2cn3055[0,0,200-0,H], cache34.l2cn3055[1,0], vcache5.cn4732[0,0,200-0,H], vcache30.cn4732[3,0]
age: 2740095
x-cache: HIT TCP_MEM_HIT dirn:9:233693268
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 12991539
timing-allow-origin: *
eagleid: b465c63216754868058415947e
X-Firefox-Spdy: h2
bdcode.2345.com/awycyrm.js
42.81.8.130200 OK 38 kB URL HTTP/1.1 bdcode.2345.com/awycyrm.js
IP 42.81.8.130:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 5fbb10e03d1f57d1cc8b11f6733f05e9
6c5795f7e16e68be43e5416cf63e509a6caa58b8
550493b918a5548592ae1a76018c938f3ff7e9f64fe5af1dfcf91839e7270bd8
Analyzer Verdict Alert fortinet Malware
GET /awycyrm.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 38255
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 06:00:05 GMT
Last-Modified: Sun, 29 Jan 2023 02:02:23 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c20158598ab037de-143
Server: yunjiasu
12635.url.tudown.com/template/company/duote-xiazai/images/like.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/images/like.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/like.png HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:22 GMT
Connection: keep-alive
ETag: "63676e82-199"
Accept-Ranges: bytes
img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
180.101.198.208200 OK 2.1 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 8535863eee1ae5dfffa4f25a79cffa10
ae60588f804b611794c725429927f1a37c31a6e5
13fd5ae010e7d97dc637a2ec0537a28a8d74dac1f1480fa87279ae226e13e535
GET /duoteimg/zhuanti/comment/images/10.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2105
date: Tue, 03 Jan 2023 14:51:52 GMT
x-oss-request-id: 63B44108DA57CC3430E71280
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "8535863EEE1AE5DFFFA4F25A79CFFA10"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 720901678692586227
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: hTWGPu4a5d//pPJaec/6EA==
x-oss-server-time: 80
ali-swift-global-savetime: 1672757512
via: cache79.l2cn3055[0,0,200-0,H], cache51.l2cn3055[2,0], vcache18.cn4732[0,0,200-0,H], vcache30.cn4732[3,0]
age: 2729293
x-cache: HIT TCP_HIT dirn:10:213188726
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 13002341
timing-allow-origin: *
eagleid: b465c63216754868058415946e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
180.101.198.208200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 15c10a442a7bd8384cd17ed420cf21e9
477ba29d0b04ec0a2950d715b58abe2db4d68cdd
153b9c74c5a92e7ec480365537cd43c9973840f3b6c72dad3032f5aeb0a4d30e
GET /duoteimg/zhuanti/comment/images/8.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1788
date: Wed, 04 Jan 2023 12:19:30 GMT
x-oss-request-id: 63B56ED2565BBE303154AA8D
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "15C10A442A7BD8384CD17ED420CF21E9"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10105978504471775518
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: FcEKRCp72DhM0X7UIM8h6Q==
x-oss-server-time: 68
ali-swift-global-savetime: 1672834770
via: cache16.l2cn3055[0,0,200-0,H], cache43.l2cn3055[1,0], vcache26.cn4732[0,0,200-0,H], vcache30.cn4732[3,0]
age: 2652035
x-cache: HIT TCP_MEM_HIT dirn:9:299037609
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 13079599
timing-allow-origin: *
eagleid: b465c63216754868058415948e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
180.101.198.208200 OK 1.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 56bd697fdac1de3dbe8d4dd53e309a9b
215d4fead2dbf7bf6aeea1136749675cc5034f9e
7acdc1e69fd8d2c578ccf122054b7dab5a58a59caa255cd5585d45956136f4a3
GET /duoteimg/zhuanti/comment/images/7.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1495
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3E3631F36348B9DE4
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "56BD697FDAC1DE3DBE8D4DD53E309A9B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6398064933782332215
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Vr1pf9rB3j2+jU3VPjCamw==
x-oss-server-time: 88
ali-swift-global-savetime: 1675307171
via: cache25.l2cn3055[109,109,200-0,M], cache76.l2cn3055[111,0], vcache25.cn4732[0,0,200-0,H], vcache30.cn4732[1,0]
age: 179634
x-cache: HIT TCP_MEM_HIT dirn:11:237709296
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c63216754868058435949e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
180.101.198.208200 OK 3.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash eb575dd556470ae55acfa8350f63f3ab
5ded8852598c3cb4ff9130d24b1b7b03c558d14e
0be355d4a20f70a41fef403a817d2d27a1c5122fa1b58ef04dc884fb9a12ed7a
GET /duoteimg/zhuanti/comment/images/6.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3468
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3C428EB3630F276FE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "EB575DD556470AE55ACFA8350F63F3AB"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17858666986198953545
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 61dd1VZHCuVaz6g1D2Pzqw==
x-oss-server-time: 117
ali-swift-global-savetime: 1675307171
via: cache12.l2cn3055[156,156,200-0,M], cache36.l2cn3055[158,0], vcache7.cn4732[0,0,200-0,H], vcache30.cn4732[2,0]
age: 179634
x-cache: HIT TCP_MEM_HIT dirn:9:53898126
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c63216754868058435950e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
180.101.198.208200 OK 3.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 2ea694cf637a163c094f4e88ae235ec7
8c80f708bc2b9ade2838743d1ec2f779662054e4
8824766f185db8f093dabd01f47636740f26f1a0340b8ed170e4268f36488a44
GET /duoteimg/zhuanti/comment/images/3.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3011
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A39A01B13931D7DCBD
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "2EA694CF637A163C094F4E88AE235EC7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8455495457239003797
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: LqaUz2N6FjwJT06IriNexw==
x-oss-server-time: 156
ali-swift-global-savetime: 1675307171
via: cache63.l2cn3055[195,194,200-0,M], cache28.l2cn3055[196,0], vcache25.cn4732[0,0,200-0,H], vcache30.cn4732[0,0]
age: 179634
x-cache: HIT TCP_MEM_HIT dirn:9:14742749
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c63216754868058475955e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
180.101.198.208200 OK 2.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash a7bff4f63a973a68e2d98ee780d9e29e
4c87d92faf82347bb122c2ad0e74e166aec5c567
18e82892f579e1f63d003f7e8404754b775542d72ea2d677f61d8ed3c7dfd21c
GET /duoteimg/zhuanti/comment/images/5.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2768
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3F1D5B233305BE7E5
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "A7BFF4F63A973A68E2D98EE780D9E29E"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11302870927342222426
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: p7/09jqXOmji2Y7ngNning==
x-oss-server-time: 127
ali-swift-global-savetime: 1675307171
via: cache51.l2cn3055[157,156,200-0,M], cache47.l2cn3055[159,0], vcache1.cn4732[0,0,200-0,H], vcache30.cn4732[2,0]
age: 179635
x-cache: HIT TCP_MEM_HIT dirn:10:284702017
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c63216754868060836263e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
180.101.198.208200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash daaa6d71e871eec644788b703b718bd8
8fadc0f0070931b2f807159e87b82bc2269b467a
6d31802a2485e9ff603aa0ec2528c96590e9d4c5ac8961ddf8a9c3fe3bb5c0b8
GET /duoteimg/zhuanti/comment/images/2.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1668
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3EE37C83934296313
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "DAAA6D71E871EEC644788B703B718BD8"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17840225992830112301
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 2qptcehx7sZEeItwO3GL2A==
x-oss-server-time: 101
ali-swift-global-savetime: 1675307171
via: cache51.l2cn3055[128,127,200-0,M], cache71.l2cn3055[129,0], vcache3.cn4732[0,0,200-0,H], vcache30.cn4732[2,0]
age: 179635
x-cache: HIT TCP_MEM_HIT dirn:11:35063887
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c63216754868060836265e
X-Firefox-Spdy: h2
12635.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cc3e19fad8a144bf1e7bf400678f99cb
6ac3ec9a26fdec416640a98d24564ddee9886999
1725f9122ad4ec5075cd0967aef3ef5aff312d90e17a33b854d71434f7cbba4c
GET /template/company/duote-xiazai/images/icon-sprites.png HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/png
Content-Length: 1160
Last-Modified: Sun, 06 Nov 2022 08:21:18 GMT
Connection: keep-alive
ETag: "63676e7e-488"
Accept-Ranges: bytes
12635.url.tudown.com/template/company/duote-xiazai/images/dislike.png
154.218.151.71200 OK 295 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/images/dislike.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 16 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash a23e4dc6044953a149d0eb87aa9df5a4
48ab906d07b8d3265c0de7255d41d5352df29b9d
0342c264fcaac6c9fb4c0ea801d56145043dcd37613bddc633a6333c783eb2b9
GET /template/company/duote-xiazai/images/dislike.png HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/png
Content-Length: 295
Last-Modified: Sun, 06 Nov 2022 08:21:09 GMT
Connection: keep-alive
ETag: "63676e75-127"
Accept-Ranges: bytes
img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
180.101.198.208200 OK 7.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 0dfec8a688ee97162d852f42a0fa2a23
a6bc13493b4f2471b72b9d9e8474a9889ad2f4cb
bfef5124ff15cc50ba2eb8e6c605541b642bb5c8c18a4c618ed248522f8d44e0
GET /duoteimg/zhuanti/comment/images/11.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 6979
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3EEC7423138E2BAB0
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0DFEC8A688EE97162D852F42A0FA2A23"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5501157311881781066
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Df7IpojulxYthS9CoPoqIw==
x-oss-server-time: 166
ali-swift-global-savetime: 1675307171
via: cache60.l2cn3055[198,198,200-0,M], cache67.l2cn3055[199,0], vcache27.cn4732[0,0,200-0,H], vcache30.cn4732[2,0]
age: 179635
x-cache: HIT TCP_MEM_HIT dirn:10:25434270
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c63216754868060836260e
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/923129.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/923129.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/923129.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2619268211,3497339777&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/common/ipnotice/
154.218.151.71200 OK 17 kB URL HTTP/1.1 12635.url.tudown.com/common/ipnotice/
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 53316377b774d752d8470cb5ba5d27c8
b893a4256078664a28ae1be184a082669d2796ea
cbd373ab9c3891bfec1cbfee99e23b61dae49f3eaa2f66953bac516f96bd3474
GET /common/ipnotice/ HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12635.url.tudown.com/uploads/images/23678.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/23678.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/23678.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500
ocsp.globalsign.com/gsrsaovsslca2018
151.101.194.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.194.133:0
Hash 20a62148f401b68b4ce89be4d81bc83f
caba2944de3d960f2be137a244cfbf66f68f759d
d81a407ef724c4a45c07dc1080b0257a5e707ce3a0e0cb090aa06f3f661b61e1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 01:58:17 GMT
ETag: "caba2944de3d960f2be137a244cfbf66f68f759d"
Last-Modified: Sat, 04 Feb 2023 01:58:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 05:00:06 GMT
Age: 1952
X-Served-By: cache-qpg1274-QPG, cache-bma1662-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 4
X-Timer: S1675486807.585557,VS0,VE0
12635.url.tudown.com/uploads/images/271880.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/271880.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/271880.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1329626756,4202590478&fm=224&app=112&f=JPEG?w=495&h=500
12635.url.tudown.com/uploads/images/651066.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/651066.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/651066.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1725960194,2839161409&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480
12635.url.tudown.com/uploads/images/176273.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/176273.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/176273.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2658501682,2504071862&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/53352.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/53352.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/53352.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3543505225,768059659&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=773
12635.url.tudown.com/uploads/images/888002.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/888002.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/888002.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3520074141,629878444&fm=253&app=120&f=JPEG?w=1280&h=800
12635.url.tudown.com/uploads/images/54331.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/54331.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/54331.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1326887807,4001239351&fm=253&fmt=auto&app=138&f=GIF?w=502&h=252
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash eceaa87d9a3316ee0dcad3fa5f444ee7
74afece1d64ad7c63136ffcd5d58ad1d15a764df
fb586a5f0f8968e29212268bb4bd746eae9cc20b4eda7fc41f1420482c74b3b9
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Sat, 04 Feb 2023 05:00:06 GMT
last-modified: Thu, 02 Feb 2023 04:39:52 GMT
expires: Thu, 09 Feb 2023 04:39:51 GMT
etag: "74afece1d64ad7c63136ffcd5d58ad1d15a764df"
cache-control: max-age=582267,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7940d73e4e142c37-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675486806
via: cache9.l2de2[26,26,304-0,M], cache15.l2de2[27,0], cache8.se1[48,48,200-0,H], cache5.se1[50,0], cache2.se1[51,0]
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:1:97856521
x-swift-savetime: Sat, 04 Feb 2023 05:00:06 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9616754868067276683e, 2ff62c9616754868067276683e
12635.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 178 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e22e63af128066b4d249bec71934fa7
09313b9c9717d049883d7c82b3b87f1a4af28408
ea827b6f53f2f091eb1a9ab83c5f53c5f4215e5a14721037af0b50dc47ffe5b0
GET /template/company/duote-xiazai/images/newbtnbg.png HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/png
Content-Length: 1308
Last-Modified: Sun, 06 Nov 2022 08:21:23 GMT
Connection: keep-alive
ETag: "63676e83-51c"
Accept-Ranges: bytes
12635.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12635.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/biaoq-icon.png HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:07 GMT
Connection: keep-alive
ETag: "63676e73-199"
Accept-Ranges: bytes
sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
60.190.116.48200 OK 123 kB URL HTTP/1.1 sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
IP 60.190.116.48:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 123 kB (123037 bytes)
Hash c39ed7d28cee6240d44cc5b5c2bbd686
eab7220ff1195b14d9c1c21ae4fcad33315549b5
cd5d1c61337dd6b5a3ddffdc95ed7da921b125c9911aa22eaef8f054a2345459
GET /js/dfxaf3-635b4cd6.js HTTP/1.1
Host: sofire.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 06 Feb 2023 08:39:29 GMT
Last-Modified: Fri, 06 Jan 2023 03:24:00 GMT
ETag: "6c8af00e14f394b624a4b374d18b9b7a"
Content-Encoding: gzip
Age: 73237
Accept-Ranges: bytes
Content-MD5: bIrwDhTzlLYkpLN00Yubeg==
x-bce-content-crc32: 1362413814
x-bce-debug-id: oBRnL9Rm6mktChfh+Q/bZOLxVybYIdLP1hOBqfmojYkP0j/g0lHmCeGRQa0TvkxHWlcUmy/vEhEATyXRFP3ibg==
x-bce-request-id: 721fd90f-6b1d-43c1-a6da-3188e9ec3add
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 08:39:29 GMT
Ohc-Cache-HIT: wz2ct51 [2], nb2ctcache51 [2]
Ohc-Response-Time: 1 0 0 0 0 0
12635.url.tudown.com/uploads/images/610342.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/610342.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/610342.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3576443317,873173471&fm=253&fmt=auto?w=500&h=282
12635.url.tudown.com/uploads/images/534692.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/534692.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/534692.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2569565472,1814890522&fm=224&app=112&f=JPEG?w=375&h=500
12635.url.tudown.com/uploads/images/78836.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/78836.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/78836.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2923877048,3505835382&fm=253&fmt=auto&app=138&f=JPEG?w=802&h=500
12635.url.tudown.com/uploads/images/627864.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/627864.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/627864.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=238258712,3785870411&fm=253&app=120&f=JPEG?w=1422&h=800
12635.url.tudown.com/uploads/images/724025.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/724025.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/724025.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2321726819,3880416854&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
180.101.199.211404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 180.101.199.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Sat, 04 Feb 2023 05:00:07 GMT
ali-swift-global-savetime: 1675486807
via: cache48.l2cn3037[15,15,404-1280,M], cache19.l2cn3037[16,0], cache19.l2cn3037[16,0], vcache19.cn4733[18,18,404-1280,M], vcache11.cn4733[20,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sat, 04 Feb 2023 05:00:07 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: b465c71f16754868072142407e
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/667569.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/667569.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/667569.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2978637207,1671653745&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/684071.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/684071.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/684071.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=4052067396,4175232010&fm=253&app=120&f=JPEG?w=1280&h=800
12635.url.tudown.com/uploads/images/417882.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/417882.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/417882.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1083864845,419985913&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=1329626756,4202590478&fm=224&app=112&f=JPEG?w=495&h=500
185.10.104.124200 OK 26 kB URL HTTP/1.1 t13.baidu.com/it/u=1329626756,4202590478&fm=224&app=112&f=JPEG?w=495&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 495x500, components 3\012- data
Hash 600171324f05d5e0a8aed88c122bcb33
545c8092fd55bb0064065b3c1bad2ae30467fed4
0c843a64dcea2eda2aaea4f95d1d4198fc13d23da0161d6d3ad4f384c8852913
GET /it/u=1329626756,4202590478&fm=224&app=112&f=JPEG?w=495&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpeg
Content-Length: 26347
Connection: keep-alive
Expires: Mon, 06 Feb 2023 23:23:04 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 600171324f05d5e0a8aed88c122bcb33
Age: 2014883
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 23:23:04 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache104 [4], bdix229 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 26347
X-Cache-Status: HIT
t14.baidu.com/it/u=2619268211,3497339777&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t14.baidu.com/it/u=2619268211,3497339777&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a811610ddbf4cb8d4c48bdc41c3863bd
b98311542d426b95e941f3e137ac8c69b3afacaf
d873f2b49a5a3bba7647b8a00dd00119b224e149971ae231c86b069d82a53879
GET /it/u=2619268211,3497339777&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpeg
Content-Length: 44191
Connection: keep-alive
Expires: Wed, 08 Feb 2023 23:22:14 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: a811610ddbf4cb8d4c48bdc41c3863bd
Age: 2014598
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 23:22:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache55 [1], xiangyix55 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44191
X-Cache-Status: HIT
Timing-Allow-Origin: *
12635.url.tudown.com/uploads/images/290170.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/290170.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/290170.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3097922423,625899036&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
t13.baidu.com/it/u=2658501682,2504071862&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 50 kB URL HTTP/1.1 t13.baidu.com/it/u=2658501682,2504071862&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c84070101a45075cbf361879465ab35e
81aba823b1dc0668e5ffa70fab3bf7705cdc8625
d96f37cfcddda6fe8e631aeae5d7e6895c94b124cbed6fc85fcc40c697c7340d
GET /it/u=2658501682,2504071862&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpeg
Content-Length: 50219
Connection: keep-alive
Expires: Fri, 10 Feb 2023 20:55:06 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: c84070101a45075cbf361879465ab35e
Age: 2014867
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 20:55:05 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache54 [1], czix108 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 50219
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 34 kB URL HTTP/1.1 t14.baidu.com/it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5239510c1c63f9a72c5d26015b121fec
d1e0c875c70db75834d1cd0b38ef37ba508cb5d1
811c688dd7e56bb63c60f5025bee0a9ea69a243e977d95d46174fee000d90d9f
GET /it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpeg
Content-Length: 34049
Connection: keep-alive
Expires: Thu, 09 Feb 2023 02:14:55 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 5239510c1c63f9a72c5d26015b121fec
Age: 2015501
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 02:14:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache64 [1], qdix214 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 34049
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=2978637207,1671653745&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 77 kB URL HTTP/1.1 t14.baidu.com/it/u=2978637207,1671653745&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 8f1f69d642af97725b837e863f4c3098
378cf6c089938aa93e0b4606be99cefe3db983ad
f0589dc5184bfa9dd4a78d945ec820114d997bc72acf8376dd4909b393ec3a57
GET /it/u=2978637207,1671653745&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpeg
Content-Length: 77132
Connection: keep-alive
Expires: Sat, 04 Feb 2023 08:25:22 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 8f1f69d642af97725b837e863f4c3098
Age: 2014564
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 08:25:22 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache57 [1], xiangyix162 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 77132
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1083864845,419985913&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 47 kB URL HTTP/1.1 t14.baidu.com/it/u=1083864845,419985913&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 719596754017ca519700be487953fa05
1bfa4d6b04dc7a4e6b63248147bc3fe1d2efda88
f04fa7bfcacfff5b3f099d46cfa4d678bb4a9e6dd6e10a5562b8561fef8f0d51
GET /it/u=1083864845,419985913&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpeg
Content-Length: 46999
Connection: keep-alive
Expires: Sat, 11 Feb 2023 03:03:32 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 719596754017ca519700be487953fa05
Age: 1843921
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 03:03:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache65 [1], xiangyix195 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 46999
X-Cache-Status: HIT
Timing-Allow-Origin: *
cpro.baidustatic.com/cpro/ui/pr.js
220.169.152.35200 OK 191 B URL HTTP/1.1 cpro.baidustatic.com/cpro/ui/pr.js
IP 220.169.152.35:0
File type ASCII text, with CRLF line terminators
Hash 48bbe750b892850b181762bf739e10dd
716574fe9afcde8faef513b16d6867cb07afe626
e538c894cae59538764a334e2cf2bc02e53fa6a9e4efebcd251bc5da82fa2158
GET /cpro/ui/pr.js HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Feb 2023 05:10:44 GMT
Last-Modified: Tue, 10 Jan 2023 11:33:17 GMT
ETag: "63bd4cfd-ff"
Cache-Control: max-age=3600
Content-Encoding: gzip
Age: 2963
Accept-Ranges: bytes
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 04:10:44 GMT
Ohc-Cache-HIT: yy2ct64 [2], wzix64 [2]
Ohc-File-Size: 191
X-Cache-Status: HIT
img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
180.122.78.242200 OK 41 kB URL HTTP/1.1 img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
IP 180.122.78.242:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 910x86, components 3\012- data
Hash f8f15f37c9961bc7463d1df83059d32c
7b4aa49eaed0106e8722fda960d4f397b78e7811
eb99269720c3ad25a285d1cae14a73f57a45ffe3e1f086f1e0a8351a83e62cc0
GET /duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg HTTP/1.1
Host: img4.runjiapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 41017
Connection: keep-alive
Date: Wed, 04 Jan 2023 09:53:47 GMT
x-oss-request-id: 63B54CAB565BBE34373244FA
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "F8F15F37C9961BC7463D1DF83059D32C"
Last-Modified: Fri, 04 Sep 2020 08:59:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2768094505068467474
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Sat, 05 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
Content-MD5: +PFfN8mWG8dGPR34MFnTLA==
x-oss-server-time: 16
Ali-Swift-Global-Savetime: 1672826027
Via: cache46.l2cn2647[0,0,200-0,H], cache75.l2cn2647[1,0], vcache12.cn2811[0,0,200-0,H], vcache5.cn2811[2,0]
Age: 2660780
X-Cache: HIT TCP_MEM_HIT dirn:9:558993811
X-Swift-SaveTime: Sat, 28 Jan 2023 04:12:56 GMT
X-Swift-CacheTime: 13498851
Timing-Allow-Origin: *
EagleId: b47a4e9b16754868071434818e
img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
180.101.198.208200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
IP 180.101.198.208:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 9429cb260cbf87e528d14cf6baaf2b5b
eb067540c3b93c515efbc46b5a1cb4c7bcb16ff7
4cce9443159a3c082fbf59610efbf5ef9b92d5422bce4bbe8ef43d1bcc8d0475
GET /duoteimg/zhuanti/comment/images/4.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1706
date: Thu, 02 Feb 2023 03:06:11 GMT
x-oss-request-id: 63DB28A3DFFFCE35347F52A3
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "9429CB260CBF87E528D14CF6BAAF2B5B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 875222251737355829
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: lCnLJgy/h+Uo0Uz2uq8rWw==
x-oss-server-time: 88
ali-swift-global-savetime: 1675307171
via: cache5.l2cn3055[137,136,200-0,M], cache34.l2cn3055[138,0], vcache5.cn4732[0,0,200-0,H], vcache30.cn4732[1,0]
age: 179636
x-cache: HIT TCP_MEM_HIT dirn:9:233318430
x-swift-savetime: Thu, 02 Feb 2023 03:06:11 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c63216754868074738100e
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/204965.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/204965.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/204965.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3481921036,2469156803&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/855256.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/855256.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/855256.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=3481921036,2469156803&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t14.baidu.com/it/u=3481921036,2469156803&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e1457b7709e27ce699747295d931e428
4181fd20d3c8cedb0049ebe4d2814364243d7e7f
1fc5379c9f0d406e0eb53529f3d254da6a6098803fe52b23c20c90254875cffe
GET /it/u=3481921036,2469156803&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpeg
Content-Length: 43746
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:18:00 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: e1457b7709e27ce699747295d931e428
Age: 2015162
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:18:00 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache58 [1], czix153 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43746
X-Cache-Status: HIT
Timing-Allow-Origin: *
pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=2489757166&s2=2861040277<u=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&dc=3&ti=%E6%98%9F%E8%BE%B0%E6%8D%95%E9%B1%BC%E6%89%8B%E6%9C%BA%E7%89%88%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675486840&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675486840&dtm=HTML_POST&tpr=1675486840213&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=0129&ecd=1&psi=0e2a4a9beeb95cec&fpt=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf&dft=0&ft=1
182.61.200.109200 OK 887 B URL HTTP/2 pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=2489757166&s2=2861040277<u=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&dc=3&ti=%E6%98%9F%E8%BE%B0%E6%8D%95%E9%B1%BC%E6%89%8B%E6%9C%BA%E7%89%88%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675486840&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675486840&dtm=HTML_POST&tpr=1675486840213&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=0129&ecd=1&psi=0e2a4a9beeb95cec&fpt=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (318)
Hash 1d3477d8d48dca4a82d9ef35a5588377
35f0c32037e55c5d67a26fc10819e7e9b0383845
f42250dc5f74027a3cb604c0f7ab8d748e9f52628de951792b3d430b82b6d789
GET /s?wid=890&hei=200&di=u5039524&s1=2489757166&s2=2861040277<u=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&dc=3&ti=%E6%98%9F%E8%BE%B0%E6%8D%95%E9%B1%BC%E6%89%8B%E6%9C%BA%E7%89%88%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675486840&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675486840&dtm=HTML_POST&tpr=1675486840213&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=0129&ecd=1&psi=0e2a4a9beeb95cec&fpt=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 04 Feb 2023 05:00:07 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Feb 4 13:00:07 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=B31334EFB8E454C665058BAD97DEB467:FG=1; expires=Sun, 04-Feb-54 05:00:07 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 887
X-Firefox-Spdy: h2
bdcode.2345.com/rvsptpid.js
42.81.8.130200 OK 4.0 kB URL HTTP/1.1 bdcode.2345.com/rvsptpid.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (11438), with no line terminators
Hash 4927ec7cf61077c3cb553d1e91fbe407
81cecb6db2e670675c9bdac9c8c9225b987262cc
439bad0c6b3cec8c27d7bd369cf89917af4deec831c07836e4e1d265113a641c
Analyzer Verdict Alert fortinet Malware
GET /rvsptpid.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 4034
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 06:00:07 GMT
Last-Modified: Mon, 26 Sep 2022 07:31:49 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c201586c8ab637de-143
Server: yunjiasu
12635.url.tudown.com/uploads/images/96570.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/96570.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/96570.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4007990234,2585056849&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1124
12635.url.tudown.com/uploads/images/569367.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/569367.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/569367.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=344731291,3870162713&fm=253&fmt=auto&app=138&f=JPEG?w=680&h=500
12635.url.tudown.com/uploads/images/302136.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/302136.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/302136.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2924116523,1081946294&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 20b27e5d63af4d8de8e96c2df25517eb
bf9e613dcaa1ddcfa47bea36ffa00dbdc4cefe44
a424754e1b02909df7bd21b185964e447c379b262a4bb56cff99d880a36272f3
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 05:00:07 GMT
Etag: 8a634a0b884af84eba333b665c5f5f8f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7C26750D5A41B834; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
12635.url.tudown.com/uploads/images/447356.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/447356.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/447356.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 05:00:07 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 05:00:07 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=CE4FE0AFBAD016C995FCABDB728A4D4D:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 05:00:07 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=1356636170&s2=804324657<u=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&dc=3&ti=%E6%98%9F%E8%BE%B0%E6%8D%95%E9%B1%BC%E6%89%8B%E6%9C%BA%E7%89%88%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675486840&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675486840&dtm=HTML_POST&tpr=1675486840213&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=0129&ecd=1&psi=0e2a4a9beeb95cec&fpt=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf&dft=0&ft=1
182.61.200.109200 OK 13 kB URL HTTP/2 pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=1356636170&s2=804324657<u=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&dc=3&ti=%E6%98%9F%E8%BE%B0%E6%8D%95%E9%B1%BC%E6%89%8B%E6%9C%BA%E7%89%88%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675486840&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675486840&dtm=HTML_POST&tpr=1675486840213&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=0129&ecd=1&psi=0e2a4a9beeb95cec&fpt=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7480)
Hash 863471d327f379580c4324586b673877
a0c7b55ef78c1c02a340ca3c9c93464a89d46932
c7fb776996e8330c218c6a8d9aeddb1215b0a2cf6b7f89cb5e01cfd2ec638380
GET /s?wid=910&hei=120&di=u4965894&s1=1356636170&s2=804324657<u=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&dc=3&ti=%E6%98%9F%E8%BE%B0%E6%8D%95%E9%B1%BC%E6%89%8B%E6%9C%BA%E7%89%88%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1675486840&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1675486840&dtm=HTML_POST&tpr=1675486840213&ari=2&ant=0&exps=110281,110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=0129&ecd=1&psi=0e2a4a9beeb95cec&fpt=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 04 Feb 2023 05:00:07 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Feb 4 13:00:07 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=B31334EFB8E454C6DB9D93713DD2E911:FG=1; expires=Sun, 04-Feb-54 05:00:07 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 13243
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1326887807,4001239351&fm=253&fmt=auto&app=138&f=GIF?w=502&h=252
113.219.142.35200 OK 42 kB URL HTTP/2 img1.baidu.com/it/u=1326887807,4001239351&fm=253&fmt=auto&app=138&f=GIF?w=502&h=252
IP 113.219.142.35:0
File type GIF image data, version 89a, 502 x 252\012- data
Hash a9a143a47ca9622994f2d2002c660e91
160e819acec085564e7b2cdef640125484b07f4f
1df36bcb77bf76c9001ad440177b70a224347711e69827cd6d65da4d2915763e
GET /it/u=1326887807,4001239351&fm=253&fmt=auto&app=138&f=GIF?w=502&h=252 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:07 GMT
content-type: image/gif
content-length: 42183
expires: Mon, 06 Feb 2023 08:31:02 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: a9a143a47ca9622994f2d2002c660e91
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 08:31:02 GMT
ohc-cache-hit: chenzct77 [1], xiangyix214 [2]
ohc-file-size: 42183
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/249655.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/249655.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/249655.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=5485288,1064637691&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12635.url.tudown.com/uploads/images/65448.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/65448.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/65448.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1159415086,3811644642&fm=253&fmt=auto?w=120&h=80
img0.baidu.com/it/u=3543505225,768059659&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=773
124.239.243.35200 OK 51 kB URL HTTP/2 img0.baidu.com/it/u=3543505225,768059659&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=773
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x773, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5544553b466726c6b3564618fd5fb0e
9e1e827336503c0499f3a083ffb122dfaee72019
b2f74dd2022edcd322cd9e14998e07314d61e563b5dc30dc288575049e84f34b
GET /it/u=3543505225,768059659&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=773 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:07 GMT
content-type: image/webp
content-length: 50572
expires: Tue, 14 Feb 2023 15:01:48 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c5544553b466726c6b3564618fd5fb0e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 15:01:48 GMT
ohc-cache-hit: lf7ct56 [1], qdix212 [2]
ohc-file-size: 50572
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500
124.239.243.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 312x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 255f9deccf59b81cb123d6b6ff32ec0b
d8211788ed755d4f25d0794a650c53fc904e132f
3f510906a37dfa9a14a23e77fd76ff2714b447d4c0324384b522bb600dc80a67
GET /it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:07 GMT
content-type: image/webp
content-length: 18362
expires: Sat, 04 Mar 2023 07:55:11 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 255f9deccf59b81cb123d6b6ff32ec0b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 07:55:11 GMT
ohc-cache-hit: lf7ct65 [1], csix111 [2]
ohc-file-size: 18362
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3576443317,873173471&fm=253&fmt=auto?w=500&h=282
124.239.243.35200 OK 9.3 kB URL HTTP/2 img0.baidu.com/it/u=3576443317,873173471&fm=253&fmt=auto?w=500&h=282
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x282, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00a2dd378a7dfcd4872b299401921364
07de74c9d4a27c0bac1e8db3ddcc5870be3f9f28
a9489b63a9ce54cfd8f92bc29b92c7f4115194f550d16ba99154a1d14003b219
GET /it/u=3576443317,873173471&fm=253&fmt=auto?w=500&h=282 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:07 GMT
content-type: image/webp
content-length: 9284
expires: Fri, 10 Feb 2023 01:06:55 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 00a2dd378a7dfcd4872b299401921364
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 01:06:55 GMT
ohc-cache-hit: lf7ct62 [1], xiangyix62 [4]
ohc-file-size: 9284
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=817302204,2822119471&fm=253&fmt=auto&app=138&f=JPEG?w=416&h=500
113.219.142.35200 OK 30 kB URL HTTP/2 img1.baidu.com/it/u=817302204,2822119471&fm=253&fmt=auto&app=138&f=JPEG?w=416&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 416x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea23344cb80b3642d0cd8e866f0cafe3
447801e2c6a6a0ea9ddbc7e546093c1492ca2eb5
6afb2706a0674e98091669f281abc360ebf9c6254111420592e44ac3e1a160e6
GET /it/u=817302204,2822119471&fm=253&fmt=auto&app=138&f=JPEG?w=416&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:07 GMT
content-type: image/webp
content-length: 29454
expires: Sun, 12 Feb 2023 13:45:45 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: ea23344cb80b3642d0cd8e866f0cafe3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 13:45:45 GMT
ohc-cache-hit: chenzct70 [1], wzix70 [4]
ohc-file-size: 29454
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/615692.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/615692.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/615692.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=86197959,2544336564&fm=253&app=120&f=JPEG?w=800&h=1422
12635.url.tudown.com/uploads/images/147069.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/147069.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/147069.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3956722143,1570533931&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12635.url.tudown.com/uploads/images/197149.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/197149.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/197149.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=513974696,1813051319&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/872541.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/872541.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/872541.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=771151479,1032405457&fm=253&fmt=auto&app=138&f=GIF?w=500&h=707
t14.baidu.com/it/u=513974696,1813051319&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 26 kB URL HTTP/1.1 t14.baidu.com/it/u=513974696,1813051319&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 733fb05dc8b08a52c35b0ff316cc49d6
6578b5dc1d8f3250ee8d5935805131013dbf639a
948a9edacb0c79c111fc2492e31584f4b81e52e6de5f14cc64d9aaef06fc0ecd
GET /it/u=513974696,1813051319&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpeg
Content-Length: 26246
Connection: keep-alive
Expires: Tue, 21 Feb 2023 16:10:23 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 733fb05dc8b08a52c35b0ff316cc49d6
Age: 977264
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 16:10:23 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache58 [4], wzix58 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 26246
X-Cache-Status: HIT
Timing-Allow-Origin: *
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1226305716&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=19032&r=0&ww=1280&u=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&tt=%E6%98%9F%E8%BE%B0%E6%8D%95%E9%B1%BC%E6%89%8B%E6%9C%BA%E7%89%88%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1226305716&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=19032&r=0&ww=1280&u=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&tt=%E6%98%9F%E8%BE%B0%E6%8D%95%E9%B1%BC%E6%89%8B%E6%9C%BA%E7%89%88%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1226305716&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=19032&r=0&ww=1280&u=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&tt=%E6%98%9F%E8%BE%B0%E6%8D%95%E9%B1%BC%E6%89%8B%E6%9C%BA%E7%89%88%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 05:00:08 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0215DBC5DE7E1CFD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img0.baidu.com/it/u=4052067396,4175232010&fm=253&app=120&f=JPEG?w=1280&h=800
124.239.243.35200 OK 55 kB URL HTTP/1.1 img0.baidu.com/it/u=4052067396,4175232010&fm=253&app=120&f=JPEG?w=1280&h=800
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 5c70099af0e8618ce537c0f62dc7e990
7cb57e9c796b6176b8be4070b86fb4a00e69b3e4
8c9d074cf8ee3644327c78dce4bbdd1c864f2d6b23089eb5f443e5cc397adeed
GET /it/u=4052067396,4175232010&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpeg
Content-Length: 54666
Connection: keep-alive
Expires: Sun, 12 Feb 2023 19:03:50 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 5c70099af0e8618ce537c0f62dc7e990
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 19:03:50 GMT
Ohc-Cache-HIT: lf7ct56 [1], xiangyix56 [2]
Ohc-File-Size: 54666
X-Cache-Status: MISS
img2.baidu.com/it/u=3097922423,625899036&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
113.219.142.35200 OK 34 kB URL HTTP/2 img2.baidu.com/it/u=3097922423,625899036&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d90918c6c3a77cc79072cd6fb4de8853
1726465b372f9642ab2ccfb3e0872e64e921bfad
33b3b257827ae12ea749c0f5bce7cc7d4455ecce4bf9330e19b653512727f61f
GET /it/u=3097922423,625899036&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:07 GMT
content-type: image/webp
content-length: 33576
expires: Sun, 05 Mar 2023 21:27:20 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d90918c6c3a77cc79072cd6fb4de8853
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 21:27:20 GMT
ohc-cache-hit: chenzct79 [1], wzix89 [4]
ohc-file-size: 33576
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2923877048,3505835382&fm=253&fmt=auto&app=138&f=JPEG?w=802&h=500
124.239.243.35200 OK 56 kB URL HTTP/2 img0.baidu.com/it/u=2923877048,3505835382&fm=253&fmt=auto&app=138&f=JPEG?w=802&h=500
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 802x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e412a1ca008b943ed94859998ae80ff8
74b0de7e23e44d42abe0b465c112cbf021d5c022
12d32015e231cdba91f94bc5f29e2b298b81bd9e8b8a3d98664c7bddf96ad590
GET /it/u=2923877048,3505835382&fm=253&fmt=auto&app=138&f=JPEG?w=802&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:07 GMT
content-type: image/webp
content-length: 56394
expires: Mon, 20 Feb 2023 09:56:25 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: e412a1ca008b943ed94859998ae80ff8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 09:56:25 GMT
ohc-cache-hit: lf7ct63 [1], qdix197 [2]
ohc-file-size: 56394
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2924116523,1081946294&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500
124.239.243.35200 OK 37 kB URL HTTP/2 img0.baidu.com/it/u=2924116523,1081946294&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 353x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9280865a2e1ef4a292696bd252c4a575
d1347f429dbc52f9af4de3aba6c802beac5a7329
b9e3a0724b83288d414e088f5aa7486d0a102a681ac5ab00feab197aae58a546
GET /it/u=2924116523,1081946294&fm=253&fmt=auto&app=138&f=JPEG?w=353&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:08 GMT
content-type: image/webp
content-length: 37300
expires: Tue, 14 Feb 2023 12:09:04 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 9280865a2e1ef4a292696bd252c4a575
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 12:09:04 GMT
ohc-cache-hit: lf7ct65 [1], qdix132 [2]
ohc-file-size: 37300
x-cache-status: MISS
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 05:00:08 GMT
12635.url.tudown.com/uploads/images/146320.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/146320.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/146320.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1901659967,4012544956&fm=224&app=112&f=JPEG?w=500&h=500&s=F3F283290E1277DC8DBD07DA030050A6
12635.url.tudown.com/uploads/images/2845.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/2845.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/2845.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=472626846,808112739&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img2.baidu.com/it/u=1725960194,2839161409&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480
113.219.142.35200 OK 46 kB URL HTTP/2 img2.baidu.com/it/u=1725960194,2839161409&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d8b4f7dfe663ef3e0a9724a21c344c79
3dc44f0c7f79fb9d0114952d80cbbc7c15ebfc04
251c918522bb74ea6ce7c9a445b2b25d3fa380721b74562ec0c3747958a3f929
GET /it/u=1725960194,2839161409&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=480 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:07 GMT
content-type: image/webp
content-length: 45870
expires: Sat, 04 Mar 2023 07:50:10 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: d8b4f7dfe663ef3e0a9724a21c344c79
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 07:50:10 GMT
ohc-cache-hit: chenzct64 [1], xiangyix163 [2]
ohc-file-size: 45870
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1901659967,4012544956&fm=224&app=112&f=JPEG?w=500&h=500&s=F3F283290E1277DC8DBD07DA030050A6
185.10.104.124200 OK 25 kB URL HTTP/1.1 t14.baidu.com/it/u=1901659967,4012544956&fm=224&app=112&f=JPEG?w=500&h=500&s=F3F283290E1277DC8DBD07DA030050A6
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 7b3f677dccdfcfd64541cffeeeabe5d7
654a507321e58402e6a996d934a62c85d2acd42d
6cd1829fa548047b37322a409d2f199ddac930f130857ae4c06387bdff2881df
GET /it/u=1901659967,4012544956&fm=224&app=112&f=JPEG?w=500&h=500&s=F3F283290E1277DC8DBD07DA030050A6 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpeg
Content-Length: 25055
Connection: keep-alive
Expires: Sat, 25 Feb 2023 18:00:10 GMT
Last-Modified: Sat, 17 Jan 1970 00:00:00 GMT
ETag: 7b3f677dccdfcfd64541cffeeeabe5d7
Age: 703822
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 26 Jan 2023 18:00:10 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache65 [1], xaix143 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 25055
X-Cache-Status: HIT
Timing-Allow-Origin: *
sofire.baidu.com/h5/t/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://12635.url.tudown.com/
Origin: http://12635.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12635.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Sat, 04 Feb 2023 05:00:08 GMT
X-Firefox-Spdy: h2
sofire.baidu.com/h5/e/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/e/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/e/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://12635.url.tudown.com/
Origin: http://12635.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12635.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Sat, 04 Feb 2023 05:00:08 GMT
X-Firefox-Spdy: h2
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-8b0ef52374193bd54ad0ca6dec4180e681452f40&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&t=1675486841279&r=init
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-8b0ef52374193bd54ad0ca6dec4180e681452f40&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&t=1675486841279&r=init
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-8b0ef52374193bd54ad0ca6dec4180e681452f40&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&t=1675486841279&r=init HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sat, 04 Feb 2023 05:00:08 GMT
content-length: 0
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4007990234,2585056849&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1124
113.219.142.35200 OK 43 kB URL HTTP/2 img1.baidu.com/it/u=4007990234,2585056849&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1124
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1124, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cbf8973341aadcc85999ff4e6e16f326
fd279bce6a2389163ae1ad89068ba7f6e74fd9f1
8c0209ac2e9fc144a8bf5442d319a9307bb2662fdb18b78574da2efc746df40a
GET /it/u=4007990234,2585056849&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1124 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:07 GMT
content-type: image/webp
content-length: 43088
expires: Sat, 25 Feb 2023 04:40:24 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: cbf8973341aadcc85999ff4e6e16f326
age: 9932
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 04:40:24 GMT
ohc-cache-hit: chenzct76 [4], xiangyix229 [4]
ohc-file-size: 43088
x-cache-status: HIT
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/563346.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/563346.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/563346.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3532783934,1757447625&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
12635.url.tudown.com/uploads/images/665975.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/665975.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/665975.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2728930786,1110893720&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=506
img2.baidu.com/it/u=344731291,3870162713&fm=253&fmt=auto&app=138&f=JPEG?w=680&h=500
113.219.142.35200 OK 64 kB URL HTTP/2 img2.baidu.com/it/u=344731291,3870162713&fm=253&fmt=auto&app=138&f=JPEG?w=680&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 680x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7af7066c80939df02a752b7675c5f1a1
6d95ef7bfe10b0f583563c277f583b57fde2510f
8e5cd9e22261b2c4e571d3422f64b57e6f8a791ccdae6019b57c018d5292ff95
GET /it/u=344731291,3870162713&fm=253&fmt=auto&app=138&f=JPEG?w=680&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:07 GMT
content-type: image/webp
content-length: 64290
expires: Mon, 20 Feb 2023 04:38:03 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 7af7066c80939df02a752b7675c5f1a1
age: 171410
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 04:38:03 GMT
ohc-cache-hit: chenzct52 [4], suzix241 [4]
ohc-file-size: 64290
x-cache-status: HIT
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/444311.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/444311.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/444311.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1365551745,1364620939&fm=253&app=120&f=JPEG?w=1280&h=800
12635.url.tudown.com/uploads/images/705225.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/705225.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/705225.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1883426645,2647279928&fm=253&app=120&f=JPEG?w=1280&h=800
img0.baidu.com/it/u=771151479,1032405457&fm=253&fmt=auto&app=138&f=GIF?w=500&h=707
124.239.243.35200 OK 203 kB URL HTTP/2 img0.baidu.com/it/u=771151479,1032405457&fm=253&fmt=auto&app=138&f=GIF?w=500&h=707
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type GIF image data, version 89a, 500 x 707\012- data
Size 203 kB (202937 bytes)
Hash cd76878adc29079941ce863977757a10
0e609da93be601d3a522827c796716acf82b6534
1d15c44e0522f5398c982c38bc1fed9f05956e18845c21af3a1028018b84fc6a
GET /it/u=771151479,1032405457&fm=253&fmt=auto&app=138&f=GIF?w=500&h=707 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:08 GMT
content-type: image/gif
content-length: 202937
expires: Mon, 20 Feb 2023 22:10:01 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: cd76878adc29079941ce863977757a10
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 22:10:01 GMT
ohc-cache-hit: lf7ct66 [2], xaix126 [2]
ohc-file-size: 202937
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2321726819,3880416854&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 78 kB URL HTTP/2 img2.baidu.com/it/u=2321726819,3880416854&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3dc0ccca95cf2ca2e931b3dacb4d1e5f
2c748b0af13657ab4f8501d34d846e654e8969de
07c9e61e3d5afcf447e9f8e8feaab05de78051ea2ece1b1cb1857f5ea1b433c9
GET /it/u=2321726819,3880416854&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:08 GMT
content-type: image/webp
content-length: 78410
expires: Tue, 14 Feb 2023 07:55:39 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 3dc0ccca95cf2ca2e931b3dacb4d1e5f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 07:55:39 GMT
ohc-cache-hit: chenzct53 [1], csix55 [4]
ohc-file-size: 78410
x-cache-status: MISS
X-Firefox-Spdy: h2
sofire.baidu.com/h5/e/8800
36.110.192.156200 OK 77 B URL HTTP/2 sofire.baidu.com/h5/e/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 49a69e40c65167ce6ccf3493d530f914
32df36886900f9a7ca22a036904d52376ab7dac1
982098cea9522ba153af26d34f4927d334276b15d97052fff9fc4206a6f0ef3e
POST /h5/e/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Bdh5-Pf: 1
Origin: http://12635.url.tudown.com
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12635.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Sat, 04 Feb 2023 05:00:08 GMT
content-length: 77
X-Firefox-Spdy: h2
sofire.baidu.com/h5/t/8800
36.110.192.156200 OK 591 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with very long lines (591), with no line terminators
Hash fdf2a5dc2680e70b9c38b8358dc186aa
2e996d2f861d81a5090a856f7b80ed63c4320686
a361eca0cac9c354e57da0033649ba55cc4b959c95ec8ed090633d3765cbcb1a
POST /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
X-Bdh5-Pf: 1
Content-Length: 3350
Origin: http://12635.url.tudown.com
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12635.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Sat, 04 Feb 2023 05:00:08 GMT
content-length: 591
X-Firefox-Spdy: h2
img2.baidu.com/it/u=238258712,3785870411&fm=253&app=120&f=JPEG?w=1422&h=800
125.64.104.35200 OK 175 kB URL HTTP/1.1 img2.baidu.com/it/u=238258712,3785870411&fm=253&app=120&f=JPEG?w=1422&h=800
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS6 (Windows), datetime=2018:03:28 10:04:47], baseline, precision 8, 1422x800, components 3\012- data
Size 175 kB (174924 bytes)
Hash cd429532f776045b70a0c479640f3d3d
0af0d705751fcf5f06fb89c43aa731687d5e3a17
fcfac574c0764ec1ebfa53a3e8cf50e8af6b0893f5ea6c0a0be36ae8b7d54bbf
GET /it/u=238258712,3785870411&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:07 GMT
Content-Type: image/jpeg
Content-Length: 174924
Connection: keep-alive
Expires: Fri, 10 Feb 2023 10:35:48 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: cd429532f776045b70a0c479640f3d3d
Age: 113534
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 10:35:48 GMT
Ohc-Cache-HIT: dy2ct53 [4], xaix53 [4]
Ohc-File-Size: 174924
X-Cache-Status: HIT
12635.url.tudown.com/uploads/images/856029.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/856029.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/856029.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4106691203,1891598399&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/393033.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/393033.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/393033.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3155444316,3153870578&fm=253&fmt=auto&app=120&f=JPEG?w=700&h=701
bdcode.2345.com/js/logo/css/logo-sm.css
42.81.8.130200 OK 783 B URL HTTP/2 bdcode.2345.com/js/logo/css/logo-sm.css
IP 42.81.8.130:0
File type ASCII text, with very long lines (2128), with no line terminators
Hash 621b3563f1231de3a058fa25980064be
c2575c8110cbaba0c87c543fabf7c592789ad67f
37944a5c3981b16d6a498a7dc9427edcd64c1752e6728c5323525bc400efc8d6
GET /js/logo/css/logo-sm.css HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: text/css
date: Sat, 04 Feb 2023 05:00:08 GMT
etag: W/"639b0691-850"
expires: Sat, 04 Feb 2023 06:00:08 GMT
last-modified: Thu, 15 Dec 2022 11:35:45 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c2015876cf7b37e5-143
content-length: 783
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1159415086,3811644642&fm=253&fmt=auto?w=120&h=80
113.219.142.35200 OK 3.1 kB URL HTTP/2 img2.baidu.com/it/u=1159415086,3811644642&fm=253&fmt=auto?w=120&h=80
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d7f10e008ee7d9a6d98dd44c20e9d51b
5ae437b2ea7b0296ae950b3cb730cfc10b1b5ed8
647fad433590d1421d642e4c1512e76b26d026c73b911ca67d32768d1ff431bc
GET /it/u=1159415086,3811644642&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:08 GMT
content-type: image/webp
content-length: 3088
expires: Sat, 18 Feb 2023 02:29:55 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d7f10e008ee7d9a6d98dd44c20e9d51b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 02:29:55 GMT
ohc-cache-hit: chenzct74 [1], czix201 [4]
ohc-file-size: 3088
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=5485288,1064637691&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 82 kB URL HTTP/2 img1.baidu.com/it/u=5485288,1064637691&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 18942ceedc6b5ab76d59f17582b7588b
1c30f4b8794bf9f3a1c745c169c4022ebeab9130
ff772250f8f8da197d4fa82b1bb2a01147129a2d64c80740f25ea2a318a80bd2
GET /it/u=5485288,1064637691&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:08 GMT
content-type: image/webp
content-length: 82340
expires: Mon, 20 Feb 2023 06:58:53 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 18942ceedc6b5ab76d59f17582b7588b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:58:53 GMT
ohc-cache-hit: chenzct57 [1], czix57 [2]
ohc-file-size: 82340
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=86197959,2544336564&fm=253&app=120&f=JPEG?w=800&h=1422
125.64.104.35200 OK 59 kB URL HTTP/1.1 img2.baidu.com/it/u=86197959,2544336564&fm=253&app=120&f=JPEG?w=800&h=1422
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x1422, components 3\012- data
Hash e611697c391e4b651387ed426d83d9ec
f652f741c9bf929a26435af5cc03d9ce0fdc11c2
a246a25ff5ab6c84823482850ab1ff260d766835d1a0a17bafbf0e6e06bbc753
GET /it/u=86197959,2544336564&fm=253&app=120&f=JPEG?w=800&h=1422 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpeg
Content-Length: 58584
Connection: keep-alive
Expires: Sun, 19 Feb 2023 17:47:07 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: e611697c391e4b651387ed426d83d9ec
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 20 Jan 2023 17:47:07 GMT
Ohc-Cache-HIT: dy2ct91 [1], xiangyix205 [2]
Ohc-File-Size: 58584
X-Cache-Status: MISS
img0.baidu.com/it/u=2728930786,1110893720&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=506
124.239.243.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=2728930786,1110893720&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=506
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x506, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1cfc8f8155d0765551893e7eeb8f5e22
4610861ac811a9f7efb66df75a80dbe3306a2828
7efc2c6ede226dc4bc52dcdffa4eae142fb85042759007c1bb1225217f3a3fbf
GET /it/u=2728930786,1110893720&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=506 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:08 GMT
content-type: image/webp
content-length: 16164
expires: Tue, 21 Feb 2023 05:04:01 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1cfc8f8155d0765551893e7eeb8f5e22
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:04:01 GMT
ohc-cache-hit: lf7ct62 [1], qdix208 [4]
ohc-file-size: 16164
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3956722143,1570533931&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 119 kB URL HTTP/2 img1.baidu.com/it/u=3956722143,1570533931&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 119 kB (119034 bytes)
Hash 67e0ce578ac077a4f74c2ee347aacd50
3fee799b3fb8cb333d53795e01a5c7c65f13e35d
017d2bf69766179a564e16a373346d02b2a408e249b7bf474787fd406eff07dc
GET /it/u=3956722143,1570533931&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:08 GMT
content-type: image/webp
content-length: 119034
expires: Mon, 20 Feb 2023 14:36:27 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 67e0ce578ac077a4f74c2ee347aacd50
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 14:36:27 GMT
ohc-cache-hit: chenzct65 [1], qdix89 [4]
ohc-file-size: 119034
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/528636.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/528636.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/528636.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3873814806,2880904352&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=909
12635.url.tudown.com/uploads/images/255097.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/255097.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/255097.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1430025980,2259390232&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=472626846,808112739&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
113.219.142.35200 OK 53 kB URL HTTP/2 img1.baidu.com/it/u=472626846,808112739&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a88d003be33091a77cbb8f88ca5f440e
0ec17722a3db2f9933d39d7dd273759ca9f5608c
121a2af8cd39a028751dad9b814fa01999e716c2e3be069e8cca21002c697406
GET /it/u=472626846,808112739&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:08 GMT
content-type: image/webp
content-length: 53318
expires: Sun, 19 Feb 2023 01:47:29 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: a88d003be33091a77cbb8f88ca5f440e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 01:47:29 GMT
ohc-cache-hit: chenzct65 [1], xaix89 [2]
ohc-file-size: 53318
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 32 kB URL HTTP/1.1 t15.baidu.com/it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 16186aa6cdf72f4fb6873bdc5ea733c4
0b9a25585e3edd1254857b5146aea2d43eca03f5
a833b324afa37ab3b2a672537e8e3746e6e0b5e66a423c1239faf10fa9df545a
GET /it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpeg
Content-Length: 31998
Connection: keep-alive
Expires: Wed, 08 Feb 2023 02:26:48 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 16186aa6cdf72f4fb6873bdc5ea733c4
Age: 2015692
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 02:26:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache61 [4], wzix66 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31998
X-Cache-Status: HIT
Timing-Allow-Origin: *
bdcode.2345.com/js/logo/js/logo.js
42.81.8.130200 OK 41 kB URL HTTP/2 bdcode.2345.com/js/logo/js/logo.js
IP 42.81.8.130:0
Hash 8e35a17c65389aa532ba5ae98368337c
a8db63fdd3e3ad58ce2431fefd7ecc1304776937
0ac5613b9a71ffc587935648183ec0109f67bc2005dfe67c340cbc93698bf89b
Analyzer Verdict Alert fortinet Malware
GET /js/logo/js/logo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: application/x-javascript
date: Sat, 04 Feb 2023 05:00:08 GMT
etag: W/"639b0691-371a"
expires: Sat, 04 Feb 2023 06:00:08 GMT
last-modified: Thu, 15 Dec 2022 11:35:45 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c2015876a61e37e5-143
X-Firefox-Spdy: h2
t15.baidu.com/it/u=3539520121,959853412&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 38 kB URL HTTP/1.1 t15.baidu.com/it/u=3539520121,959853412&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9195142243965263cc1976b714709c3c
3757e5524f068d034c73699b8ea0471fd72bbc9f
c1b2ce6a0efa72ac0b59b1f97b742abf09dbbe71648fc2910ac3d4049593b77e
GET /it/u=3539520121,959853412&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpeg
Content-Length: 37689
Connection: keep-alive
Expires: Sat, 11 Feb 2023 15:51:15 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 9195142243965263cc1976b714709c3c
Age: 1944232
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 15:51:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache51 [1], suzix114 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 37689
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3532783934,1757447625&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
113.219.142.35200 OK 40 kB URL HTTP/2 img1.baidu.com/it/u=3532783934,1757447625&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc4deb8ca09ce0274de3830e52830888
782d9456629273144fa29929313721fc67fb26bd
0286a83a3bb8d8dbf5953f9fd6cc2b541c36a95cfb6fc1adf47d86c63d3e93c5
GET /it/u=3532783934,1757447625&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:08 GMT
content-type: image/webp
content-length: 39744
expires: Mon, 06 Mar 2023 04:55:10 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: fc4deb8ca09ce0274de3830e52830888
age: 298
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 04:55:10 GMT
ohc-cache-hit: chenzct83 [4], xiangyix103 [2]
ohc-file-size: 39744
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 25 kB URL HTTP/1.1 t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 0eec0e0237fb11b843dc4d8d177a8c89
7bc050b98ed0e2652d1398012acb8f0df8618c38
f5f9a5f0112d61f94c1746eb3611104f7a9c8bd714b351421f8b153acbbbc5ae
GET /it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpeg
Content-Length: 24858
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:53:31 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 0eec0e0237fb11b843dc4d8d177a8c89
Age: 2015774
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:53:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache58 [1], czix188 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24858
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=2569565472,1814890522&fm=224&app=112&f=JPEG?w=375&h=500
185.10.104.124200 OK 46 kB URL HTTP/1.1 t15.baidu.com/it/u=2569565472,1814890522&fm=224&app=112&f=JPEG?w=375&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x500, components 3\012- data
Hash bd5504b4a1167ed426dac489889a6bfb
f601c76c1540da855c4fb8fc9515454db3f8d9b2
9062e615bfa1c852e0b2c061a5e52303dee4d91809cf34c2ab12a9f72b19553c
GET /it/u=2569565472,1814890522&fm=224&app=112&f=JPEG?w=375&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpeg
Content-Length: 45977
Connection: keep-alive
Expires: Wed, 01 Mar 2023 08:03:08 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: bd5504b4a1167ed426dac489889a6bfb
Age: 339941
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 30 Jan 2023 08:03:08 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache60 [1], wzix60 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 45977
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1430025980,2259390232&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 51 kB URL HTTP/1.1 t14.baidu.com/it/u=1430025980,2259390232&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 357a770285b67c2f8c801357ddc2f4df
79d9206de6f606e2a3e123648d2cfe183ee679bf
c7458f5080add6a11387852cfdf66f3507667edbe4f400cea871d916ee036799
GET /it/u=1430025980,2259390232&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpeg
Content-Length: 51173
Connection: keep-alive
Expires: Sat, 18 Feb 2023 03:56:02 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 357a770285b67c2f8c801357ddc2f4df
Age: 1368581
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 03:56:01 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache54 [1], bdix54 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51173
X-Cache-Status: HIT
Timing-Allow-Origin: *
12635.url.tudown.com/uploads/images/333493.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/333493.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/333493.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1032599041,2165458136&fm=253&fmt=auto?w=500&h=889
12635.url.tudown.com/uploads/images/313707.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/313707.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/313707.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3301409228,3650049126&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=3155444316,3153870578&fm=253&fmt=auto&app=120&f=JPEG?w=700&h=701
113.219.142.35200 OK 16 kB URL HTTP/2 img1.baidu.com/it/u=3155444316,3153870578&fm=253&fmt=auto&app=120&f=JPEG?w=700&h=701
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x701, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e0bee02a5bdabdc5fe0e5ebf2023ae56
42f1493614c22a658f20834709fff73dc6dd78e3
61e7e98d9c761fd2a8f1e2f760962f58b3f17948b096e1bdc9290d71045a1dff
GET /it/u=3155444316,3153870578&fm=253&fmt=auto&app=120&f=JPEG?w=700&h=701 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:09 GMT
content-type: image/webp
content-length: 15460
expires: Sat, 25 Feb 2023 14:37:39 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: e0bee02a5bdabdc5fe0e5ebf2023ae56
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 14:37:38 GMT
ohc-cache-hit: chenzct82 [1], czix155 [4]
ohc-file-size: 15460
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3520074141,629878444&fm=253&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 187 kB URL HTTP/1.1 img1.baidu.com/it/u=3520074141,629878444&fm=253&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 187 kB (186752 bytes)
Hash 8c0c2cb0ec1759e93078a80b4e1b5d9d
03da17317ee1d3eabb5813ebe4a97491eeab4a10
7ff69f4552c9d1b3a54a01daa20a82676c1aa60c2266e8d8e171b4130c236fac
GET /it/u=3520074141,629878444&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpeg
Content-Length: 186752
Connection: keep-alive
Expires: Mon, 27 Feb 2023 00:59:38 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 8c0c2cb0ec1759e93078a80b4e1b5d9d
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 28 Jan 2023 00:59:38 GMT
Ohc-Cache-HIT: chenzct76 [2], czix184 [4]
Ohc-File-Size: 186752
X-Cache-Status: MISS
12635.url.tudown.com/uploads/images/21521.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/21521.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/21521.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3211716428,2450027420&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=560
12635.url.tudown.com/uploads/images/441280.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/441280.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/441280.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1337513801,3346694556&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-8b0ef52374193bd54ad0ca6dec4180e681452f40&9=0&10=1&11=1573&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&t=1675486842876&r=lo
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-8b0ef52374193bd54ad0ca6dec4180e681452f40&9=0&10=1&11=1573&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&t=1675486842876&r=lo
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-8b0ef52374193bd54ad0ca6dec4180e681452f40&9=0&10=1&11=1573&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12635.url.tudown.com%2Fdown%2Fmcafee%25E5%258D%25B8%25E8%25BD%25BD%25E5%25B7%25A5%25E5%2585%25B7%40418_68737.exe&t=1675486842876&r=lo HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Sat, 04 Feb 2023 05:00:09 GMT
content-length: 0
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1365551745,1364620939&fm=253&app=120&f=JPEG?w=1280&h=800
124.239.243.35200 OK 114 kB URL HTTP/1.1 img0.baidu.com/it/u=1365551745,1364620939&fm=253&app=120&f=JPEG?w=1280&h=800
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 114 kB (113504 bytes)
Hash ff557bece8703dbc256bc10c8736b5d1
edbc6e5e39b6ab451c519e4721ed68d70e21bc8b
c0d637ae09e13c101828ea3ec81a61f1544424242749de791989135ee3884ec1
GET /it/u=1365551745,1364620939&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:08 GMT
Content-Type: image/jpeg
Content-Length: 113504
Connection: keep-alive
Expires: Sun, 05 Feb 2023 23:59:44 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: ff557bece8703dbc256bc10c8736b5d1
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 23:59:44 GMT
Ohc-Cache-HIT: lf7ct74 [1], xaix151 [4]
Ohc-File-Size: 113504
X-Cache-Status: MISS
12635.url.tudown.com/uploads/images/338083.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/338083.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/338083.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2159400693,811144289&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/28287.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/28287.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/28287.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=407915514,2420770859&fm=253&fmt=auto&app=138&f=JPEG?w=366&h=499
img0.baidu.com/it/u=1032599041,2165458136&fm=253&fmt=auto?w=500&h=889
124.239.243.35200 OK 33 kB URL HTTP/2 img0.baidu.com/it/u=1032599041,2165458136&fm=253&fmt=auto?w=500&h=889
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d3d6c2929d8703357ec570237cec6945
bcadc2a669715232d2a3f36b0614d9f6360cd07e
0f21ac1108a557d9c6760b2418f45ee79d4911c8f08c7ae0911a3060697ae2da
GET /it/u=1032599041,2165458136&fm=253&fmt=auto?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:09 GMT
content-type: image/webp
content-length: 32912
expires: Sat, 04 Feb 2023 11:50:32 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: d3d6c2929d8703357ec570237cec6945
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 11:50:32 GMT
ohc-cache-hit: lf7ct58 [1], xaix58 [2]
ohc-file-size: 32912
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2159400693,811144289&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 20 kB URL HTTP/1.1 t14.baidu.com/it/u=2159400693,811144289&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2e2e86f58b9cfc4204abc061bf8f622b
cf1b7b3e673186fbb841a0db79e8a5c7489cd4e5
2c83777432e58d799c70e3a00b51ce008c65bd1e31b4f8de34eeba4ea38cc5cd
GET /it/u=2159400693,811144289&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpeg
Content-Length: 20133
Connection: keep-alive
Expires: Fri, 17 Feb 2023 08:41:40 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 2e2e86f58b9cfc4204abc061bf8f622b
Age: 3643
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 18 Jan 2023 08:41:39 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache63 [1], xaix232 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 20133
X-Cache-Status: HIT
Timing-Allow-Origin: *
12635.url.tudown.com/uploads/images/700864.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/700864.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/700864.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1641282240,3222557778&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=685
12635.url.tudown.com/uploads/images/417488.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/417488.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/417488.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1544056117,1167291343&fm=253&fmt=auto&app=138&f=JPEG?w=439&h=464
img1.baidu.com/it/u=3211716428,2450027420&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=560
113.219.142.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=3211716428,2450027420&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=560
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 420x560, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 527f19845f693ce28d294c8a91073e3d
dc59bbae0d4afb7027a1eb32938aa3b006d1433e
9218d38aa6485668e9c74404bcd49b4ee16366127cc34ad0e741690af878d1fd
GET /it/u=3211716428,2450027420&fm=253&fmt=auto&app=138&f=JPEG?w=420&h=560 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:09 GMT
content-type: image/webp
content-length: 22996
expires: Fri, 24 Feb 2023 20:29:53 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 527f19845f693ce28d294c8a91073e3d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 20:29:53 GMT
ohc-cache-hit: chenzct68 [1], xaix142 [4]
ohc-file-size: 22996
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1337513801,3346694556&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
124.239.243.35200 OK 15 kB URL HTTP/2 img0.baidu.com/it/u=1337513801,3346694556&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9709e8a456f5db3663717782922006fd
ef5adbb4014cd087ad16a2d8bcbc3779d143d20d
99da439c09bc8302c20108ee4f7426fad964db5dc152eaae2e84195295aebb09
GET /it/u=1337513801,3346694556&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:09 GMT
content-type: image/webp
content-length: 14998
expires: Mon, 20 Feb 2023 06:09:08 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 9709e8a456f5db3663717782922006fd
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:09:08 GMT
ohc-cache-hit: lf7ct76 [1], czix76 [2]
ohc-file-size: 14998
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/90637.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/90637.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/90637.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3193197757,758083507&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/870157.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/870157.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/870157.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=659013930,3978458047&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=684
t13.baidu.com/it/u=3193197757,758083507&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 32 kB URL HTTP/1.1 t13.baidu.com/it/u=3193197757,758083507&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6c6c3f01627241e989aed277b65f5bc1
115e824680df38eb0ad52a97c29f4950f789f9d4
7cdd79eb91dfc5e92d517d8a7a7e1d2ee5436dd2da7847abbd05bb3e311ece33
GET /it/u=3193197757,758083507&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpeg
Content-Length: 31691
Connection: keep-alive
Expires: Sat, 04 Feb 2023 15:14:40 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 6c6c3f01627241e989aed277b65f5bc1
Age: 2012302
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 15:14:39 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache64 [2], suzix64 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31691
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3873814806,2880904352&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=909
125.64.104.35200 OK 52 kB URL HTTP/1.1 img0.baidu.com/it/u=3873814806,2880904352&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=909
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x909, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5bc0c41dad71621b8225ae7e308afa51
4fac484fa93fff6fbb5b8b866f3164bd8885a544
9ba4e7a94ef2f4085e2d5456e3e6820ec3c5acd4dd48e8842fc02f1ce883480f
GET /it/u=3873814806,2880904352&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=909 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/webp
Content-Length: 51582
Connection: keep-alive
Expires: Mon, 27 Feb 2023 11:54:31 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 5bc0c41dad71621b8225ae7e308afa51
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 28 Jan 2023 11:54:31 GMT
Ohc-Cache-HIT: dy2ct95 [1], xiangyix95 [2]
Ohc-File-Size: 51582
X-Cache-Status: MISS
img1.baidu.com/it/u=407915514,2420770859&fm=253&fmt=auto&app=138&f=JPEG?w=366&h=499
113.219.142.35200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=407915514,2420770859&fm=253&fmt=auto&app=138&f=JPEG?w=366&h=499
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 366x499, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8941828b9ffa046f6dc195997be22b24
dca61364f1577a7d8f2b223a502fa22b770fb301
6916cdb1aa2ec48bd55d060d5f700653b710cfe5949649ee9c27dd939381db85
GET /it/u=407915514,2420770859&fm=253&fmt=auto&app=138&f=JPEG?w=366&h=499 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:09 GMT
content-type: image/webp
content-length: 17166
expires: Fri, 17 Feb 2023 14:51:04 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 8941828b9ffa046f6dc195997be22b24
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 14:51:04 GMT
ohc-cache-hit: chenzct62 [1], suzix120 [4]
ohc-file-size: 17166
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3301409228,3650049126&fm=253&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 80 kB URL HTTP/1.1 img1.baidu.com/it/u=3301409228,3650049126&fm=253&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 89a79b4c186e50e6aad2cae362305a7f
435d70bbe55f871dea765e7aefdf7a9bec12cbf0
cc6b0afeae74ed6c0c36166e0c63525300f4446c2e5458b7d6cc3e23535086e8
GET /it/u=3301409228,3650049126&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpeg
Content-Length: 80514
Connection: keep-alive
Expires: Sun, 05 Feb 2023 21:47:00 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 89a79b4c186e50e6aad2cae362305a7f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 21:47:00 GMT
Ohc-Cache-HIT: chenzct82 [1], xaix223 [4]
Ohc-File-Size: 80514
X-Cache-Status: MISS
12635.url.tudown.com/uploads/images/288398.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/288398.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/288398.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2765347504,4015024499&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12635.url.tudown.com/uploads/images/347063.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/347063.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/347063.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3053994392,3801901966&fm=253&fmt=auto?w=120&h=80
img1.baidu.com/it/u=1544056117,1167291343&fm=253&fmt=auto&app=138&f=JPEG?w=439&h=464
113.219.142.35200 OK 11 kB URL HTTP/2 img1.baidu.com/it/u=1544056117,1167291343&fm=253&fmt=auto&app=138&f=JPEG?w=439&h=464
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 439x464, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be13f0ddc525454aa35260d468bb015d
1d5bafd4216480a5140375ab62d1acfa893648c8
b4bb824ae0c468346367b03b322503b549cb298a236f8dbd694d02302c070659
GET /it/u=1544056117,1167291343&fm=253&fmt=auto&app=138&f=JPEG?w=439&h=464 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:09 GMT
content-type: image/webp
content-length: 10814
expires: Wed, 22 Feb 2023 00:30:33 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: be13f0ddc525454aa35260d468bb015d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 00:30:33 GMT
ohc-cache-hit: chenzct72 [1], xaix72 [4]
ohc-file-size: 10814
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1641282240,3222557778&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=685
113.219.142.35200 OK 38 kB URL HTTP/2 img1.baidu.com/it/u=1641282240,3222557778&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=685
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x685, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ac3c0895e146ea439aea6bf847584ff6
f8ebea71b8d236a16be56c604831ec85e090569e
480f5db36f34e4b50eba175d8d1f02072ca52beb04d9fdedaf87b6945b63a5ec
GET /it/u=1641282240,3222557778&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=685 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:09 GMT
content-type: image/webp
content-length: 37862
expires: Wed, 22 Feb 2023 02:44:50 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: ac3c0895e146ea439aea6bf847584ff6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:44:50 GMT
ohc-cache-hit: chenzct70 [1], qdix70 [4]
ohc-file-size: 37862
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/335417.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/335417.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/335417.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=599645573,598984044&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/380511.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/380511.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/380511.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=763040175,970596409&fm=253&fmt=auto&app=138&f=JPEG?w=356&h=499
img1.baidu.com/it/u=659013930,3978458047&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=684
113.219.142.35200 OK 31 kB URL HTTP/2 img1.baidu.com/it/u=659013930,3978458047&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=684
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x684, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9bedd7a7f02373c0c91f79cef2d0cd7f
1ce13b8c89e6323dfc9a8ff2c90a5441422ecc35
cdb8376311866c34136259fb9f7acb5ed3eed002fae982b147130466979c1d71
GET /it/u=659013930,3978458047&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=684 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:09 GMT
content-type: image/webp
content-length: 30838
expires: Mon, 20 Feb 2023 18:29:10 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 9bedd7a7f02373c0c91f79cef2d0cd7f
age: 163954
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 18:29:10 GMT
ohc-cache-hit: chenzct84 [4], suzix221 [4]
ohc-file-size: 30838
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=599645573,598984044&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 37 kB URL HTTP/1.1 t15.baidu.com/it/u=599645573,598984044&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0f506ae4b9d5843ca006e3c1591a3742
80c9b1a1015baecbd327e949d65b67d1c9ebc01f
6612daa22a72e1053bb0355912c66e814dba6ecb5efea3f9b42c05c75e016a51
GET /it/u=599645573,598984044&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpeg
Content-Length: 36719
Connection: keep-alive
Expires: Tue, 14 Feb 2023 02:30:51 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 0f506ae4b9d5843ca006e3c1591a3742
Age: 1736958
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 02:30:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache58 [1], xiangyix58 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 36719
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1883426645,2647279928&fm=253&app=120&f=JPEG?w=1280&h=800
125.64.104.35200 OK 126 kB URL HTTP/1.1 img0.baidu.com/it/u=1883426645,2647279928&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 126 kB (125791 bytes)
Hash c9847ca9ff11041ad7c85ed0d161a6da
b77e18152b99308d588cc7d1284b9c6e9e055750
af9125cd1dfb5dd3514bc292fa99e5f17ca957359cb55c7873a61d6d1e9cbba4
GET /it/u=1883426645,2647279928&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpeg
Content-Length: 125791
Connection: keep-alive
Expires: Sat, 04 Feb 2023 17:38:19 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: c9847ca9ff11041ad7c85ed0d161a6da
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 17:38:19 GMT
Ohc-Cache-HIT: dy2ct52 [1], suzix52 [4]
Ohc-File-Size: 125791
X-Cache-Status: MISS
12635.url.tudown.com/uploads/images/264849.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/264849.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/264849.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=121291751,3003929754&fm=253&app=138&f=JPEG?w=500&h=889
12635.url.tudown.com/uploads/images/541499.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/541499.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/541499.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:09 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2164046690,1660495231&fm=253&fmt=auto&app=138&f=JPEG?w=496&h=280
img0.baidu.com/it/u=3053994392,3801901966&fm=253&fmt=auto?w=120&h=80
124.239.243.35200 OK 1.3 kB URL HTTP/2 img0.baidu.com/it/u=3053994392,3801901966&fm=253&fmt=auto?w=120&h=80
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6148e80dd0a7019d14b8aad9e9dbfbf3
26234f35db0e490c27f8f4393a435d37952fb453
d2972dd5ff60ab7847552c9ab42e11ade46fd30176e435bdcefcf2e1ce6fbf3b
GET /it/u=3053994392,3801901966&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:09 GMT
content-type: image/webp
content-length: 1320
expires: Wed, 22 Feb 2023 04:16:22 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6148e80dd0a7019d14b8aad9e9dbfbf3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 04:16:22 GMT
ohc-cache-hit: lf7ct63 [1], suzix127 [4]
ohc-file-size: 1320
x-cache-status: MISS
X-Firefox-Spdy: h2
wn.pos.baidu.com/adx.php?c=d25pZD0zYmEwYjAzZDUxZWNlOTUyAHM9M2JhMGIwM2Q1MWVjZTk1MgB0PTE2NzU0ODY4MDcAc2U9MQBidT00AHByaWNlPVk5M21Wd0FJWVNCN2pFcGdXNUlBOHVhSDM5SjRjcUZtZ0htYkJBAGNoYXJnZV9wcmljZT0zMQBzaGFyaW5nX3ByaWNlPTMxMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0xMDIwNTk4NDkAdHU9dTQ5NjU4OTQAYWRjbGFzcz0wAHNyY3Q9MABwb3M9MABsb2M9NQBlaWQ9MABjYmlkPVk5M21Wd0FJWVNCN2pFcGdXNUlBOHVhSDM5SjRjcUZtZ0htYkJBAGJjaG1kPTAAdG09MAB2PTEAaT05ZmExNjkzMw
182.61.62.32200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD0zYmEwYjAzZDUxZWNlOTUyAHM9M2JhMGIwM2Q1MWVjZTk1MgB0PTE2NzU0ODY4MDcAc2U9MQBidT00AHByaWNlPVk5M21Wd0FJWVNCN2pFcGdXNUlBOHVhSDM5SjRjcUZtZ0htYkJBAGNoYXJnZV9wcmljZT0zMQBzaGFyaW5nX3ByaWNlPTMxMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0xMDIwNTk4NDkAdHU9dTQ5NjU4OTQAYWRjbGFzcz0wAHNyY3Q9MABwb3M9MABsb2M9NQBlaWQ9MABjYmlkPVk5M21Wd0FJWVNCN2pFcGdXNUlBOHVhSDM5SjRjcUZtZ0htYkJBAGJjaG1kPTAAdG09MAB2PTEAaT05ZmExNjkzMw
IP 182.61.62.32:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD0zYmEwYjAzZDUxZWNlOTUyAHM9M2JhMGIwM2Q1MWVjZTk1MgB0PTE2NzU0ODY4MDcAc2U9MQBidT00AHByaWNlPVk5M21Wd0FJWVNCN2pFcGdXNUlBOHVhSDM5SjRjcUZtZ0htYkJBAGNoYXJnZV9wcmljZT0zMQBzaGFyaW5nX3ByaWNlPTMxMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0xMDIwNTk4NDkAdHU9dTQ5NjU4OTQAYWRjbGFzcz0wAHNyY3Q9MABwb3M9MABsb2M9NQBlaWQ9MABjYmlkPVk5M21Wd0FJWVNCN2pFcGdXNUlBOHVhSDM5SjRjcUZtZ0htYkJBAGJjaG1kPTAAdG09MAB2PTEAaT05ZmExNjkzMw HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Sat, 04 Feb 2023 05:00:09 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=C5E8603A65B942ADC815096FF99A32AD:FG=1; expires=Sun, 04-Feb-24 05:00:09 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
img1.baidu.com/it/u=2765347504,4015024499&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
113.219.142.35200 OK 30 kB URL HTTP/2 img1.baidu.com/it/u=2765347504,4015024499&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 85c85da63c2ae249304de9f6adbe060f
22bdf01bad24960c40f61da1fe6337a9c9767622
26897a0d88af81b4b75978c7214b52604728817e8303f6cdd94f3d453c44db35
GET /it/u=2765347504,4015024499&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:09 GMT
content-type: image/webp
content-length: 29786
expires: Wed, 22 Feb 2023 00:14:47 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 85c85da63c2ae249304de9f6adbe060f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 00:14:47 GMT
ohc-cache-hit: chenzct64 [1], bdix137 [4]
ohc-file-size: 29786
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/178692.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/178692.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/178692.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1366327270,1168404415&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=602
12635.url.tudown.com/uploads/images/538610.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/538610.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/538610.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2011663259,3200368499&fm=253&fmt=auto?w=500&h=500
img1.baidu.com/it/u=763040175,970596409&fm=253&fmt=auto&app=138&f=JPEG?w=356&h=499
113.219.142.35200 OK 30 kB URL HTTP/2 img1.baidu.com/it/u=763040175,970596409&fm=253&fmt=auto&app=138&f=JPEG?w=356&h=499
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 356x499, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f72f2c2a9a27b37cc8e568fd462912fc
45f07aec4c4acce07445dfea111d5a25c2956ce5
d04cf62fb2dea5c7e3860a6cf1e84b532c5e1fb1c12a603e1345e2c9bb0e2e3a
GET /it/u=763040175,970596409&fm=253&fmt=auto&app=138&f=JPEG?w=356&h=499 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:10 GMT
content-type: image/webp
content-length: 29590
expires: Sat, 04 Mar 2023 05:11:17 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: f72f2c2a9a27b37cc8e568fd462912fc
age: 302
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 05:11:17 GMT
ohc-cache-hit: chenzct67 [4], xiangyix86 [4]
ohc-file-size: 29590
x-cache-status: HIT
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/885163.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/885163.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/885163.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2555323624,3603356679&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=2164046690,1660495231&fm=253&fmt=auto&app=138&f=JPEG?w=496&h=280
113.219.142.35200 OK 32 kB URL HTTP/2 img1.baidu.com/it/u=2164046690,1660495231&fm=253&fmt=auto&app=138&f=JPEG?w=496&h=280
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 496x280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55d8f24ddda6271366aede4443dea158
0c26f8a1f8327fcd08480aedfaf2176ac1930b54
00412bdcd07548a3155a1c7e70ed36d48b8fd33c05ac649a310da64c2c7d5d39
GET /it/u=2164046690,1660495231&fm=253&fmt=auto&app=138&f=JPEG?w=496&h=280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:10 GMT
content-type: image/webp
content-length: 32320
expires: Sun, 05 Mar 2023 00:33:43 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 55d8f24ddda6271366aede4443dea158
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 00:33:43 GMT
ohc-cache-hit: chenzct78 [1], csix78 [2]
ohc-file-size: 32320
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/753819.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/753819.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/753819.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1071668484,206696774&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=2555323624,3603356679&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 42 kB URL HTTP/1.1 t13.baidu.com/it/u=2555323624,3603356679&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d02ad5ccf172cab34a98e29a766423a3
b31f13c2f1d08dabe837cbb08a67e29c81ffe65a
cb0c368bfdc0d25886286f483fc3ebd5cc243e715024a47f76581a394c3768bf
GET /it/u=2555323624,3603356679&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpeg
Content-Length: 42485
Connection: keep-alive
Expires: Sun, 12 Feb 2023 20:11:49 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: d02ad5ccf172cab34a98e29a766423a3
Age: 5243
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 20:11:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache65 [4], wzix65 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 42485
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1071668484,206696774&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 43 kB URL HTTP/1.1 t15.baidu.com/it/u=1071668484,206696774&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0f18d81c3468d48fd14ef8280e56658a
9312061a6a5e28fb3e302ded0684d97335733209
086a0b4c95e13ce18b4d2205c30a11bfb538461785cf935361333b95faa5c241
GET /it/u=1071668484,206696774&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpeg
Content-Length: 43383
Connection: keep-alive
Expires: Mon, 27 Feb 2023 17:35:09 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 0f18d81c3468d48fd14ef8280e56658a
Age: 416798
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 28 Jan 2023 17:35:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache54 [4], czix199 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43383
X-Cache-Status: HIT
Timing-Allow-Origin: *
12635.url.tudown.com/uploads/images/591872.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/591872.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/591872.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1423991440,1722008287&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/647829.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/647829.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/647829.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3868639163,1646482983&fm=253&fmt=auto&app=138&f=JPEG?w=706&h=440
img1.baidu.com/it/u=121291751,3003929754&fm=253&app=138&f=JPEG?w=500&h=889
113.219.142.35200 OK 48 kB URL HTTP/1.1 img1.baidu.com/it/u=121291751,3003929754&fm=253&app=138&f=JPEG?w=500&h=889
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash 2774bb738bad52556ea40b7bac0d9f57
f0c532bb13b167b3521a34a516dea8771ae15a99
19b8dad7167f2981b5ab67be25b88b10ad76b817cfa9e220ac5dca47a58d535b
GET /it/u=121291751,3003929754&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpeg
Content-Length: 48394
Connection: keep-alive
Expires: Tue, 14 Feb 2023 23:51:35 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 2774bb738bad52556ea40b7bac0d9f57
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 23:51:35 GMT
Ohc-Cache-HIT: chenzct68 [1], bdix218 [4]
Ohc-File-Size: 48394
X-Cache-Status: MISS
t15.baidu.com/it/u=1423991440,1722008287&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 28 kB URL HTTP/1.1 t15.baidu.com/it/u=1423991440,1722008287&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0c10d8cbf27e6337a99d67b6f95fc329
d43d6c8af7a3b6c23859301cacf5d123f4a911a6
089232bbf4286350152cba548796a37834606071e5817b523d88f2bcf30cf1a3
GET /it/u=1423991440,1722008287&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpeg
Content-Length: 27781
Connection: keep-alive
Expires: Mon, 06 Feb 2023 15:25:49 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 0c10d8cbf27e6337a99d67b6f95fc329
Age: 2084197
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 15:25:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache62 [1], wzix95 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 27781
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=1366327270,1168404415&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=602
113.219.142.35200 OK 32 kB URL HTTP/2 img1.baidu.com/it/u=1366327270,1168404415&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=602
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x602, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec24ee60f2ff78e1b5a0a86fa92904af
d882ec00fd91467c36322f1a22a3c81deb3740f5
5cc4b497b42811e280019f5983ec5cdcb72f6741977bff9a5f636f211589f4f5
GET /it/u=1366327270,1168404415&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=602 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:10 GMT
content-type: image/webp
content-length: 31918
expires: Sun, 12 Feb 2023 18:36:22 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: ec24ee60f2ff78e1b5a0a86fa92904af
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 18:36:22 GMT
ohc-cache-hit: chenzct50 [1], suzix248 [4]
ohc-file-size: 31918
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2011663259,3200368499&fm=253&fmt=auto?w=500&h=500
124.239.243.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=2011663259,3200368499&fm=253&fmt=auto?w=500&h=500
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0df9827e75ee8c88540ca6d61661f67e
89d14b872de4b374662a03af19237f3aae071ae8
5f2f039ecfd356abd45ae43cbe8b41bb3afcae69ad577f7a235e6bb66ce6a56a
GET /it/u=2011663259,3200368499&fm=253&fmt=auto?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:10 GMT
content-type: image/webp
content-length: 17568
expires: Mon, 06 Mar 2023 05:00:10 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 0df9827e75ee8c88540ca6d61661f67e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 05:00:10 GMT
ohc-cache-hit: lf7ct80 [1], xiangyix244 [2]
ohc-file-size: 17568
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/270269.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/270269.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/270269.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=425022202,1985701379&fm=253&app=120&f=JPEG?w=1280&h=800
12635.url.tudown.com/uploads/images/474056.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/474056.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/474056.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2072426470,3293485944&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img1.baidu.com/it/u=3868639163,1646482983&fm=253&fmt=auto&app=138&f=JPEG?w=706&h=440
113.219.142.35200 OK 32 kB URL HTTP/2 img1.baidu.com/it/u=3868639163,1646482983&fm=253&fmt=auto&app=138&f=JPEG?w=706&h=440
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 706x440, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 803514b3843e3eac93507792fa878add
43d878f0d4c716c00b4439127810bd4c186d0507
316b9efb2b731845174f25d34d0f22de9fe76c970cc761eb835b56acf4473d4e
GET /it/u=3868639163,1646482983&fm=253&fmt=auto&app=138&f=JPEG?w=706&h=440 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:10 GMT
content-type: image/webp
content-length: 31498
expires: Thu, 09 Feb 2023 10:08:44 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 803514b3843e3eac93507792fa878add
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 10:08:44 GMT
ohc-cache-hit: chenzct74 [1], wzix103 [2]
ohc-file-size: 31498
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/680582.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/680582.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/680582.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447
12635.url.tudown.com/uploads/images/447141.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/447141.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/447141.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1695857157,4140732250&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
12635.url.tudown.com/uploads/images/391278.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/391278.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/391278.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2657328981,1611012276&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/767349.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/767349.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/767349.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1495114189,2044048232&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=653
t14.baidu.com/it/u=2657328981,1611012276&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 67 kB URL HTTP/1.1 t14.baidu.com/it/u=2657328981,1611012276&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0b255f9b9ca07df4e9a9722ebe87e8e5
1d98b817887e6f99d329b6c2d8cc710e1977591c
9ec7120865220a6b98c1089668c23416a81f9c65644176f095860f2d9cbaece4
GET /it/u=2657328981,1611012276&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpeg
Content-Length: 66822
Connection: keep-alive
Expires: Tue, 07 Feb 2023 07:04:00 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 0b255f9b9ca07df4e9a9722ebe87e8e5
Age: 2015263
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 07:04:00 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], xauncache100 [1], suzix111 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 66822
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=2072426470,3293485944&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
113.219.142.35200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=2072426470,3293485944&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a7f7e132336096410222ff3e1b2a0cdb
5a4721fc78dd83eb3d73ab7e0e21d5658af2025e
40cd8565545ef5dbaf220ff323897ee194cd9b405d8fdca31f2422b051b0d54c
GET /it/u=2072426470,3293485944&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:10 GMT
content-type: image/webp
content-length: 19950
expires: Tue, 21 Feb 2023 04:04:22 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a7f7e132336096410222ff3e1b2a0cdb
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 04:04:22 GMT
ohc-cache-hit: chenzct79 [1], bdix169 [4]
ohc-file-size: 19950
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/879698.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/879698.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/879698.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1394127003,2167739577&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=330
12635.url.tudown.com/uploads/images/226847.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/226847.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/226847.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=380293114,1896696450&fm=253&fmt=auto&app=138&f=JPEG?w=78&h=203
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f8445588b46f14417824dcaa08cd2a17
758611fc37084e72a0988168c2c8c0148691746c
791f7408fc11446a62779212e83bd398ade9830adc19307ef9a0ca0112400d1e
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 05:00:10 GMT
Ali-Swift-Global-Savetime: 1675486810
Via: cache5.l2de2[48,48,200-0,M], cache5.l2de2[49,0], cache5.se1[71,70,200-0,M], cache5.se1[72,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 05:00:10 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916754868109116541e
img2.baidu.com/it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447
113.219.142.35200 OK 24 kB URL HTTP/2 img2.baidu.com/it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x447, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b37223ee558928daaa065ec85236fc80
fcb667eda6d4469bbbdff932cb19ec025b150f72
56d6f204f97b3acf1abe7f4388c3b7947a0a3dea2048790023f28f59d4f9268a
GET /it/u=1965931708,1590699311&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=447 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:10 GMT
content-type: image/webp
content-length: 23550
expires: Tue, 28 Feb 2023 01:36:43 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: b37223ee558928daaa065ec85236fc80
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 01:36:43 GMT
ohc-cache-hit: chenzct53 [1], xaix55 [4]
ohc-file-size: 23550
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1695857157,4140732250&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
113.219.142.35200 OK 7.7 kB URL HTTP/2 img2.baidu.com/it/u=1695857157,4140732250&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 327fbb3f879dac9936b057596dfe3c12
7b5d472f6983577c9b62db1d5d829e06a08ac407
906d86c6f8ecc05abd346ff3821b0d2272b50d18b6441b1176641b2f9c0220db
GET /it/u=1695857157,4140732250&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:10 GMT
content-type: image/webp
content-length: 7676
expires: Wed, 15 Feb 2023 19:19:59 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 327fbb3f879dac9936b057596dfe3c12
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 19:19:59 GMT
ohc-cache-hit: chenzct73 [1], czix218 [4]
ohc-file-size: 7676
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1495114189,2044048232&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=653
113.219.142.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=1495114189,2044048232&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=653
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x653, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1007529c268977558d20c8b8e446a9f9
396c4c8504506a6d6dd61fbaa338b7b98c4cf26e
eb961773cc85f7a73c18b46a5986331530312a80b883eb87ed9466f08d268ab7
GET /it/u=1495114189,2044048232&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=653 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:10 GMT
content-type: image/webp
content-length: 15394
expires: Wed, 22 Feb 2023 01:46:47 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1007529c268977558d20c8b8e446a9f9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:46:47 GMT
ohc-cache-hit: chenzct63 [1], wzix63 [4]
ohc-file-size: 15394
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/268014.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/268014.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/268014.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3036079729,1808152136&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=293
12635.url.tudown.com/uploads/images/173568.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/173568.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/173568.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2021526406,2702630152&fm=253&fmt=auto&app=138&f=GIF?w=1088&h=500
12635.url.tudown.com/uploads/images/905249.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/905249.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/905249.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1859290672,3807046757&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=500
12635.url.tudown.com/uploads/images/175009.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/175009.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/175009.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3695860788,2767676066&fm=253&app=138&f=JPEG?w=800&h=500
img0.baidu.com/it/u=425022202,1985701379&fm=253&app=120&f=JPEG?w=1280&h=800
125.64.104.35200 OK 175 kB URL HTTP/1.1 img0.baidu.com/it/u=425022202,1985701379&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 175 kB (174702 bytes)
Hash b5d94fb5ac5e86e7f61371a34868c3aa
078a49842a359417e6198460cb56a762add4c390
297e4bf3af844d72e28f877ad161ff4bb266ef83496cc20f96355c1ffe0088f0
GET /it/u=425022202,1985701379&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:10 GMT
Content-Type: image/jpeg
Content-Length: 174702
Connection: keep-alive
Expires: Wed, 08 Feb 2023 14:25:54 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: b5d94fb5ac5e86e7f61371a34868c3aa
Age: 173602
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 14:25:54 GMT
Ohc-Cache-HIT: dy2ct79 [4], wzix79 [2]
Ohc-File-Size: 174702
X-Cache-Status: HIT
img2.baidu.com/it/u=380293114,1896696450&fm=253&fmt=auto&app=138&f=JPEG?w=78&h=203
113.219.142.35200 OK 3.7 kB URL HTTP/2 img2.baidu.com/it/u=380293114,1896696450&fm=253&fmt=auto&app=138&f=JPEG?w=78&h=203
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 78x203, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 928768e56cbbb51f731eec39ea04b4fc
f19979f695f48fc23534b98bcd88009dd64d131d
0d5d983f66926519d968ae4fea778cf998258d673089949e7577f0a6b913b21d
GET /it/u=380293114,1896696450&fm=253&fmt=auto&app=138&f=JPEG?w=78&h=203 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/webp
content-length: 3670
expires: Mon, 20 Feb 2023 15:03:11 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 928768e56cbbb51f731eec39ea04b4fc
age: 91842
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 15:03:11 GMT
ohc-cache-hit: chenzct57 [4], xaix248 [2]
ohc-file-size: 3670
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f8445588b46f14417824dcaa08cd2a17
758611fc37084e72a0988168c2c8c0148691746c
791f7408fc11446a62779212e83bd398ade9830adc19307ef9a0ca0112400d1e
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 05:00:11 GMT
Ali-Swift-Global-Savetime: 1675486811
Via: cache15.l2de2[292,291,200-0,M], cache15.l2de2[294,0], cache1.se1[316,315,200-0,M], cache1.se1[318,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 05:00:11 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516754868109045191e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f8445588b46f14417824dcaa08cd2a17
758611fc37084e72a0988168c2c8c0148691746c
791f7408fc11446a62779212e83bd398ade9830adc19307ef9a0ca0112400d1e
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 05:00:11 GMT
Ali-Swift-Global-Savetime: 1675486811
Via: cache19.l2de2[279,278,200-0,M], cache19.l2de2[279,0], cache5.se1[302,301,200-0,M], cache5.se1[305,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 05:00:11 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916754868109296550e
img2.baidu.com/it/u=1394127003,2167739577&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=330
113.219.142.35200 OK 7.4 kB URL HTTP/2 img2.baidu.com/it/u=1394127003,2167739577&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=330
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bf93c49f82ba691ed47fb57d48412d6b
c38db87a4ad85c43186d79b3991398f15bd6c7b6
0822dbe14958e127c2000fdb32e305274941372bb43cbc2c9e1fc9820db480ca
GET /it/u=1394127003,2167739577&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=330 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/webp
content-length: 7420
expires: Sat, 18 Feb 2023 13:24:23 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: bf93c49f82ba691ed47fb57d48412d6b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 13:24:23 GMT
ohc-cache-hit: chenzct50 [1], bdix50 [2]
ohc-file-size: 7420
x-cache-status: MISS
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f8445588b46f14417824dcaa08cd2a17
758611fc37084e72a0988168c2c8c0148691746c
791f7408fc11446a62779212e83bd398ade9830adc19307ef9a0ca0112400d1e
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 05:00:11 GMT
Ali-Swift-Global-Savetime: 1675486811
Via: cache2.l2de2[277,277,200-0,M], cache2.l2de2[278,0], cache5.se1[300,299,200-0,M], cache5.se1[300,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 05:00:11 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916754868109446554e
12635.url.tudown.com/uploads/images/211322.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/211322.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/211322.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=273031077,1241918813&fm=253&fmt=auto&app=138&f=JPEG?w=325&h=500
12635.url.tudown.com/uploads/images/36234.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/36234.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/36234.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3906121689,56400671&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709
img2.baidu.com/it/u=3036079729,1808152136&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=293
113.219.142.35200 OK 15 kB URL HTTP/2 img2.baidu.com/it/u=3036079729,1808152136&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=293
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x293, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7a02fca9063faa43e98f77509d4c2469
9bca1c0ef2e4b41da3095099a350d33b1e5aed24
26baa0a7bf9fcdbb396265216a8ab544a3889d918106554539f64e8b85e46842
GET /it/u=3036079729,1808152136&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=293 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/webp
content-length: 14796
expires: Tue, 14 Feb 2023 01:42:07 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 7a02fca9063faa43e98f77509d4c2469
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 01:42:07 GMT
ohc-cache-hit: chenzct61 [1], czix202 [4]
ohc-file-size: 14796
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1859290672,3807046757&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=500
124.239.243.35200 OK 14 kB URL HTTP/2 img0.baidu.com/it/u=1859290672,3807046757&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=500
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 650x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dfa8c9a864fc7b368c7334ae921acffd
5ae12b3a476871945755f3918fd965ceea9578e3
8117cd6f174a85daab5f4884a2eecd49ad91b739ef9fd6f798f192d0352c9a9e
GET /it/u=1859290672,3807046757&fm=253&fmt=auto&app=138&f=JPEG?w=650&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/webp
content-length: 14056
expires: Sat, 04 Feb 2023 07:05:02 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: dfa8c9a864fc7b368c7334ae921acffd
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 07:05:02 GMT
ohc-cache-hit: lf7ct76 [1], csix76 [2]
ohc-file-size: 14056
x-cache-status: MISS
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f8445588b46f14417824dcaa08cd2a17
758611fc37084e72a0988168c2c8c0148691746c
791f7408fc11446a62779212e83bd398ade9830adc19307ef9a0ca0112400d1e
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Sat, 04 Feb 2023 05:00:11 GMT
Last-Modified: Fri, 03 Feb 2023 15:48:37 GMT
ETag: "63dd2cd5-1d7"
Expires: Sun, 05 Feb 2023 15:48:37 GMT
Cache-Control: max-age=125306
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675486811
Via: cache9.l2de2[486,485,200-0,M], cache9.l2de2[486,0], cache4.se1[507,507,200-0,M], cache4.se1[509,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 05:00:11 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816754868109165103e
12635.url.tudown.com/uploads/images/72977.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/72977.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/72977.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=359193520,2939900075&fm=224&app=112&f=JPEG?w=500&h=500
12635.url.tudown.com/uploads/images/390975.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/390975.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/390975.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=140112106,674913735&fm=224&app=112&f=JPEG?w=500&h=500&s=3DF064975D0356DC9498E5DF0300F0F3
eclick.baidu.com/rs.jpg?pageSearchId=1675486841900rrzv0n5t0kr&content=%7BpgSacI%22%22658810rz050r%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F165ultdw.o%2Fonmae%2558%258E%25DB%255B%255E%255B%401_83.x%22%22aeerhd%3A1746490rvntk%22%5D%22aeerhd%3A1746490rvntk%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F23.r.uoncmdw%2FcfeE%25DB%258B%25DE%257A%2558%25748677ee%2CpgSacI%22%22658810rz050r%7D%7D
111.206.208.190200 OK 0 B URL HTTP/1.1 eclick.baidu.com/rs.jpg?pageSearchId=1675486841900rrzv0n5t0kr&content=%7BpgSacI%22%22658810rz050r%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F165ultdw.o%2Fonmae%2558%258E%25DB%255B%255E%255B%401_83.x%22%22aeerhd%3A1746490rvntk%22%5D%22aeerhd%3A1746490rvntk%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F23.r.uoncmdw%2FcfeE%25DB%258B%25DE%257A%2558%25748677ee%2CpgSacI%22%22658810rz050r%7D%7D
IP 111.206.208.190:0
ASN #4808 China Unicom Beijing Province Network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rs.jpg?pageSearchId=1675486841900rrzv0n5t0kr&content=%7BpgSacI%22%22658810rz050r%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F165ultdw.o%2Fonmae%2558%258E%25DB%255B%255E%255B%401_83.x%22%22aeerhd%3A1746490rvntk%22%5D%22aeerhd%3A1746490rvntk%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F23.r.uoncmdw%2FcfeE%25DB%258B%25DE%257A%2558%25748677ee%2CpgSacI%22%22658810rz050r%7D%7D HTTP/1.1
Host: eclick.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: image/jpeg
Date: Sat, 04 Feb 2023 05:00:11 GMT
Etag: "622ee3bd-0"
Expires: Sat, 04 Feb 2023 05:00:11 GMT
Last-Modified: Mon, 14 Mar 2022 06:42:05 GMT
Server: nginx
12635.url.tudown.com/uploads/images/306086.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/306086.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/306086.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1743409576,2312703784&fm=224&app=112&f=JPEG?w=500&h=500&s=0A86C50358D367E94F14C104030050E2
lupic.cdn.bcebos.com/20200412/3026514904_14_786_562.jpg
182.201.240.35200 OK 45 kB URL HTTP/2 lupic.cdn.bcebos.com/20200412/3026514904_14_786_562.jpg
IP 182.201.240.35:0
ASN #134762 CHINANET Liaoning province Dalian MAN network
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 786x562, components 3\012- data
Hash e194f4002dba65b2ebf10962090c7fb5
97146afa895f7b364bae2d7a6bb419837d23868a
7423c7731203b7936166b37a7dacc48354bb2d55ff76e0b80a2cb2e464f170be
GET /20200412/3026514904_14_786_562.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/jpeg
content-length: 45342
expires: Mon, 06 Feb 2023 00:51:16 GMT
last-modified: Sun, 12 Apr 2020 12:57:57 GMT
etag: "e194f4002dba65b2ebf10962090c7fb5"
age: 101245
accept-ranges: bytes
content-md5: 4ZT0AC26ZbLr8QliCQx/tQ==
x-bce-content-crc32: 3432125497
x-bce-debug-id: OBTUf9T6b8erYHOmNuURtUJptoX18GtB1XfyfccyTT7kZeaGWeEdjj+c6SjR5tcsMtGd5CLXmpO05/DONo6Ryw==
x-bce-request-id: f5119beb-9a49-4aac-9262-f3289e10eeb9
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 00:51:16 GMT
ohc-cache-hit: dl2ct64 [2], qdix138 [4]
ohc-file-size: 45342
x-cache-status: HIT
X-Firefox-Spdy: h2
t13.baidu.com/it/u=140112106,674913735&fm=224&app=112&f=JPEG?w=500&h=500&s=3DF064975D0356DC9498E5DF0300F0F3
185.10.104.124200 OK 50 kB URL HTTP/1.1 t13.baidu.com/it/u=140112106,674913735&fm=224&app=112&f=JPEG?w=500&h=500&s=3DF064975D0356DC9498E5DF0300F0F3
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6b9dbdd735adf7ed8bdb7da6a9cc3e77
e28af561e38a5903c33bd2de88491111dbe214e7
b304f3554ccfd38ed34e1ad4323066245d9ef5531e854c71bb6515a1819a2c75
GET /it/u=140112106,674913735&fm=224&app=112&f=JPEG?w=500&h=500&s=3DF064975D0356DC9498E5DF0300F0F3 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpeg
Content-Length: 50211
Connection: keep-alive
Expires: Sun, 26 Feb 2023 11:57:32 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: 6b9dbdd735adf7ed8bdb7da6a9cc3e77
Age: 666159
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 27 Jan 2023 11:57:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache51 [1], suzix88 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 50211
X-Cache-Status: HIT
Timing-Allow-Origin: *
12635.url.tudown.com/uploads/images/960214.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/960214.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/960214.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3025588583,3756446943&fm=253&fmt=auto?w=120&h=80
t15.baidu.com/it/u=1743409576,2312703784&fm=224&app=112&f=JPEG?w=500&h=500&s=0A86C50358D367E94F14C104030050E2
185.10.104.124200 OK 45 kB URL HTTP/1.1 t15.baidu.com/it/u=1743409576,2312703784&fm=224&app=112&f=JPEG?w=500&h=500&s=0A86C50358D367E94F14C104030050E2
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4989b7f8d341c975293642b5d4be889f
7be8cf4542f06b048e1e7b4453b991acad029e8d
0f5d4ae9fc0d5b5171ec26a5faa78e2d18a464a6f55799cd9c5ba40487900122
GET /it/u=1743409576,2312703784&fm=224&app=112&f=JPEG?w=500&h=500&s=0A86C50358D367E94F14C104030050E2 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpeg
Content-Length: 45026
Connection: keep-alive
Expires: Tue, 07 Feb 2023 14:26:05 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 4989b7f8d341c975293642b5d4be889f
Age: 2015167
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 14:26:04 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache65 [4], wzix113 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 45026
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=273031077,1241918813&fm=253&fmt=auto&app=138&f=JPEG?w=325&h=500
113.219.142.35200 OK 32 kB URL HTTP/2 img1.baidu.com/it/u=273031077,1241918813&fm=253&fmt=auto&app=138&f=JPEG?w=325&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 325x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 558baf03bb2edce6e030b1dd3dab23c1
94fb2c6bde133a600ab08fb177607c3abdbd208f
cb1369207fe50b0ae888fe6f000766b08396bd9f013b230ec7ed758ca3ffe7bd
GET /it/u=273031077,1241918813&fm=253&fmt=auto&app=138&f=JPEG?w=325&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/webp
content-length: 32236
expires: Thu, 23 Feb 2023 12:43:40 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 558baf03bb2edce6e030b1dd3dab23c1
age: 92311
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 12:43:40 GMT
ohc-cache-hit: chenzct87 [4], xiangyix129 [4]
ohc-file-size: 32236
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3906121689,56400671&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709
124.239.243.35200 OK 50 kB URL HTTP/2 img0.baidu.com/it/u=3906121689,56400671&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x709, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c10c7327fecb3cff63bf28d2afeab530
4942ad82377ef0ed8c03c7ea06fdd5d435c80300
b510036baf2032608f7fcd9e55c5cb4016c5b7c2ab4e37bffc2f04236b35af8c
GET /it/u=3906121689,56400671&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/webp
content-length: 49508
expires: Wed, 22 Feb 2023 07:39:27 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c10c7327fecb3cff63bf28d2afeab530
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 07:39:27 GMT
ohc-cache-hit: lf7ct87 [1], bdix87 [4]
ohc-file-size: 49508
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/659039.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/659039.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/659039.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=700175277,3510046927&fm=253&fmt=auto&app=138&f=PNG?w=481&h=500
lupic.cdn.bcebos.com/20191203/3019002680_14.jpg
182.201.240.35200 OK 40 kB URL HTTP/2 lupic.cdn.bcebos.com/20191203/3019002680_14.jpg
IP 182.201.240.35:0
ASN #134762 CHINANET Liaoning province Dalian MAN network
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 374x267, components 3\012- data
Hash 9132c8aeea8e30753c140a93b266f6df
66febd02e42a1bd190b07ea14c9efca54a302548
196891c82b9756220b355e5c58934fc42aa4c04f37cbef185ac4a109956b81ce
GET /20191203/3019002680_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/jpeg
content-length: 39693
expires: Sun, 05 Feb 2023 08:04:12 GMT
last-modified: Tue, 03 Dec 2019 11:33:29 GMT
etag: "9132c8aeea8e30753c140a93b266f6df"
age: 161745
accept-ranges: bytes
content-md5: kTLIruqOMHU8FAqTsmb23w==
x-bce-content-crc32: 1945341393
x-bce-debug-id: ZMV5mMVH+DQDUpiWsKDRwFtmGXJngdbetsjKc7FV0TkPoPdmhl3WX6PfHC8hPT03GjS1k23hV0yosOP2bGmQXw==
x-bce-request-id: 0e562c98-5054-4982-b70a-9cecd8847fbc
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 08:04:12 GMT
ohc-cache-hit: dl2ct59 [2], wzix78 [2]
ohc-file-size: 39693
x-cache-status: HIT
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/260402.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/260402.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/260402.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
img0.baidu.com/it/u=2021526406,2702630152&fm=253&fmt=auto&app=138&f=GIF?w=1088&h=500
124.239.243.35200 OK 248 kB URL HTTP/1.1 img0.baidu.com/it/u=2021526406,2702630152&fm=253&fmt=auto&app=138&f=GIF?w=1088&h=500
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type GIF image data, version 89a, 1088 x 500\012- data
Size 248 kB (247820 bytes)
Hash 141d36e6afbf02053d363c02348b189e
60d3f527d4214c6dbf06e2290f5b291654824aa6
d996d0e9c8f50c656f21cc951e3d13228b00a37d95daa676bb7dde3dcce0ead0
GET /it/u=2021526406,2702630152&fm=253&fmt=auto&app=138&f=GIF?w=1088&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/gif
Content-Length: 247820
Connection: keep-alive
Expires: Sun, 12 Feb 2023 19:16:52 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 141d36e6afbf02053d363c02348b189e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 19:16:52 GMT
Ohc-Cache-HIT: lf7ct60 [2], xiangyix161 [4]
Ohc-File-Size: 247820
X-Cache-Status: MISS
t15.baidu.com/it/u=359193520,2939900075&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 47 kB URL HTTP/1.1 t15.baidu.com/it/u=359193520,2939900075&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fa144cc53688a22c5839bbff31f38afd
72c36eb96ef7e9cde7c2e1eb7745eff21272ce60
305bd100736f21f4f38ff1305f560b868bf700ab62ba3acc6f7d52553d467129
GET /it/u=359193520,2939900075&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpeg
Content-Length: 47234
Connection: keep-alive
Expires: Wed, 08 Feb 2023 10:44:38 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: fa144cc53688a22c5839bbff31f38afd
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 10:44:38 GMT
Ohc-Upstream-Trace: 124.237.212.68; 58.20.204.54
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [1], zhuzuncache54 [1], bdix68 [4]
Ohc-Response-Time: 1 0 0 0 282 282
Ohc-File-Size: 47234
X-Cache-Status: MISS
Timing-Allow-Origin: *
12635.url.tudown.com/uploads/images/548406.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/548406.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/548406.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1683299603,1030317218&fm=224&app=112&f=PNG?w=500&h=500
lupic.cdn.bcebos.com/20210629/8427056_14.jpg
182.201.240.35200 OK 14 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/8427056_14.jpg
IP 182.201.240.35:0
ASN #134762 CHINANET Liaoning province Dalian MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash 036ad151e7906ec7ee8fc57fa31bd388
070ed32ad244f5e2c8d36fd3e4c8b7d47d7957fb
233d7223b9b705327e9666f9a0d0519227e115d3619c0e7e20b9edf2c450005e
GET /20210629/8427056_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/jpeg
content-length: 13529
expires: Tue, 07 Feb 2023 02:58:45 GMT
last-modified: Fri, 02 Jul 2021 17:26:36 GMT
etag: "036ad151e7906ec7ee8fc57fa31bd388"
age: 6009
accept-ranges: bytes
content-md5: A2rRUeeQbsfuj8V/oxvTiA==
x-bce-content-crc32: 0
x-bce-debug-id: kUsW6SoTH7kpRcL+l+1MCnQ3pQBnFL8dIpIwieFl3a4zN0gdPtC1H7WTzDeIDJztlzOfpsAboDKWd83UDKzLjQ==
x-bce-request-id: 1a9cd3ee-266d-4cfb-9f15-da3f556babaf
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 02:58:45 GMT
ohc-cache-hit: dl2ct54 [2], bdix75 [2]
ohc-file-size: 13529
x-cache-status: HIT
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/520281.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/520281.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/520281.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3418920331,2770958767&fm=253&fmt=auto&app=138&f=JPEG?w=328&h=480
img0.baidu.com/it/u=3025588583,3756446943&fm=253&fmt=auto?w=120&h=80
124.239.243.35200 OK 3.2 kB URL HTTP/2 img0.baidu.com/it/u=3025588583,3756446943&fm=253&fmt=auto?w=120&h=80
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c22661840554e1c04947db0c6bd69fca
a31570ecb4fb733580f747574431a2586d81e1e2
ab455e647f520b22062593c5e9370bf8079f709451bd049dc58aac6994864be4
GET /it/u=3025588583,3756446943&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/webp
content-length: 3158
expires: Fri, 24 Feb 2023 02:38:36 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c22661840554e1c04947db0c6bd69fca
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 02:38:36 GMT
ohc-cache-hit: lf7ct51 [1], czix140 [4]
ohc-file-size: 3158
x-cache-status: MISS
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20220601/3086830048_14_600_429.jpg
182.201.240.35200 OK 26 kB URL HTTP/2 lupic.cdn.bcebos.com/20220601/3086830048_14_600_429.jpg
IP 182.201.240.35:0
ASN #134762 CHINANET Liaoning province Dalian MAN network
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x429, components 3\012- data
Hash 92db36124a7cc451aecea0d2bf67513c
89c8f99741c2320a64effe2dd48f3c55fbb5eaac
46c9bab0a75248e1a65fdefcca956fbd1da7fdd90b16c6040e35b03cc8616e4a
GET /20220601/3086830048_14_600_429.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/jpeg
content-length: 26292
expires: Sat, 04 Feb 2023 07:42:59 GMT
last-modified: Thu, 02 Jun 2022 02:21:34 GMT
etag: "92db36124a7cc451aecea0d2bf67513c"
age: 249429
accept-ranges: bytes
content-md5: kts2Ekp8xFGuzqDSv2dRPA==
x-bce-content-crc32: 416854450
x-bce-debug-id: pusb9UWM1DPsYU+zj100qFzRshWs1BT49qBFx3Potx9pkrZAPiASiJl7v/CJBj3wwrPZCQVYoy8UkKHDdw9A1w==
x-bce-request-id: fc5a5e2d-de23-465c-9c81-aeefe4883552
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 07:42:59 GMT
ohc-cache-hit: dl2ct52 [2], bdix66 [2]
ohc-file-size: 26292
x-cache-status: HIT
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/171400.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/171400.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/171400.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2859847914,4122821605&fm=224&app=112&f=JPEG?w=500&h=500
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 24692
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/381310.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/381310.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/381310.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3354813570,234222596&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=1683299603,1030317218&fm=224&app=112&f=PNG?w=500&h=500
185.10.104.124200 OK 307 kB URL HTTP/1.1 t13.baidu.com/it/u=1683299603,1030317218&fm=224&app=112&f=PNG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 307 kB (306594 bytes)
Hash e1999ffd8f276545ca883bf09cce05fc
dd0ae75e6c0144af72e6598fa806a011b2768272
60a8b37c51966091c7ab299a7501d17fc70e2b89bb20884fdcef9b14d6331151
GET /it/u=1683299603,1030317218&fm=224&app=112&f=PNG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/png
Content-Length: 306594
Connection: keep-alive
Expires: Sat, 04 Mar 2023 03:19:32 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e1999ffd8f276545ca883bf09cce05fc
Age: 178152
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 03:19:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache63 [2], bdix105 [3]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 306594
X-Cache-Status: HIT
t13.baidu.com/it/u=2859847914,4122821605&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 47 kB URL HTTP/1.1 t13.baidu.com/it/u=2859847914,4122821605&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e0cfd0083a3da9b3e86a7b4355e3da2f
a1efc341398ef5a0256aebd4e26197c6fe100ab5
9e415931754fdd4fa6e6a9efebc4047015410c4bab13ce54878d76813a3bbeb5
GET /it/u=2859847914,4122821605&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpeg
Content-Length: 47093
Connection: keep-alive
Expires: Mon, 06 Feb 2023 18:19:31 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e0cfd0083a3da9b3e86a7b4355e3da2f
Age: 2011754
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 18:19:30 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache50 [2], xiangyix153 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 47093
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=3354813570,234222596&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 36 kB URL HTTP/1.1 t13.baidu.com/it/u=3354813570,234222596&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4dccf2d9536f995d0bc14b1f380cf281
3e6669b4028ce698f234225c02d04f7cab07e9d3
cb4b053fb9662da5c113da183d5031d7b2a065e635d4941e151ab0a706cb78dc
GET /it/u=3354813570,234222596&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12635.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpeg
Content-Length: 35458
Connection: keep-alive
Expires: Fri, 17 Feb 2023 12:53:51 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 4dccf2d9536f995d0bc14b1f380cf281
Age: 1253468
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 18 Jan 2023 12:53:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache55 [1], bdix191 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 35458
X-Cache-Status: HIT
Timing-Allow-Origin: *
lupic.cdn.bcebos.com/20210629/9074743_14.jpg
182.201.240.35200 OK 22 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/9074743_14.jpg
IP 182.201.240.35:0
ASN #134762 CHINANET Liaoning province Dalian MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash 76cc5fbb5d7a6c2ff236f051f9bd84c3
f373ec10abcd8b3109f16ace1817a37e293fc81e
b0652d196fbf3c6963ce10e34d7eb746b499800b897b583be13a94d60a6ff62f
GET /20210629/9074743_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/jpeg
content-length: 22199
expires: Sun, 05 Feb 2023 09:05:41 GMT
last-modified: Fri, 02 Jul 2021 14:44:06 GMT
etag: "76cc5fbb5d7a6c2ff236f051f9bd84c3"
age: 158015
accept-ranges: bytes
content-md5: dsxfu116bC/yNvBR+b2Eww==
x-bce-content-crc32: 0
x-bce-debug-id: 7+wJm9n0SvGjpeX3CxGhsBNVxW3w70WB8M1H4ezggZWHA71HSzYuonwhgp5emtgObunzCa6LN+FgleF6wL9IzQ==
x-bce-request-id: 7e2fd763-cf97-4bf4-a568-b25dfe41bd58
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 09:05:41 GMT
ohc-cache-hit: dl2ct60 [2], czix208 [2]
ohc-file-size: 22199
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20200412/3055788763_14_561_400.jpg
182.201.240.35200 OK 34 kB URL HTTP/2 lupic.cdn.bcebos.com/20200412/3055788763_14_561_400.jpg
IP 182.201.240.35:0
ASN #134762 CHINANET Liaoning province Dalian MAN network
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 561x400, components 3\012- data
Hash 33bd90d0fdcad9f03db3e532ebda2e14
4157f6144a3f7e504b74c197517d1652887cf89b
3727482392f2dd523fabfd02e6e53bcd0cabdc774d414473f0183574d6ba5ebe
GET /20200412/3055788763_14_561_400.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/jpeg
content-length: 34492
expires: Sun, 05 Feb 2023 14:59:36 GMT
last-modified: Tue, 14 Apr 2020 15:20:58 GMT
etag: "33bd90d0fdcad9f03db3e532ebda2e14"
age: 135035
accept-ranges: bytes
content-md5: M72Q0P3K2fA9s+Uy69ouFA==
x-bce-content-crc32: 2677943155
x-bce-debug-id: NhabzTWlDTwB9CUTSSvzEuRqR5K2BPcuC2kPM5sl1KmsnV1e0WoEGb6FpN3EuF/GHiA5z9Z9lMX0p0IDpUjgFw==
x-bce-request-id: 7ecabc5d-2c66-4598-b9ce-efbacc09231d
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 14:59:36 GMT
ohc-cache-hit: dl2ct53 [4], xiangyix175 [2]
ohc-file-size: 34492
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=700175277,3510046927&fm=253&fmt=auto&app=138&f=PNG?w=481&h=500
113.219.142.35200 OK 95 kB URL HTTP/2 img2.baidu.com/it/u=700175277,3510046927&fm=253&fmt=auto&app=138&f=PNG?w=481&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 481x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2248885cf42e88633b76e93cb839372b
00db6b8c8318f24c3b09f9956e4fc09010db1a8f
8a920095fe9704670814c495db63b4128810ac84a5327ea0c936ea6e0e630981
GET /it/u=700175277,3510046927&fm=253&fmt=auto&app=138&f=PNG?w=481&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/webp
content-length: 94750
expires: Sat, 11 Feb 2023 02:18:43 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 2248885cf42e88633b76e93cb839372b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 02:18:43 GMT
ohc-cache-hit: chenzct53 [1], xiangyix211 [4]
ohc-file-size: 94750
x-cache-status: MISS
X-Firefox-Spdy: h2
12635.url.tudown.com/uploads/images/280052.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/280052.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/280052.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4293104133,1712007054&fm=253&fmt=auto&app=138&f=PNG?w=500&h=594
12635.url.tudown.com/uploads/images/759830.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12635.url.tudown.com/uploads/images/759830.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/759830.jpg HTTP/1.1
Host: 12635.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12635.url.tudown.com/down/mcafee%E5%8D%B8%E8%BD%BD%E5%B7%A5%E5%85%B7@418_68737.exe
Cookie: __bid_n=1861aa0e869bc01d084207; FPTOKEN=9IdM6Vq4uFF1B7U/Huo8ZjGSfStsljwyyh2t562L9Q7eH7/IdggBqHZrrmtfIflwGpQXDuIqtzywn/r9eGXND0Wtgcdz9MdRzU74vAZTQ5x9kq1ceJ18M7YIKb1ENGkzPpCdekTqWSmg9sBCSk4NXU1+zcr99rTyuvFHWDLcxTD5V0D7NcmUEyKQxVQQGGocrVmTzzhFrZZZtY5LA+D7y5lEgMqx7RP+kb+PPePqfflLpCYhdoGW9coIbYmvTPvziiBsedULG9qcWQSRcgJnxMN6VO+1f+6yH/s2WVCCd0nNzOyc8k60BpHQVUfCtnv00ENvLJpBH5dlhM1viQIGfE1W4dteQ0gF2td3miWcjsuuCQXo0M5ULWt/DYhDLiBVsZFQs/Qwqu3LQRHaX3vXlQ==|1GvEZGuc/E5nF4Ky/z+ozYgRhna2gK1dfgvdTYqu3qk=|10|5ef2109b53f07c683abd812164f304cf
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:00:11 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2399337604,3624228432&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
113.219.142.35200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3049dbfe7ea96d05d6d7c2026128dcf1
34aac4a8b7dd83d6684cf1ab6228e547be288d5b
e9dd027587b4c1fcaf0c6931a30402095924640d9d4f8d84df94a90ca04f3419
GET /it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 05:00:11 GMT
content-type: image/webp
content-length: 13460
expires: Sun, 19 Feb 2023 16:46:18 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3049dbfe7ea96d05d6d7c2026128dcf1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 16:46:18 GMT
ohc-cache-hit: chenzct62 [1], xaix62 [2]
ohc-file-size: 13460
x-cache-status: MISS
X-Firefox-Spdy: h2
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.209200 OK 0 B URL HTTP/2 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.209:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12635.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
strict-transport-security: max-age=5184000
date: Sat, 04 Feb 2023 05:00:05 GMT
last-modified: Wed, 06 Nov 2019 08:19:39 GMT
etag: W/"5dc2821b-4c53"
vary: Accept-Encoding, Accept-Encoding
expires: Tue, 22 Nov 2022 14:45:06 GMT
cache-control: max-age=600
ali-swift-global-savetime: 1675486805
via: cache1.l2de2[512,512,304-0,M], cache1.l2de2[514,0], cache8.se1[601,601,200-0,H], cache4.se1[603,0]
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:4:99731148
x-swift-savetime: Sat, 04 Feb 2023 05:00:05 GMT
x-swift-cachetime: 600
content-encoding: br
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
timing-allow-origin: *
eagleid: 2ff62c9816754868053462679e
X-Firefox-Spdy: h2
e2.2345.com/news/module2/js/newsModule-v2.js
180.101.199.211200 OK 0 B URL HTTP/2 e2.2345.com/news/module2/js/newsModule-v2.js
IP 180.101.199.211:0
GET /news/module2/js/newsModule-v2.js HTTP/1.1
Host: e2.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12635.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Sat, 04 Feb 2023 04:03:31 GMT
etag: W/"5f35e38f-cacf"
last-modified: Fri, 14 Aug 2020 01:06:23 GMT
vary: Accept-Encoding, Accept-Encoding
ali-swift-global-savetime: 1675483411
via: cache59.l2cn3037[0,0,304-0,H], cache60.l2cn3037[1,0], cache60.l2cn3037[1,0], vcache20.cn4733[0,0,200-0,H], vcache11.cn4733[1,0]
age: 3394
x-cache: HIT TCP_MEM_HIT dirn:10:456437127
x-swift-savetime: Sat, 04 Feb 2023 04:04:52 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b465c71f16754868057556736e
content-encoding: gzip
X-Firefox-Spdy: h2