r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10321
Expires: Fri, 13 Jan 2023 23:41:16 GMT
Date: Fri, 13 Jan 2023 20:49:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15832
Expires: Sat, 14 Jan 2023 01:13:07 GMT
Date: Fri, 13 Jan 2023 20:49:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 13 Jan 2023 20:48:52 GMT
content-type: application/json
age: 23
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9328
Expires: Fri, 13 Jan 2023 23:24:43 GMT
Date: Fri, 13 Jan 2023 20:49:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HzUj7TP2kfZz0DQawe/JLF0C9lkzyQhvc9c4RU1HPk5emgfT6ColrCaFYs5a/PacDlsouTz+cPcwAxZnFZq43w==
x-amz-request-id: 6Z0R1QPE2G8V6WE0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 13 Jan 2023 20:43:27 GMT
age: 348
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 13 Jan 2023 20:49:15 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 13 Jan 2023 20:33:45 GMT
age: 930
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e3535cab3c1ac295b1412126a9325c
d1bdf1b8663817ae34b6182db29d6b20666779e7
90c4ecd4b0782647fd78110b5bacfb73d2b05aae4de789a90318574407dfb565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6298
Cache-Control: max-age=136949
Content-Type: application/ocsp-response
Date: Fri, 13 Jan 2023 20:49:15 GMT
Etag: "63c11f26-1d7"
Expires: Sun, 15 Jan 2023 10:51:44 GMT
Last-Modified: Fri, 13 Jan 2023 09:06:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.43.251.236101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.251.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XE+u6kzQwcW/3Cy9vkN+Yg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: deLawDYw7bI5tTZH+rlkF6YVFGI=
12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
154.218.151.71200 OK 17 kB URL HTTP/1.1 12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash ed0264e50dd6e72f77a7da1b79b327a3
916a8c895af15fc0897289260fec307a1fef8359
3c0f86b5df31a012d12712f3979acae76e18fa9800994e0b1f375042cf0ecc42
Analyzer Verdict Alert fortinet Malware
GET /down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/global.css
154.218.151.71200 OK 7.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/global.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (710)
Hash b2502d4c36bc519e47bce519ffb3a295
d252dd5c34dbd231f5c120d8f45ded16e0aa3f4c
10bec4c97bde3cac4a43e4d86604e1ff2c54926ec350419e404435f0616d1a1a
GET /template/company/duote-xiazai/css/global.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:15 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6b-935f"
Expires: Sat, 14 Jan 2023 08:49:15 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12803.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 952b2841668e8303c2ee8bc817394790
1e7d159d8d75df0112f06eedab3ecd62b7075a52
51c463da96c71adce2a234968d1e46949fa82804f680861cb6562da84239e209
GET /template/company/duote-xiazai/css/soft.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6e-a090"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/news.css
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/news.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 4d5f155ee78bab18dd989f8fedda8ebc
d3e3353e7a3da786e2a1342ca13407fd432e3398
6754cc7b30008e41d53b0ebfb6b52a0c59712348880d235a77a07c3af02d9886
GET /template/company/duote-xiazai/css/news.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-16fd"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/message.css
154.218.151.71200 OK 1.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/message.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 90d699f8127fe2e7210c0f31f0b90bb0
245191b7026614b76c7234e8e82724d463d4adf1
50d4eaf1d089edb739f43068f78330d22700b47f9ea8acb14fa5606637aeaf23
GET /template/company/duote-xiazai/css/message.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-17a8"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
154.218.151.71200 OK 353 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 6fc35ccb15b461bc6b549a85ea398894
21581ad4fc3db4acc99bb2fb4ed2fde1dfa50049
8d88f6d1d76a2cf300e9378742dc29f48060c9747cfdeb6b05050cf25cc5ebfb
GET /template/company/duote-xiazai/css/scrollbar.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/css
Content-Length: 353
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Connection: keep-alive
ETag: "63676e6e-161"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/company/duote-xiazai/css/scrollStyle.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12803.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
154.218.151.71200 OK 37 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d4e282e0e1e69d378568eac0d45bfd24
8b62528373788e473676aa025a72aae45ec17d01
b5bbdf5ae69bfc2b39919ac018f41b27efac22f98ab92848db65022eb03dfd12
GET /template/company/duote-xiazai/js/jquery.min.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-16f44"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c88329ea42c15130f3b7163aea5229bd
e8983928c301e7031ede02457f16db1995aeeb2b
4a1e20f947b2deb338dcadd91f0fa9f977c6213b248f5d6a2fa6f54c334c2af5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 13 Jan 2023 20:44:44 GMT
last-modified: Tue, 10 Jan 2023 16:54:59 GMT
expires: Tue, 17 Jan 2023 16:54:58 GMT
etag: "e8983928c301e7031ede02457f16db1995aeeb2b"
cache-control: max-age=602887,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7890f8baaabe9b43-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673642684
via: cache2.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache3.se1[0,0,200-0,H], cache4.se1[0,0], cache3.se1[3,0]
age: 272
x-cache: HIT TCP_MEM_HIT dirn:1:299013577
x-swift-savetime: Fri, 13 Jan 2023 20:44:56 GMT
x-swift-cachetime: 1788
timing-allow-origin: *, *
eagleid: 2ff62c9716736429565622163e, 2ff62c9716736429565622163e
bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5139), with no line terminators
Hash 74a0effdd8b2ad23abb57cacabf6498c
47b2a6c46436ec6fb5c34e22ae9487f85225890a
dec7f3553b5a5f14c08331acf93ba091f7568e5d6b254149ad415590f190151b
Analyzer Verdict Alert fortinet Malware
GET /common/xsoa-r/openjs/pu/ao.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2140
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Fri, 13 Jan 2023 21:49:16 GMT
Last-Modified: Wed, 11 Jan 2023 16:31:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0e7fefcd9a337de-143
Server: yunjiasu
bdcode.2345.com/source/g/common/by/ht_jy_qx.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/source/g/common/by/ht_jy_qx.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5142), with no line terminators
Hash d3ffade25632faf2c4e3c2e79772ed0d
8fe6336008cc4c249b83bd195095eb2d80068fbc
647b3bcbc64d5cbfe3cdea3acbe692e623a5cfe02ed8680d1046d533085eff91
Analyzer Verdict Alert fortinet Malware
GET /source/g/common/by/ht_jy_qx.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2145
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Fri, 13 Jan 2023 21:49:16 GMT
Last-Modified: Wed, 11 Jan 2023 16:31:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0e7fefc238337df-143
Server: yunjiasu
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash b690db27e489d93de5ef093aa14e94cc
bfde72a2eee1aac4dcc08d050c4b995cfec1de13
2d0244c10f78aacb493adc000f659f11393483ee956adb25f378634a2b843951
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Tue, 17 Jan 2023 17:48:37 GMT
ETag: "bfde72a2eee1aac4dcc08d050c4b995cfec1de13"
Last-Modified: Fri, 13 Jan 2023 17:48:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1704
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7890ff5f2a2eb4ed-OSL
12803.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
154.218.151.71200 OK 8.9 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (29165), with CRLF line terminators
Hash fd0bdc561b4f37fa8e4539d86c5fd0e4
663b932af8ef82dff4cfeb56351bd32853e54804
98161b22bc6e6613ecf1c230ff9664ba032c3abfe8d6a4079263f9daeb1829db
GET /template/company/duote-xiazai/css/jquery-ui.min.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-7d6e"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
154.218.151.71200 OK 799 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash ac93d373f5090fbc3e8a7152aab7170d
160c0bc3072bccced250979b7999ae060941eb06
e15e1cefcdcd40db68eecbd7a02af32a8a97e5749791b07b434f8454408c1570
GET /template/company/duote-xiazai/js/duotecommon_top.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-a0b"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/teach.css
154.218.151.71200 OK 4.1 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/teach.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (499)
Hash 16ca38b11b525a142c6086c2c2802545
88ed9d1c7088344b24f18132ad025ed63623bb7e
c7d5eef240fb383c039b0141854336a78a07597b0bff022ae71514e913351d7a
GET /template/company/duote-xiazai/css/teach.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e70-503f"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/index.css
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/index.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash fbfd831dee308c5094076e0b4022a222
fa69c04bf3f0c911d2b1697717e05706362f0c57
ab5a9d33745256917eb22abecd3d8ed4790e612720f2a743206d00b85aa5ff4f
GET /template/company/duote-xiazai/css/index.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6c-42b3"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
154.218.151.71200 OK 741 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1844)
Hash 64d8d6bbbe2129e883c5af163b76600d
5c0f7df223f7f0ca25cc5c8247ae8b8f0cae4805
66f01728ee43d433d4fd4c0409354667cc543ae51cd362376d3f053da321369b
GET /template/company/duote-xiazai/js/super_slider.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-763"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/index.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/index.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (8638)
Hash a1f3815ea981db7480ca3c4d5d54aac6
f3961cccb17dc2190e2a8c249d936d0b1185fd7e
7adb4d2ea2856125d829deeabfc70e92f87a5e50f84187ed8d570b810c807d6f
GET /template/company/duote-xiazai/js/index.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e97-223b"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 33db5499343abb12f6c7d980cfdf5af0
ca9f7d2be1dd0f229f709b2effd22d57413fc7d4
3ca1208b56597372cccafd9817375f08e7e85ab84b310cb882ff8a76bac1c388
GET /template/company/duote-xiazai/js/soft_comment.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-f1c"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/new_global.js
154.218.151.71200 OK 592 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/new_global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 232fd4a41f68cb95c02a365b6aca84e9
4d17747184f32abc1b922759c510bdbab4eccedd
0d50c1f4db8f330ef99775e40dadb29b531eb33314540560567b1f2623d4885e
GET /template/company/duote-xiazai/js/new_global.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9d-685"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
154.218.151.71200 OK 577 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d2fd0ff89c3e773f8cfb6e5e57ae2909
537114b9b969f30770ba619a17d217bb69efb759
9665a3c5c2aa7e032819815b24dccc0dd5fbfbbef8876d7d42dfe2751e06d8f7
GET /template/company/duote-xiazai/js/clickdown_stat_ajax.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-57a"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d611e649e138d81ca6cb6658561dfa34
74db60310006b15d9814626a32a102e6c051e9ed
f648a2f552b3425274287bac44a88f639420356d0389695ff45a3c780c3d8455
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 13 Jan 2023 20:49:16 GMT
Ali-Swift-Global-Savetime: 1673642956
Via: cache9.l2de2[235,234,200-0,M], cache9.l2de2[236,0], cache3.se1[257,257,200-0,M], cache3.se1[258,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 20:49:16 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716736429567112327e
union2.50bang.org/js/duoteall
180.101.190.124200 OK 370 B URL HTTP/1.1 union2.50bang.org/js/duoteall
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
File type ASCII text, with very long lines (370), with no line terminators
Hash 92d58ede6b5c79fceb5702914e48cc34
7f5f83c8348f7889b43d4ea28201870a18c8c2d3
0c30f93db421ac2aef463b70c4fa2d3dd5869953cd895e23d2612ebe3d51e603
GET /js/duoteall HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Length: 370
12803.url.tudown.com/template/company/duote-xiazai/images/stars.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/stars.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/stars.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:35 GMT
Connection: keep-alive
ETag: "63676e8f-199"
Accept-Ranges: bytes
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.206301 Moved Permanently 262 B URL HTTP/1.1 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.206:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://www.2345.com/js/index/activity/20171111/widget.min.js
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Via: cache1.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9516736429569918325e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d611e649e138d81ca6cb6658561dfa34
74db60310006b15d9814626a32a102e6c051e9ed
f648a2f552b3425274287bac44a88f639420356d0389695ff45a3c780c3d8455
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 20:49:17 GMT
Last-Modified: Fri, 13 Jan 2023 07:12:31 GMT
ETag: "63c1045f-1d7"
Expires: Sun, 15 Jan 2023 07:12:31 GMT
Cache-Control: max-age=123794
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673642957
Via: cache5.l2de2[455,454,200-0,M], cache5.l2de2[456,0], cache8.se1[477,477,200-0,M], cache8.se1[478,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 20:49:17 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16736429566666608e
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e455d2ff67e7203c5c67a8983d09df24
11930b9d4c63193c620cf27627bd5492b5dfee4e
c51a42ef7795832e1f15be91e81127670179ed5cfd053c9a53bb4581ada61adf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C51A42EF7795832E1F15BE91E81127670179ED5CFD053C9A53BB4581ADA61ADF"
Last-Modified: Thu, 12 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14419
Expires: Sat, 14 Jan 2023 00:49:36 GMT
Date: Fri, 13 Jan 2023 20:49:17 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3657
Expires: Fri, 13 Jan 2023 21:50:14 GMT
Date: Fri, 13 Jan 2023 20:49:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb840d484-56de-4f38-ad4b-0cb93e4b1274.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb840d484-56de-4f38-ad4b-0cb93e4b1274.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c276d1876bfcc6ec4dfb94bcdd2f6c8
177a80d7d4d3fc273a712cada41abdd87b138a6c
abceeefeec2fc658e285a2898e38a36643501bfa1d66f33e216f100e456a8c06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb840d484-56de-4f38-ad4b-0cb93e4b1274.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8785
x-amzn-requestid: 4844b27a-1080-4d95-9a35-c8ab7cdd9acb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eph7sEajoAMF_gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07d17-2520efc6579a4fbc25cdb515;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RKH9tjX9MxE-NWDVWa4KZqrXKnzx-2200m_vm18DyYeWII0U6NgsVA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 22:00:02 GMT
etag: "177a80d7d4d3fc273a712cada41abdd87b138a6c"
content-type: image/jpeg
age: 82155
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d611e649e138d81ca6cb6658561dfa34
74db60310006b15d9814626a32a102e6c051e9ed
f648a2f552b3425274287bac44a88f639420356d0389695ff45a3c780c3d8455
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 20:49:17 GMT
Last-Modified: Fri, 13 Jan 2023 07:12:31 GMT
ETag: "63c1045f-1d7"
Expires: Sun, 15 Jan 2023 07:12:31 GMT
Cache-Control: max-age=123794
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673642957
Via: cache26.l2de2[462,462,200-0,M], cache26.l2de2[463,0], cache3.se1[485,484,200-0,M], cache3.se1[486,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 20:49:17 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716736429566872288e
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba61442e6ededd7b49f6244613df0e63
385f45b5920174ca20bcc2d9c02eedb4641f48a9
5e5cd1fd026dc72d0c3c5032fbae17f3383c64ee2714808c892c094353f31012
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7792e19-fdcf-4706-b221-7d3353e6b9ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5990
x-amzn-requestid: 54a83ca0-eb61-4212-8c98-e1e182b860ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsZiEeBoAMF7kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2770-3565b4d43d28ee3c0fd16ed0;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SUICoi37lPgXPQu4PTLCmc-6l2G9SHKz8f2qhZgHBMEbuuSi5zMiaQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 03:38:24 GMT
age: 61853
etag: "385f45b5920174ca20bcc2d9c02eedb4641f48a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
150.138.98.224200 OK 20 B URL HTTP/2 s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
IP 150.138.98.224:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1277770517&web_id=1277770517 HTTP/1.1
Host: s5.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Fri, 13 Jan 2023 20:36:34 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Fri, 13 Jan 2023 20:36:34 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1673642194
via: cache80.l2cn3032[0,0,200-0,H], cache17.l2cn3032[1,0], ens-cache32.cn4461[0,0,200-0,H], ens-cache11.cn4461[0,0]
age: 763
x-cache: HIT TCP_MEM_HIT dirn:9:256744272
x-swift-savetime: Fri, 13 Jan 2023 20:36:46 GMT
x-swift-cachetime: 3588
timing-allow-origin: *
eagleid: 968a629f16736429570587630e
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd84f54-ebf2-41ef-8410-e13aa2b1ac20.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd84f54-ebf2-41ef-8410-e13aa2b1ac20.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 697ff76a0e75f868952156aacd36f8f4
2c36581bbf7c2b8035d4c95897822458dafa9b7a
213a7e73d3bd2a497cb3f8faf84ce2d10d30024c71fd31d73fa18c6046568d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdd84f54-ebf2-41ef-8410-e13aa2b1ac20.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7635
x-amzn-requestid: 1f02b2ae-883b-4c53-a943-f3cd2c04b445
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecadbH_VIAMF6uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3def-763829210f35765b6753a16b;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 22:04:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4KiOyhD7CmNurgLvBM1MYL1VqFuZZ9WhRadEsm0eXf5MUI6e-3HC2Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 12:26:51 GMT
age: 30146
etag: "2c36581bbf7c2b8035d4c95897822458dafa9b7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 06:50:08 GMT
age: 50349
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e514f1b711f68a1699f9d0d269ca9a8a
71621fabcc4ae2a8c3180e22e63fac1217c4032f
cc10cadc4477cc6faa1973343b9019b1b4bc94e5ec9fab114a4b755f24872f35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa56e9680-25b8-493c-8831-f933aca26e52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9697
x-amzn-requestid: 6279e4e0-7268-422a-878c-3983bffa37d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: edG9MHqjoAMF3dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb8521-59063fac03eb407d74cabd38;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 03:08:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LdM05QUvlJcxt8IaDM9Wr4_CM5-SrhsBRAkVcdkVxNiyrJveNFHK9g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 05:12:42 GMT
age: 56195
etag: "71621fabcc4ae2a8c3180e22e63fac1217c4032f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
154.218.151.71200 OK 63 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 827609f4f6b6dbef37e7bbb2c6cb8535
09929f83133df43c4ec28623065e3af7647a1f11
f7f82084b7a593e189a56487ea3179a61e6d8c93ec6ffdfada18e8c5e8863375
GET /template/company/duote-xiazai/js/keyword_new.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: application/javascript
Content-Length: 63
Last-Modified: Sun, 06 Nov 2022 08:21:47 GMT
Connection: keep-alive
ETag: "63676e9b-3f"
Expires: Sat, 14 Jan 2023 08:49:17 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6934d824-7534-44bc-aa4b-a15b6eb4c9c8.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6934d824-7534-44bc-aa4b-a15b6eb4c9c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb3062f9905c7c6f159cd203f5fdfe64
bcf17c475a27fae03369d1677dc0bedf6793e6b2
33dc1a810207f498c28b764cc26afa00b16594629ae6777957ccffd8e2c51f8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6934d824-7534-44bc-aa4b-a15b6eb4c9c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9432
x-amzn-requestid: 2835c1c8-0a8e-4985-be89-d641d5425971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eph50HONIAMF3vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c07d0b-53c6156514cdb1a463add03b;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EOLxwKB_KBf_zkLlBLFn9nrDGM-FfONoTWUGR2093kLhka3wkb6yhg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 12 Jan 2023 22:02:02 GMT
age: 82035
etag: "bcf17c475a27fae03369d1677dc0bedf6793e6b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d611e649e138d81ca6cb6658561dfa34
74db60310006b15d9814626a32a102e6c051e9ed
f648a2f552b3425274287bac44a88f639420356d0389695ff45a3c780c3d8455
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 13 Jan 2023 20:49:17 GMT
Ali-Swift-Global-Savetime: 1673642957
Via: cache12.l2de2[468,468,200-0,M], cache12.l2de2[469,0], cache2.se1[492,491,200-0,M], cache2.se1[493,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 20:49:17 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616736429566985200e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash d611e649e138d81ca6cb6658561dfa34
74db60310006b15d9814626a32a102e6c051e9ed
f648a2f552b3425274287bac44a88f639420356d0389695ff45a3c780c3d8455
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 20:49:17 GMT
Last-Modified: Fri, 13 Jan 2023 07:12:31 GMT
ETag: "63c1045f-1d7"
Expires: Sun, 15 Jan 2023 07:12:31 GMT
Cache-Control: max-age=123794
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673642957
Via: cache8.l2de2[468,467,200-0,M], cache8.l2de2[469,0], cache7.se1[491,491,200-0,M], cache7.se1[493,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 20:49:17 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16736429567093031e
12803.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
154.218.151.71200 OK 738 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1755)
Hash 941e223b206b2f389ba88e5c62146e05
1ea47333441413a3afd2fbc6e335810513cd3b5f
c0034343dbd842fc5ba9dfae6be7145ec000eb017fc0ca9a7fd6e245811df660
GET /template/company/duote-xiazai/js/scrollbar.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9e-707"
Expires: Sat, 14 Jan 2023 08:49:17 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img4.duote.com/duoteimg/js/front_ad.js
222.186.17.199200 OK 0 B URL HTTP/2 img4.duote.com/duoteimg/js/front_ad.js
IP 222.186.17.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /duoteimg/js/front_ad.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 0
date: Thu, 12 Jan 2023 14:15:38 GMT
x-oss-request-id: 63C0160AD2368136310F1F13
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D41D8CD98F00B204E9800998ECF8427E"
last-modified: Wed, 02 Sep 2020 01:55:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 0
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 1B2M2Y8AsgTpgAmY7PhCfg==
ali-swift-global-savetime: 1673532938
via: cache8.l2cn3037[0,0,200-0,H], cache17.l2cn3037[1,0], ens-vcache22.cn5274[0,0,200-0,H], ens-vcache24.cn5274[1,0]
age: 110019
x-cache: HIT TCP_MEM_HIT dirn:9:131780256
x-swift-savetime: Fri, 13 Jan 2023 05:19:47 GMT
x-swift-cachetime: 15497751
timing-allow-origin: *
eagleid: deba11ab16736429571277894e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
222.186.17.199200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 9429cb260cbf87e528d14cf6baaf2b5b
eb067540c3b93c515efbc46b5a1cb4c7bcb16ff7
4cce9443159a3c082fbf59610efbf5ef9b92d5422bce4bbe8ef43d1bcc8d0475
GET /duoteimg/zhuanti/comment/images/4.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1706
date: Tue, 18 Oct 2022 08:31:25 GMT
x-oss-request-id: 634E645DC8A4583832C601BC
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "9429CB260CBF87E528D14CF6BAAF2B5B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 875222251737355829
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: lCnLJgy/h+Uo0Uz2uq8rWw==
x-oss-server-time: 142
ali-swift-global-savetime: 1666081885
via: cache78.l2cn3037[0,0,200-0,H], cache63.l2cn3037[1,0], ens-vcache26.cn5274[0,0,200-0,H], ens-vcache24.cn5274[2,0]
age: 7561072
x-cache: HIT TCP_MEM_HIT dirn:3:356433063
x-swift-savetime: Mon, 02 Jan 2023 06:11:46 GMT
x-swift-cachetime: 8993979
timing-allow-origin: *
eagleid: deba11ab16736429571347895e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
222.186.17.199200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 15c10a442a7bd8384cd17ed420cf21e9
477ba29d0b04ec0a2950d715b58abe2db4d68cdd
153b9c74c5a92e7ec480365537cd43c9973840f3b6c72dad3032f5aeb0a4d30e
GET /duoteimg/zhuanti/comment/images/8.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1788
date: Tue, 18 Oct 2022 05:04:16 GMT
x-oss-request-id: 634E33D0BA82AD3033A4E1BB
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "15C10A442A7BD8384CD17ED420CF21E9"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10105978504471775518
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: FcEKRCp72DhM0X7UIM8h6Q==
x-oss-server-time: 139
ali-swift-global-savetime: 1666069456
via: cache70.l2cn3037[0,0,200-0,H], cache74.l2cn3037[1,0], ens-vcache23.cn5274[0,0,200-0,H], ens-vcache24.cn5274[1,0]
age: 7573501
x-cache: HIT TCP_MEM_HIT dirn:11:307764279
x-swift-savetime: Wed, 11 Jan 2023 22:18:28 GMT
x-swift-cachetime: 8145948
timing-allow-origin: *
eagleid: deba11ab16736429571357898e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
222.186.17.199200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 52c2ef213baaff54c731557b999a0bf7
804e7ac80e4255b27247350265bbc92ce8d075bb
6bc6cc4739fbf0b9257b84549097c06651f82bcb2edef386710f4bb88e5b1676
GET /duoteimg/zhuanti/comment/images/9.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1733
date: Fri, 09 Dec 2022 13:25:13 GMT
x-oss-request-id: 63933739960DF237391E4EA8
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "52C2EF213BAAFF54C731557B999A0BF7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7207152638915174298
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: UsLvITuq/1THMVV7mZoL9w==
x-oss-server-time: 46
ali-swift-global-savetime: 1670592313
via: cache35.l2cn3037[0,0,200-0,H], cache42.l2cn3037[0,0], ens-vcache10.cn5274[0,0,200-0,H], ens-vcache24.cn5274[1,0]
age: 3050644
x-cache: HIT TCP_MEM_HIT dirn:3:379469111
x-swift-savetime: Wed, 11 Jan 2023 22:16:34 GMT
x-swift-cachetime: 12668919
timing-allow-origin: *
eagleid: deba11ab16736429571357897e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250
154.218.151.71200 OK 3.5 kB URL HTTP/1.1 12803.url.tudown.com/uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 0b272865b931d7cfab7bfe782830ddd4
4c4c4035f4affc241a0ce63ce88dc09e2409c9f2
8948ca81266e22f7fc964a94dca0732959723a13ef8818daa286c20c13da5adf
GET /uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250 HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12803.url.tudown.com/uploads/images/619081.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/619081.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/619081.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2246418931,1080345835&fm=224&app=112&f=JPEG?w=396&h=500
t14.baidu.com/it/u=2246418931,1080345835&fm=224&app=112&f=JPEG?w=396&h=500
185.10.104.124200 OK 67 kB URL HTTP/1.1 t14.baidu.com/it/u=2246418931,1080345835&fm=224&app=112&f=JPEG?w=396&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 396x500, components 3\012- data
Hash 848056f51ee4138731b0fe4966922112
a1283f05e66ba713c5c92fb92638fd228e52400d
9cba801b5362cbbf72d50e79d1ca96884bd0d032897258efe0a048db8b167ee3
GET /it/u=2246418931,1080345835&fm=224&app=112&f=JPEG?w=396&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/jpeg
Content-Length: 66613
Connection: keep-alive
Expires: Tue, 07 Feb 2023 21:08:41 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 848056f51ee4138731b0fe4966922112
Age: 392440
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 21:08:41 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache57 [1], wzix88 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 66613
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
180.101.199.241404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 180.101.199.241:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Fri, 13 Jan 2023 20:49:17 GMT
ali-swift-global-savetime: 1673642957
via: cache78.l2cn3037[20,20,404-1280,M], cache3.l2cn3037[22,0], cache3.l2cn3037[22,0], vcache27.cn4733[67,67,404-1280,M], vcache1.cn4733[69,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Fri, 13 Jan 2023 20:49:17 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: b465c71516736429570232769e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/603417.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/603417.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/603417.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2326538388,63073338&fm=253&fmt=auto&app=138&f=GIF?w=500&h=623
img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
222.186.17.199200 OK 2.1 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 8535863eee1ae5dfffa4f25a79cffa10
ae60588f804b611794c725429927f1a37c31a6e5
13fd5ae010e7d97dc637a2ec0537a28a8d74dac1f1480fa87279ae226e13e535
GET /duoteimg/zhuanti/comment/images/10.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2105
date: Wed, 07 Dec 2022 22:38:17 GMT
x-oss-request-id: 639115D9EBE1D337378BAB5F
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "8535863EEE1AE5DFFFA4F25A79CFFA10"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 720901678692586227
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: hTWGPu4a5d//pPJaec/6EA==
x-oss-server-time: 93
ali-swift-global-savetime: 1670452697
via: cache6.l2cn3037[0,0,200-0,H], cache62.l2cn3037[2,0], ens-vcache18.cn5274[0,0,200-0,H], ens-vcache24.cn5274[2,0]
age: 3190260
x-cache: HIT TCP_MEM_HIT dirn:9:29257466
x-swift-savetime: Mon, 02 Jan 2023 06:11:38 GMT
x-swift-cachetime: 13364799
timing-allow-origin: *
eagleid: deba11ab16736429571357896e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
222.186.17.199200 OK 1.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 56bd697fdac1de3dbe8d4dd53e309a9b
215d4fead2dbf7bf6aeea1136749675cc5034f9e
7acdc1e69fd8d2c578ccf122054b7dab5a58a59caa255cd5585d45956136f4a3
GET /duoteimg/zhuanti/comment/images/7.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1495
date: Wed, 27 Jul 2022 14:00:56 GMT
x-oss-request-id: 62E1451844A24C3331B8E6EA
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "56BD697FDAC1DE3DBE8D4DD53E309A9B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6398064933782332215
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Vr1pf9rB3j2+jU3VPjCamw==
x-oss-server-time: 53
ali-swift-global-savetime: 1658930456
via: cache67.l2cn3037[0,0,200-0,H], cache58.l2cn3037[1,0], ens-vcache5.cn5274[0,0,200-0,H], ens-vcache24.cn5274[1,0]
age: 14712501
x-cache: HIT TCP_MEM_HIT dirn:9:130338843
x-swift-savetime: Mon, 02 Jan 2023 06:11:43 GMT
x-swift-cachetime: 1842553
timing-allow-origin: *
eagleid: deba11ab16736429571377899e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
222.186.17.199200 OK 3.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash eb575dd556470ae55acfa8350f63f3ab
5ded8852598c3cb4ff9130d24b1b7b03c558d14e
0be355d4a20f70a41fef403a817d2d27a1c5122fa1b58ef04dc884fb9a12ed7a
GET /duoteimg/zhuanti/comment/images/6.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3468
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E144616F52933834F154DF
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "EB575DD556470AE55ACFA8350F63F3AB"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17858666986198953545
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 61dd1VZHCuVaz6g1D2Pzqw==
x-oss-server-time: 86
ali-swift-global-savetime: 1658930273
via: cache39.l2cn3037[0,0,200-0,H], cache50.l2cn3037[1,0], ens-vcache13.cn5274[0,0,200-0,H], ens-vcache24.cn5274[0,0]
age: 14712684
x-cache: HIT TCP_MEM_HIT dirn:12:430045190
x-swift-savetime: Mon, 02 Jan 2023 06:11:37 GMT
x-swift-cachetime: 1842376
timing-allow-origin: *
eagleid: deba11ab16736429571387900e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
222.186.17.199200 OK 1.0 kB URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
IP 222.186.17.199:0
Hash 8c6a6de562181b71d2867e2711f31df9
6e3aed7b36431b15293f6a3a1c66567a6fec5334
f65233dc7f87033f78a736238467c78ce1973af259b67f932c285a0f180174ee
GET /duoteimg/dtnew_assets/pc/js/soft/auto_complete.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 1015
date: Wed, 19 Oct 2022 02:18:07 GMT
vary: Accept-Encoding
x-oss-request-id: 634F5E5F9F5C5134319809A9
x-oss-cdn-auth: success
last-modified: Wed, 19 Oct 2022 02:15:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3181168464323094172
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVRiBgICaq4y4nxgiIDJjNjljMDkwMWY0MjQ4N2JhZTA2NmEwOWJkZmNhMWYx
content-md5: 5qfmF/GrELbus726BAkyLQ==
x-oss-server-time: 11
content-encoding: gzip
ali-swift-global-savetime: 1666145887
via: cache71.l2cn3037[0,0,200-0,H], cache1.l2cn3037[1,0], ens-vcache29.cn5274[0,0,200-0,H], ens-vcache24.cn5274[1,0]
age: 7497070
x-cache: HIT TCP_MEM_HIT dirn:11:296498382
x-swift-savetime: Sun, 01 Jan 2023 07:31:10 GMT
x-swift-cachetime: 9139617
timing-allow-origin: *
eagleid: deba11ab16736429573047929e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
222.186.17.199200 OK 895 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
IP 222.186.17.199:0
Hash f8f676d38231dad63dfc1144b4739051
978c21f9675780eb755412efc1ddc8fe098c5d7f
2ab62b8459e616fbc36456facba7af14984e90a3a5522a317d46cdb6f133f871
GET /duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 895
date: Thu, 08 Dec 2022 06:30:46 GMT
x-oss-request-id: 63918496AFFD703338923AEB
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "4C7F46FF62D37B2CC7456F8F9EB96611"
last-modified: Thu, 10 Sep 2020 02:00:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13670043018340852857
x-oss-storage-class: Standard
x-oss-meta-mode: 33188
x-oss-meta-mtime: 1599017058
x-oss-expiration: expiry-date="Fri, 11 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
vary: Accept-Encoding
content-md5: TH9G/2LTeyzHRW+PnrlmEQ==
x-oss-server-time: 24
content-encoding: gzip
ali-swift-global-savetime: 1670481046
via: cache8.l2cn3037[0,0,200-0,H], cache8.l2cn3037[1,0], ens-vcache24.cn5274[0,0,200-0,H], ens-vcache24.cn5274[2,0]
age: 3161911
x-cache: HIT TCP_MEM_HIT dirn:12:169637919
x-swift-savetime: Sun, 01 Jan 2023 07:02:50 GMT
x-swift-cachetime: 13476476
timing-allow-origin: *
eagleid: deba11ab16736429573997963e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/js/baidu_js_push.js
222.186.17.199200 OK 359 B URL HTTP/2 img4.duote.com/duoteimg/js/baidu_js_push.js
IP 222.186.17.199:0
File type ASCII text, with CRLF line terminators
Hash f63ef5e096ef52af0cb95b8d2f3fda32
8d6dcc307c816618f7b26e1482d16d447f382e51
e0679eaf3f94f9353f167a1ebe1a8424c61631cc9be2d5a5445ba35e77f58932
GET /duoteimg/js/baidu_js_push.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 359
date: Mon, 19 Dec 2022 17:16:09 GMT
x-oss-request-id: 63A09C59AFFD70313763EF54
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "F63EF5E096EF52AF0CB95B8D2F3FDA32"
last-modified: Tue, 21 Jun 2022 08:41:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2603761381065918884
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Wed, 22 Jun 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQUxiBgID4uNiVjBgiIDdjODgyMTExYzA2OTQ5NmU4NjMxZTI4MDZmMTc2NGEx
content-md5: 9j714JbvUq8MuVuNLz/aMg==
x-oss-server-time: 5
ali-swift-global-savetime: 1671470169
via: cache17.l2cn3037[0,0,200-0,H], cache43.l2cn3037[1,0], ens-vcache19.cn5274[0,0,200-0,H], ens-vcache24.cn5274[2,0]
age: 2172788
x-cache: HIT TCP_MEM_HIT dirn:12:232271878
x-swift-savetime: Sun, 01 Jan 2023 05:15:12 GMT
x-swift-cachetime: 14472057
timing-allow-origin: *
eagleid: deba11ab16736429573997964e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
222.186.17.199200 OK 361 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
IP 222.186.17.199:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (361), with no line terminators
Hash d7877f2308efe72c7913b65816859daa
755606b601ae85ebcbf0dd47660fb028d1bf30d7
3af5e226f01cd0faf44433ba44517cc6b0fe9596de061a613c8d719227cc2c1a
GET /duoteimg/dtnew_recom_img/duoteself/softdown_1.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 361
date: Wed, 04 Jan 2023 10:48:37 GMT
x-oss-request-id: 63B55985341EC4383238B58D
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D7877F2308EFE72C7913B65816859DAA"
last-modified: Wed, 04 Jan 2023 09:53:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13587884656729146177
x-oss-storage-class: Standard
x-oss-meta-mtime: 1672826010
x-oss-expiration: expiry-date="Thu, 05 Jan 2023 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVxiBgMCnu.bwqxgiIGMwYmRlOGE3NDQ3MjQxYmY4Y2NiYWYyOWExMzU2Zjdi
content-md5: 14d/Iwjv5yx5E7ZYFoWdqg==
x-oss-server-time: 26
ali-swift-global-savetime: 1672829317
via: cache42.l2cn3037[0,0,200-0,H], cache35.l2cn3037[1,0], ens-vcache1.cn5274[0,0,200-0,H], ens-vcache24.cn5274[15,0]
age: 813640
x-cache: HIT TCP_MEM_HIT dirn:12:207588523
x-swift-savetime: Wed, 04 Jan 2023 11:29:37 GMT
x-swift-cachetime: 15549540
timing-allow-origin: *
eagleid: deba11ab16736429573997962e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/821204.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/821204.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/821204.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3105392263,1108592492&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
154.218.151.71200 OK 80 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32074), with CRLF line terminators
Hash e81ec1034a64ade1aa8b290326108e91
67aa74b0a4d0039f59acacca2ee6eee5ebaa312e
825cd708c0562c4b038d007351af36e0c4b34a32c0a1e8fd5852206417cbf94e
GET /template/company/duote-xiazai/js/jquery-ui.min.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:16 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-3def1"
Expires: Sat, 14 Jan 2023 08:49:16 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/uploads/images/761674.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/761674.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/761674.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4008707840,4002467664&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/90883.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/90883.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/90883.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2888676926,1615046479&fm=253&fmt=auto&app=138&f=JPEG?w=160&h=224
img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
222.186.17.199200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash daaa6d71e871eec644788b703b718bd8
8fadc0f0070931b2f807159e87b82bc2269b467a
6d31802a2485e9ff603aa0ec2528c96590e9d4c5ac8961ddf8a9c3fe3bb5c0b8
GET /duoteimg/zhuanti/comment/images/2.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1668
date: Thu, 08 Dec 2022 04:58:24 GMT
x-oss-request-id: 63916EF0AFE0263732939158
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "DAAA6D71E871EEC644788B703B718BD8"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17840225992830112301
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 2qptcehx7sZEeItwO3GL2A==
x-oss-server-time: 61
ali-swift-global-savetime: 1670475504
via: cache46.l2cn2641[0,0,200-0,H], cache43.l2cn2641[1,0], ens-vcache22.cn5274[0,0,200-0,H], ens-vcache24.cn5274[1,0]
age: 3167453
x-cache: HIT TCP_MEM_HIT dirn:11:321861702
x-swift-savetime: Sun, 01 Jan 2023 13:23:50 GMT
x-swift-cachetime: 13448074
timing-allow-origin: *
eagleid: deba11ab16736429575738005e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
222.186.17.199200 OK 2.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash a7bff4f63a973a68e2d98ee780d9e29e
4c87d92faf82347bb122c2ad0e74e166aec5c567
18e82892f579e1f63d003f7e8404754b775542d72ea2d677f61d8ed3c7dfd21c
GET /duoteimg/zhuanti/comment/images/5.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2768
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E14461DC81703736A9B209
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "A7BFF4F63A973A68E2D98EE780D9E29E"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11302870927342222426
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: p7/09jqXOmji2Y7ngNning==
x-oss-server-time: 33
ali-swift-global-savetime: 1658930273
via: cache19.l2cn3037[0,0,200-0,H], cache50.l2cn3037[1,0], ens-vcache22.cn5274[0,0,200-0,H], ens-vcache24.cn5274[1,0]
age: 14712684
x-cache: HIT TCP_MEM_HIT dirn:11:21016636
x-swift-savetime: Mon, 02 Jan 2023 06:11:39 GMT
x-swift-cachetime: 1842374
timing-allow-origin: *
eagleid: deba11ab16736429576198022e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
222.186.17.199200 OK 7.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 0dfec8a688ee97162d852f42a0fa2a23
a6bc13493b4f2471b72b9d9e8474a9889ad2f4cb
bfef5124ff15cc50ba2eb8e6c605541b642bb5c8c18a4c618ed248522f8d44e0
GET /duoteimg/zhuanti/comment/images/11.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 6979
date: Tue, 06 Dec 2022 22:52:39 GMT
x-oss-request-id: 638FC7B7AEF36B30351D8998
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0DFEC8A688EE97162D852F42A0FA2A23"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5501157311881781066
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Df7IpojulxYthS9CoPoqIw==
x-oss-server-time: 112
ali-swift-global-savetime: 1670367159
via: cache80.l2cn3037[0,0,200-0,H], cache74.l2cn3037[1,0], ens-vcache9.cn5274[0,0,200-0,H], ens-vcache24.cn5274[1,0]
age: 3275798
x-cache: HIT TCP_MEM_HIT dirn:12:463736174
x-swift-savetime: Mon, 02 Jan 2023 06:11:41 GMT
x-swift-cachetime: 13279258
timing-allow-origin: *
eagleid: deba11ab16736429576628031e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
222.186.17.199200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 26df8be954a888cd2b29429bcc7d91de
2fa6246adde0616962ed672907c5da94893ce35e
9c73781c61d66f4af9043f08da67a47653fe9662e0aabd4cfa133cfbe55eaa76
GET /duoteimg/zhuanti/comment/images/1.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1771
date: Wed, 27 Jul 2022 11:55:49 GMT
x-oss-request-id: 62E127C580647F3533AA2514
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "26DF8BE954A888CD2B29429BCC7D91DE"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7119512290700278717
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Jt+L6VSoiM0rKUKbzH2R3g==
x-oss-server-time: 68
ali-swift-global-savetime: 1658922949
via: cache50.l2cn3037[0,0,200-0,H], cache39.l2cn3037[1,0], ens-vcache12.cn5274[0,0,200-0,H], ens-vcache24.cn5274[1,0]
age: 14720008
x-cache: HIT TCP_MEM_HIT dirn:12:353901589
x-swift-savetime: Mon, 02 Jan 2023 06:11:45 GMT
x-swift-cachetime: 1835044
timing-allow-origin: *
eagleid: deba11ab16736429576678033e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
222.186.17.199200 OK 2.6 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
IP 222.186.17.199:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 74dc1aa4f1e4f7219da7ad597c91b8e7
bfda85aaa1fd81b79b792ee83cd448cd2cde5005
733f3dc6aa38aaad278d72cbef942326c77b0f872727e5971cc8fb9b3b683efe
GET /duoteimg/zhuanti/comment/images/12.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2575
date: Sat, 10 Dec 2022 02:48:42 GMT
x-oss-request-id: 6393F38A28E01236303D13AE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "74DC1AA4F1E4F7219DA7AD597C91B8E7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17001896356624891276
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: dNwapPHk9yGdp61ZfJG45w==
x-oss-server-time: 48
ali-swift-global-savetime: 1670640522
via: cache34.l2cn3037[0,0,200-0,H], cache78.l2cn3037[1,0], ens-vcache18.cn5274[0,0,200-0,H], ens-vcache24.cn5274[1,0]
age: 3002435
x-cache: HIT TCP_MEM_HIT dirn:9:263110186
x-swift-savetime: Mon, 02 Jan 2023 06:11:40 GMT
x-swift-cachetime: 13552622
timing-allow-origin: *
eagleid: deba11ab16736429576828037e
X-Firefox-Spdy: h2
12803.url.tudown.com/common/ipnotice/
154.218.151.71200 OK 17 kB URL HTTP/1.1 12803.url.tudown.com/common/ipnotice/
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash b142b90a3c93b5780d9bbc9fe544fc43
597deda61bf9af05b461c0d9fb99e1f65e1c2d22
4054b36dfe04987842133a11428de59be2581fb4c2a83d308eddef4a7c1aac7b
GET /common/ipnotice/ HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/uploads/images/719759.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/719759.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/719759.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3854236692,1098192838&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
12803.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/soft-down.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:32 GMT
Connection: keep-alive
ETag: "63676e8c-199"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/softfastdownbtn.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:33 GMT
Connection: keep-alive
ETag: "63676e8d-199"
Accept-Ranges: bytes
12803.url.tudown.com/uploads/images/21629.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/21629.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/21629.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=597796126,2190243643&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/692649.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/692649.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/692649.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=164423245,1478100639&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/165650.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/165650.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/165650.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:17 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3557108674,2596093384&fm=253&fmt=auto&app=138&f=JPEG?w=642&h=500
t13.baidu.com/it/u=164423245,1478100639&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 50 kB URL HTTP/1.1 t13.baidu.com/it/u=164423245,1478100639&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e31e4063fda82cb2a9a484ff790a795a
66c90e36e616ebb2a01584c523b15968ac661471
b4a3e7c4a780d1137500ceef4ea0848bd7c548f5f856f872839cf732f4857786
GET /it/u=164423245,1478100639&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpeg
Content-Length: 49778
Connection: keep-alive
Expires: Fri, 03 Feb 2023 14:15:51 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: e31e4063fda82cb2a9a484ff790a795a
Age: 8170
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 14:15:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache63 [1], bdix135 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 49778
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=597796126,2190243643&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 53 kB URL HTTP/1.1 t13.baidu.com/it/u=597796126,2190243643&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a847e9383fb727ce8c5a2190594e18cb
c74ec435acd19d56c02c07b5cdaed115062e528a
88f0e9742191b9eb36e97eeb25d939aed28f68c737b1e4f1365b1f3351efe071
GET /it/u=597796126,2190243643&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpeg
Content-Length: 52758
Connection: keep-alive
Expires: Sat, 04 Feb 2023 09:51:55 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: a847e9383fb727ce8c5a2190594e18cb
Age: 170661
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 09:51:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache52 [1], xiangyix161 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 52758
X-Cache-Status: HIT
Timing-Allow-Origin: *
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 5b94c0648153a97963759599907d19bb
d2fe22fc0092aba047a2960630bddb4033083818
afaf429b95d541c5d3f6f7f1c918090c05357299b093022ebad4aa63e01d97e9
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 13 Jan 2023 20:39:39 GMT
last-modified: Thu, 12 Jan 2023 04:39:52 GMT
expires: Thu, 19 Jan 2023 04:39:51 GMT
etag: "d2fe22fc0092aba047a2960630bddb4033083818"
cache-control: max-age=591854,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb1
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7890f144fb2b91e7-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673642379
via: cache9.l2de2[191,191,304-0,M], cache20.l2de2[192,0], cache8.se1[0,0,200-0,H], cache4.se1[2,0], cache3.se1[5,0]
age: 579
x-cache: HIT TCP_MEM_HIT dirn:11:31856323
x-swift-savetime: Fri, 13 Jan 2023 20:39:39 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9716736429581153679e, 2ff62c9716736429581153679e
12803.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cc3e19fad8a144bf1e7bf400678f99cb
6ac3ec9a26fdec416640a98d24564ddee9886999
1725f9122ad4ec5075cd0967aef3ef5aff312d90e17a33b854d71434f7cbba4c
GET /template/company/duote-xiazai/images/icon-sprites.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/png
Content-Length: 1160
Last-Modified: Sun, 06 Nov 2022 08:21:18 GMT
Connection: keep-alive
ETag: "63676e7e-488"
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 469709f3b734a0f29c16c7411637ae8d
a46af0400186057c3538c0cdd1c182064e1a947d
3bfca407e8df661d2f36f060a6c5ee9ca05b04952005c9efa2709645fd0fe078
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 17 Jan 2023 19:50:26 GMT
ETag: "a46af0400186057c3538c0cdd1c182064e1a947d"
Last-Modified: Fri, 13 Jan 2023 19:50:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1705
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7890ff68b8e9b50c-OSL
12803.url.tudown.com/template/company/duote-xiazai/images/like.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/like.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/like.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:22 GMT
Connection: keep-alive
ETag: "63676e82-199"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/dislike.png
154.218.151.71200 OK 295 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/dislike.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 16 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash a23e4dc6044953a149d0eb87aa9df5a4
48ab906d07b8d3265c0de7255d41d5352df29b9d
0342c264fcaac6c9fb4c0ea801d56145043dcd37613bddc633a6333c783eb2b9
GET /template/company/duote-xiazai/images/dislike.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/png
Content-Length: 295
Last-Modified: Sun, 06 Nov 2022 08:21:09 GMT
Connection: keep-alive
ETag: "63676e75-127"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/left.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/left.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/left.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:20 GMT
Connection: keep-alive
ETag: "63676e80-199"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/images/right.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/right.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/right.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:30 GMT
Connection: keep-alive
ETag: "63676e8a-199"
Accept-Ranges: bytes
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
180.101.199.241404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 180.101.199.241:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Fri, 13 Jan 2023 20:49:18 GMT
ali-swift-global-savetime: 1673642958
via: cache78.l2cn3037[28,28,404-1280,M], cache9.l2cn3037[29,0], cache9.l2cn3037[29,0], vcache27.cn4733[73,72,404-1280,M], vcache1.cn4733[74,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Fri, 13 Jan 2023 20:49:18 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: b465c71516736429580523504e
X-Firefox-Spdy: h2
t15.baidu.com/it/u=3105392263,1108592492&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 37 kB URL HTTP/1.1 t15.baidu.com/it/u=3105392263,1108592492&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 551eb5bc16e625cbee37678cf26a708e
4f79bc9ef5bcd0187d312b170d56689165e538fb
fb3a7077d60acd6b8917fe877c0fa91bb836700a6b2c603f38f9a1c1cb89eae7
GET /it/u=3105392263,1108592492&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpeg
Content-Length: 37179
Connection: keep-alive
Expires: Mon, 23 Jan 2023 10:37:38 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 551eb5bc16e625cbee37678cf26a708e
Age: 1259290
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 24 Dec 2022 10:37:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache56 [4], suzix85 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 37179
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/318159.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/318159.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/318159.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=856904635,2460205970&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12803.url.tudown.com/uploads/images/392988.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/392988.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/392988.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3127259885,3277928237&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=308
12803.url.tudown.com/uploads/images/284424.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/284424.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/284424.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1986515109,3178822468&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
12803.url.tudown.com/uploads/images/620573.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/620573.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/620573.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1877318472,482588290&fm=253&fmt=auto&app=138&f=JPEG?w=576&h=360
12803.url.tudown.com/uploads/images/919835.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/919835.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/919835.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=272990653,4117405755&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=424
12803.url.tudown.com/uploads/images/282353.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/282353.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/282353.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3532264608,1426129549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=755
12803.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 178 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e22e63af128066b4d249bec71934fa7
09313b9c9717d049883d7c82b3b87f1a4af28408
ea827b6f53f2f091eb1a9ab83c5f53c5f4215e5a14721037af0b50dc47ffe5b0
GET /template/company/duote-xiazai/images/newbtnbg.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/png
Content-Length: 1308
Last-Modified: Sun, 06 Nov 2022 08:21:23 GMT
Connection: keep-alive
ETag: "63676e83-51c"
Accept-Ranges: bytes
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 13 Jan 2023 20:49:18 GMT
Etag: "4078521116"
Expires: Sat, 13 Jan 2024 20:49:18 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=CA9EA27C8EACF488983C68D1C288860A:FG=1; max-age=31536000; expires=Sat, 13-Jan-24 20:49:18 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12803.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/biaoq-icon.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:07 GMT
Connection: keep-alive
ETag: "63676e73-199"
Accept-Ranges: bytes
img1.baidu.com/it/u=3127259885,3277928237&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=308
182.40.78.35200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=3127259885,3277928237&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=308
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 220x308, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df695a53f737817f882d68986cec8447
e80f9863c8d7876c6613e22e2b9b9b84654a966a
dffe7790fcfdbef6b126139e95b250a99e0a5225ac3252740f3dd82351892044
GET /it/u=3127259885,3277928237&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=308 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 18686
expires: Thu, 26 Jan 2023 23:49:03 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: df695a53f737817f882d68986cec8447
age: 70804
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 23:49:03 GMT
ohc-cache-hit: jn3ct64 [4], czix159 [4]
ohc-file-size: 18686
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3557108674,2596093384&fm=253&fmt=auto&app=138&f=JPEG?w=642&h=500
125.74.1.35200 OK 22 kB URL HTTP/2 img0.baidu.com/it/u=3557108674,2596093384&fm=253&fmt=auto&app=138&f=JPEG?w=642&h=500
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 642x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cdd18aca39bfd67bdc4c7bac423c1bb6
756113ba9816746825e2d5aa7fa69b9149f11854
6399ef7b27dafd616f44628b97d475a0c263c33450ccc156163e16d290c07b7f
GET /it/u=3557108674,2596093384&fm=253&fmt=auto&app=138&f=JPEG?w=642&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 22076
expires: Sun, 22 Jan 2023 08:16:50 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: cdd18aca39bfd67bdc4c7bac423c1bb6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 08:16:50 GMT
ohc-cache-hit: lz4ct59 [1], xaix101 [2]
ohc-file-size: 22076
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2888676926,1615046479&fm=253&fmt=auto&app=138&f=JPEG?w=160&h=224
182.40.78.35200 OK 5.4 kB URL HTTP/2 img1.baidu.com/it/u=2888676926,1615046479&fm=253&fmt=auto&app=138&f=JPEG?w=160&h=224
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x224, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eadaf45320190741a82ca4b365b4b535
5415d9417e9770c4565c69a748b18a4624bb7804
9108a61cc7c4cdad1f9b8b08211068a1c51b8e25e7fb6352d12c7720c983a20c
GET /it/u=2888676926,1615046479&fm=253&fmt=auto&app=138&f=JPEG?w=160&h=224 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 5426
expires: Wed, 18 Jan 2023 12:09:42 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: eadaf45320190741a82ca4b365b4b535
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 12:09:42 GMT
ohc-cache-hit: jn3ct77 [1], suzix220 [2]
ohc-file-size: 5426
x-cache-status: MISS
X-Firefox-Spdy: h2
static.mediav.com/js/mvf_g2.js
104.192.110.245200 OK 9.0 kB URL HTTP/1.1 static.mediav.com/js/mvf_g2.js
IP 104.192.110.245:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (25539), with no line terminators
Hash 1baf9fc7116527b1a41307a6653030ca
f854953834e70e842d0d3fe6c8966ffb38e16744
d601207a5fa9a6b11008bc0a5a295c46ed62707d4a4b7b04a276eef33c3dcbd3
GET /js/mvf_g2.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:41 GMT
Vary: Accept-Encoding
Expires: Sat, 14 Jan 2023 01:49:18 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc03.lato;HIT from w-sc02.bjyt
12803.url.tudown.com/uploads/images/283919.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/283919.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/283919.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=831380803,313941256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12803.url.tudown.com/uploads/images/583244.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/583244.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/583244.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1309074908,3776202822&fm=224&app=112&f=JPEG?w=500&h=500
img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
101.226.28.219200 OK 41 kB URL HTTP/1.1 img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
IP 101.226.28.219:0
ASN #4812 China Telecom Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 910x86, components 3\012- data
Hash f8f15f37c9961bc7463d1df83059d32c
7b4aa49eaed0106e8722fda960d4f397b78e7811
eb99269720c3ad25a285d1cae14a73f57a45ffe3e1f086f1e0a8351a83e62cc0
GET /duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg HTTP/1.1
Host: img4.runjiapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 41017
Connection: keep-alive
Date: Wed, 04 Jan 2023 09:53:50 GMT
x-oss-request-id: 63B54CAE8873C53939421D90
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "F8F15F37C9961BC7463D1DF83059D32C"
Last-Modified: Fri, 04 Sep 2020 08:59:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2768094505068467474
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Sat, 05 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
Content-MD5: +PFfN8mWG8dGPR34MFnTLA==
x-oss-server-time: 18
Ali-Swift-Global-Savetime: 1672826030
Via: cache45.l2cn1807[0,0,200-0,H], cache50.l2cn1807[0,0], vcache15.cn4757[0,0,200-0,H], vcache5.cn4757[0,0]
Age: 816928
X-Cache: HIT TCP_MEM_HIT dirn:10:251523674
X-Swift-SaveTime: Wed, 04 Jan 2023 09:55:49 GMT
X-Swift-CacheTime: 15551881
Timing-Allow-Origin: *
EagleId: 65e21c9916736429585034595e
12803.url.tudown.com/uploads/images/836484.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/836484.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/836484.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3293542830,4024451433&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=615
12803.url.tudown.com/uploads/images/123885.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/123885.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/123885.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4253269699,2089197554&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
12803.url.tudown.com/uploads/images/494713.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/494713.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/494713.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1606205587,4155654830&fm=253&fmt=auto&app=138&f=JPEG?w=630&h=500
img2.baidu.com/it/u=3911596080,670973521&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=738
125.74.110.35200 OK 86 kB URL HTTP/2 img2.baidu.com/it/u=3911596080,670973521&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=738
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x738, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a3ffea956f030d83d9224974ff9ec8d
cc07c6663ab39ed41162f5f6e1b1f4431a699e9d
1c969b90f7ec310d85649f6c1d8095544952fcbe32141a60518e7def28915078
GET /it/u=3911596080,670973521&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=738 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 86356
expires: Sat, 21 Jan 2023 16:29:23 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 3a3ffea956f030d83d9224974ff9ec8d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 16:29:23 GMT
ohc-cache-hit: lz6ct55 [1], xaix142 [2]
ohc-file-size: 86356
x-cache-status: MISS
X-Firefox-Spdy: h2
static.mediav.com/js/mvf_pm_slider.js
104.192.110.245200 OK 40 kB URL HTTP/1.1 static.mediav.com/js/mvf_pm_slider.js
IP 104.192.110.245:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (65536), with no line terminators, with escape sequences
Hash b23b60a7adefb62f50583079ed66f03b
965ea6506ea6c004b1135f23c10c67484fc0d238
987d03cb317bd411589ab916be6ea0e5aaabf8de0e94a2de7712beff577a62f8
GET /js/mvf_pm_slider.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:42 GMT
Vary: Accept-Encoding
Expires: Sat, 14 Jan 2023 01:49:18 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.lato;HIT from w-sc09.zzzc
t15.baidu.com/it/u=1309074908,3776202822&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t15.baidu.com/it/u=1309074908,3776202822&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 72bc81d27c0081e375e16656c8868dc3
eec58b7a36f765ccdea56cdc5f3af9d161956161
7553abd2d732a1a24026940ef3afc3f99323a24c4dd94ef04fd213e9bbd3cac6
GET /it/u=1309074908,3776202822&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpeg
Content-Length: 44350
Connection: keep-alive
Expires: Tue, 17 Jan 2023 22:55:15 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 72bc81d27c0081e375e16656c8868dc3
Age: 1793455
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 18 Dec 2022 22:55:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache65 [1], bdix122 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44350
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=272990653,4117405755&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=424
125.74.1.35200 OK 44 kB URL HTTP/2 img0.baidu.com/it/u=272990653,4117405755&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=424
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x424, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fe6bbc22d9014f0aae030f36acdb56f6
07131e0cf527752ff1369722969680c1fbc92f4d
e23a006dbcedd18b5dde7dc7f4b0f590c55f94f1f0151fe5f2f5824ab28a2e7f
GET /it/u=272990653,4117405755&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=424 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 43950
expires: Tue, 07 Feb 2023 11:27:15 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: fe6bbc22d9014f0aae030f36acdb56f6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 11:27:15 GMT
ohc-cache-hit: lz4ct76 [1], bdix221 [2]
ohc-file-size: 43950
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=856904635,2460205970&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
182.40.78.35200 OK 56 kB URL HTTP/2 img1.baidu.com/it/u=856904635,2460205970&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ff60ba40e5bbbb123be8b19fb35e3e14
b79adcdf3e477b75fc58ac2bc6a441934abd57d4
569afaf1be4b94ee8dae405c552e38b3532f9ca5c012585b32f065507fdb273b
GET /it/u=856904635,2460205970&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 55880
expires: Thu, 19 Jan 2023 03:31:31 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ff60ba40e5bbbb123be8b19fb35e3e14
age: 51325
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 20 Dec 2022 03:31:31 GMT
ohc-cache-hit: jn3ct63 [4], bdix240 [2]
ohc-file-size: 55880
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/943054.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/943054.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/943054.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=588053366,880660267&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=711
12803.url.tudown.com/uploads/images/107947.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/107947.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/107947.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2013867811,1826048265&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=2326538388,63073338&fm=253&fmt=auto&app=138&f=GIF?w=500&h=623
125.74.110.35200 OK 66 kB URL HTTP/2 img2.baidu.com/it/u=2326538388,63073338&fm=253&fmt=auto&app=138&f=GIF?w=500&h=623
IP 125.74.110.35:0
File type GIF image data, version 89a, 500 x 623\012- data
Hash b5bf1af0f469b16786ecd960b936c387
3aaea5fdf51df30931cab61c0b3b96cf47c97e86
9047353ae2d60e5329d91cf6dda796784063a60c20d275d3ef91d5ec5e3a3a92
GET /it/u=2326538388,63073338&fm=253&fmt=auto&app=138&f=GIF?w=500&h=623 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/gif
content-length: 65510
expires: Thu, 26 Jan 2023 14:42:53 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: b5bf1af0f469b16786ecd960b936c387
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 14:42:53 GMT
ohc-cache-hit: lz6ct53 [1], bdix105 [2]
ohc-file-size: 65510
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1986515109,3178822468&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
125.74.110.35200 OK 38 kB URL HTTP/2 img2.baidu.com/it/u=1986515109,3178822468&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5779b329ce463d84a8694defee3c2746
ff32e95d154474473845f007fe654aa4ad842861
ef409016a3ba78c5357c5ca0173358c2424e3d4f60a409be5ff2eb822e893376
GET /it/u=1986515109,3178822468&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 37966
expires: Sat, 21 Jan 2023 06:13:05 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 5779b329ce463d84a8694defee3c2746
age: 166281
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 06:13:05 GMT
ohc-cache-hit: lz6ct61 [4], xaix143 [2]
ohc-file-size: 37966
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4008707840,4002467664&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
125.74.110.35200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=4008707840,4002467664&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c647baba444bf3c60a5efe5c7e1c7fd4
e55de94e50dbdb7090e55ae6992cc3e1c89d8ead
4655190ac0112e1c6211edd615a75c21abd58daa42ef707ddb2800b0686867cc
GET /it/u=4008707840,4002467664&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 12972
expires: Thu, 09 Feb 2023 07:30:25 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: c647baba444bf3c60a5efe5c7e1c7fd4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 07:30:25 GMT
ohc-cache-hit: lz6ct54 [1], suzix121 [2]
ohc-file-size: 12972
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/411760.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/411760.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/411760.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1158784419,2454374181&fm=224&app=112&f=JPEG?w=500&h=500&s=C9146D9A5CD74FEB1AF064DD0300A022
t13.baidu.com/it/u=2013867811,1826048265&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 33 kB URL HTTP/1.1 t13.baidu.com/it/u=2013867811,1826048265&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1f5fd5e8b92981355b4b2c481c627071
657df8d2d01ff913d920056bbdfb3e8caa52296a
7b1b0dd115f70397a0933816ade60e967d872b089fb0e3b2032eaf504dd65f0e
GET /it/u=2013867811,1826048265&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpeg
Content-Length: 32794
Connection: keep-alive
Expires: Mon, 06 Feb 2023 04:37:02 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 1f5fd5e8b92981355b4b2c481c627071
Age: 171168
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 04:37:02 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache59 [4], csix82 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 32794
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/465736.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/465736.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/465736.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3771246950,1405929291&fm=224&app=112&f=JPEG?w=500&h=226
12803.url.tudown.com/uploads/images/940733.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/940733.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/940733.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3703390478,297776897&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
60.190.116.48200 OK 123 kB URL HTTP/1.1 sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
IP 60.190.116.48:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 123 kB (123037 bytes)
Hash c39ed7d28cee6240d44cc5b5c2bbd686
eab7220ff1195b14d9c1c21ae4fcad33315549b5
cd5d1c61337dd6b5a3ddffdc95ed7da921b125c9911aa22eaef8f054a2345459
GET /js/dfxaf3-635b4cd6.js HTTP/1.1
Host: sofire.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:18 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 16 Jan 2023 02:00:19 GMT
Last-Modified: Fri, 06 Jan 2023 03:24:00 GMT
ETag: "6c8af00e14f394b624a4b374d18b9b7a"
Content-Encoding: gzip
Age: 63309
Accept-Ranges: bytes
Content-MD5: bIrwDhTzlLYkpLN00Yubeg==
x-bce-content-crc32: 1362413814
x-bce-debug-id: QjineMlAXhLG/PlsgM2X2uIKfsWp+HP3QbCjboYwAHuzbGpANStpwGzjEZ4OyAmfwap44giGyP+88Edrq3Apag==
x-bce-request-id: d5b3c661-6c66-459a-82f5-aba26c1b2d8f
x-bce-storage-class: STANDARD
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 02:00:19 GMT
Ohc-Cache-HIT: wz2ct53 [2], nb2ctcache51 [2]
Ohc-Response-Time: 1 0 0 0 0 0
12803.url.tudown.com/uploads/images/458955.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/458955.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/458955.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=838643461,1673757458&fm=253&fmt=auto?w=92&h=69
t14.baidu.com/it/u=1158784419,2454374181&fm=224&app=112&f=JPEG?w=500&h=500&s=C9146D9A5CD74FEB1AF064DD0300A022
185.10.104.124200 OK 64 kB URL HTTP/1.1 t14.baidu.com/it/u=1158784419,2454374181&fm=224&app=112&f=JPEG?w=500&h=500&s=C9146D9A5CD74FEB1AF064DD0300A022
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e16460f4c348b6b8c473f4842aaec94d
23f0eb6e7180e24a650b7ea205a9f3fc9cc7482e
ec4532abb0cf1705d2cb618c642022846a499c41be994b85e5f177beb8a469e9
GET /it/u=1158784419,2454374181&fm=224&app=112&f=JPEG?w=500&h=500&s=C9146D9A5CD74FEB1AF064DD0300A022 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpeg
Content-Length: 64481
Connection: keep-alive
Expires: Sun, 22 Jan 2023 09:24:06 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: e16460f4c348b6b8c473f4842aaec94d
Age: 1274577
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 23 Dec 2022 09:24:06 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache56 [1], czix243 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 64481
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=3771246950,1405929291&fm=224&app=112&f=JPEG?w=500&h=226
185.10.104.124200 OK 28 kB URL HTTP/1.1 t13.baidu.com/it/u=3771246950,1405929291&fm=224&app=112&f=JPEG?w=500&h=226
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x226, components 3\012- data
Hash a2aafb3fe99cb008a72414edce28b81e
170ad82f6e8d464a9716624c078ae2e535731955
b6653c334b6dc4090ba148629042a5a90ef2a8c2533249b367c77050d84fef31
GET /it/u=3771246950,1405929291&fm=224&app=112&f=JPEG?w=500&h=226 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpeg
Content-Length: 27904
Connection: keep-alive
Expires: Fri, 03 Feb 2023 13:11:21 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: a2aafb3fe99cb008a72414edce28b81e
Age: 171913
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 13:11:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache64 [4], qdix64 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 27904
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1606205587,4155654830&fm=253&fmt=auto&app=138&f=JPEG?w=630&h=500
125.74.1.35200 OK 30 kB URL HTTP/2 img0.baidu.com/it/u=1606205587,4155654830&fm=253&fmt=auto&app=138&f=JPEG?w=630&h=500
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 630x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e68be1b839e131a89395d9f2aece67f2
4556bdd89b820eeac30d79672f6fc60c04a7675f
0661a60f963e1b1071319d67c196688dc7b45d2dc6c19491d4e75229fc1a1998
GET /it/u=1606205587,4155654830&fm=253&fmt=auto&app=138&f=JPEG?w=630&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:19 GMT
content-type: image/webp
content-length: 29616
expires: Sun, 22 Jan 2023 04:38:03 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: e68be1b839e131a89395d9f2aece67f2
age: 393475
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 04:38:03 GMT
ohc-cache-hit: lz4ct56 [4], czix111 [2]
ohc-file-size: 29616
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3293542830,4024451433&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=615
125.74.1.35200 OK 37 kB URL HTTP/2 img0.baidu.com/it/u=3293542830,4024451433&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=615
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x615, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a331c69b9aa0291724836f439698b233
2c10b97079610cc0b55f5fd63ba9f7133e7d9654
e7128ee47a622cebc33c9d71a92b0438e581b8fa4dd2a1a69d095d1e30d68698
GET /it/u=3293542830,4024451433&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=615 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:19 GMT
content-type: image/webp
content-length: 37442
expires: Sat, 21 Jan 2023 04:36:08 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: a331c69b9aa0291724836f439698b233
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 04:36:08 GMT
ohc-cache-hit: lz4ct58 [1], bdix127 [2]
ohc-file-size: 37442
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4253269699,2089197554&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
182.40.78.35200 OK 31 kB URL HTTP/2 img1.baidu.com/it/u=4253269699,2089197554&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 71e1149a6b790ab9fe74187d547de08c
205366ac43290872a9602311e877dfb17655bda8
907454efbcd92ec09dc03934170701ba549cd01bc3e9e315bd77fe259094e0ec
GET /it/u=4253269699,2089197554&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:19 GMT
content-type: image/webp
content-length: 30906
expires: Fri, 10 Feb 2023 03:26:49 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 71e1149a6b790ab9fe74187d547de08c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 03:26:49 GMT
ohc-cache-hit: jn3ct50 [1], csix50 [2]
ohc-file-size: 30906
x-cache-status: MISS
X-Firefox-Spdy: h2
pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=73181582&s2=1486490423<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&dc=3&ti=%E6%8D%95%E9%B1%BC%E4%B9%90%E5%9B%AD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673642942&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673642942&dtm=HTML_POST&tpr=1673642942173&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=fa5073939ae4fd2d&fpt=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622&dft=0&ft=1
182.61.200.109200 OK 13 kB URL HTTP/2 pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=73181582&s2=1486490423<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&dc=3&ti=%E6%8D%95%E9%B1%BC%E4%B9%90%E5%9B%AD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673642942&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673642942&dtm=HTML_POST&tpr=1673642942173&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=fa5073939ae4fd2d&fpt=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7241)
Hash 15087e6951d11d58cebe89ef2c6ba4bf
a8f72da3b2d069cb51b58801b5b94fee2e8a2c46
59e3690a932a076466502fc1b13a1677d6ea5e6f97f0ad544048c0cb3fbe6aec
GET /s?wid=910&hei=120&di=u4965894&s1=73181582&s2=1486490423<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&dc=3&ti=%E6%8D%95%E9%B1%BC%E4%B9%90%E5%9B%AD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31&ps=1802x34&drs=1&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673642942&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673642942&dtm=HTML_POST&tpr=1673642942173&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=fa5073939ae4fd2d&fpt=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 13 Jan 2023 20:49:19 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Jan 14 04:49:19 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=F035BC94B0415EB3BC088DE10C96C178:FG=1; expires=Sat, 13-Jan-54 20:49:19 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 13070
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 13 Jan 2023 20:49:19 GMT
12803.url.tudown.com/uploads/images/956647.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/956647.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/956647.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1222518265,1712720614&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img2.baidu.com/it/u=3854236692,1098192838&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
125.74.110.35200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=3854236692,1098192838&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f7f9797be6b969f96522d3ddc3aea923
f22e3fad2260ab6b680b9d9dbadbd3f962143c67
d1a8c1d665e41256f81f465facc0f777b22b5b38222819aa67e9db79cb9e7556
GET /it/u=3854236692,1098192838&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 19674
expires: Mon, 06 Feb 2023 13:03:42 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: f7f9797be6b969f96522d3ddc3aea923
age: 331699
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 13:03:42 GMT
ohc-cache-hit: lz6ct58 [4], wzix80 [2]
ohc-file-size: 19674
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1877318472,482588290&fm=253&fmt=auto&app=138&f=JPEG?w=576&h=360
125.74.110.35200 OK 27 kB URL HTTP/2 img2.baidu.com/it/u=1877318472,482588290&fm=253&fmt=auto&app=138&f=JPEG?w=576&h=360
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 576x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 56a266cf93c1cde039ae17819b0065e4
ab799d9e3946e1785c5d48750054526fbcd76405
731ff7716cb1583a8e91ea0bf38b354b4f77da9ef59f5a92673c0ea47ee5f9dc
GET /it/u=1877318472,482588290&fm=253&fmt=auto&app=138&f=JPEG?w=576&h=360 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 27062
expires: Sat, 21 Jan 2023 07:30:13 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 56a266cf93c1cde039ae17819b0065e4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 07:30:13 GMT
ohc-cache-hit: lz6ct53 [1], suzix53 [2]
ohc-file-size: 27062
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3532264608,1426129549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=755
125.74.110.35200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=3532264608,1426129549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=755
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x755, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44365485d1ad5f315662c4ffafc41b67
e028d5bcf292cce23b88bec9cf18c93f387e732f
807ca3885b2fc44e1abe2933eadaf669cace245acf3b4f491faf830909020531
GET /it/u=3532264608,1426129549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=755 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 18698
expires: Sun, 05 Feb 2023 12:34:11 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 44365485d1ad5f315662c4ffafc41b67
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 12:34:11 GMT
ohc-cache-hit: lz6ct62 [1], csix84 [2]
ohc-file-size: 18698
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=831380803,313941256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
125.74.110.35200 OK 37 kB URL HTTP/2 img2.baidu.com/it/u=831380803,313941256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d06b92d5284f5ce628ce387756b3ad3b
dc57c77ce04e553ba6e7125445b1b26ef4b3f8bf
4cfbf13d54e9b5757d84c832d2da3d4a060970678889730ef27886d3d0d72d08
GET /it/u=831380803,313941256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:18 GMT
content-type: image/webp
content-length: 37142
expires: Sat, 21 Jan 2023 12:25:36 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d06b92d5284f5ce628ce387756b3ad3b
age: 1113
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 12:25:36 GMT
ohc-cache-hit: lz6ct63 [4], xaix187 [4]
ohc-file-size: 37142
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/863694.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/863694.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/863694.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3582644968,505500675&fm=253&app=120&f=JPEG?w=1280&h=800
pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=925108211&s2=1930919414<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&dc=3&ti=%E6%8D%95%E9%B1%BC%E4%B9%90%E5%9B%AD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673642942&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673642942&dtm=HTML_POST&tpr=1673642942173&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=fa5073939ae4fd2d&fpt=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622&dft=0&ft=1
182.61.200.109200 OK 15 kB URL HTTP/2 pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=925108211&s2=1930919414<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&dc=3&ti=%E6%8D%95%E9%B1%BC%E4%B9%90%E5%9B%AD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673642942&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673642942&dtm=HTML_POST&tpr=1673642942173&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=fa5073939ae4fd2d&fpt=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39309)
Hash 8e96507ae5fb56cee3ed631794017bb1
e61900e9bb5f6784d413bf219164321687673fea
d0b58ab0bf93ff97390bedb19a672668e16f996c9c5ebec45e0567a7fed53148
GET /s?wid=890&hei=200&di=u5039524&s1=925108211&s2=1930919414<u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&dc=3&ti=%E6%8D%95%E9%B1%BC%E4%B9%90%E5%9B%AD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31&ps=2136x34&drs=1&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1673642942&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1673642942&dtm=HTML_POST&tpr=1673642942173&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=fa5073939ae4fd2d&fpt=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 13 Jan 2023 20:49:19 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Jan 14 04:49:19 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=F035BC94B0415EB3BB2DCAD374492A85:FG=1; expires=Sat, 13-Jan-54 20:49:19 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 14961
X-Firefox-Spdy: h2
img0.baidu.com/it/u=838643461,1673757458&fm=253&fmt=auto?w=92&h=69
125.74.1.35200 OK 6.2 kB URL HTTP/2 img0.baidu.com/it/u=838643461,1673757458&fm=253&fmt=auto?w=92&h=69
IP 125.74.1.35:0
File type GIF image data, version 89a, 92 x 69\012- data
Hash 294f94c4cbfea42f576157f4473c20e6
f4a0b4c2bf4c0db5e0fac27fba4c8b09288a9636
c0f27a04c32540e2dd1e1bb1b8d636d20b70a7135fef391bcbf8c44ff8fa763d
GET /it/u=838643461,1673757458&fm=253&fmt=auto?w=92&h=69 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:19 GMT
content-type: image/gif
content-length: 6229
expires: Tue, 24 Jan 2023 13:42:51 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 294f94c4cbfea42f576157f4473c20e6
age: 56763
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 13:42:51 GMT
ohc-cache-hit: lz4ct61 [4], bdix61 [4]
ohc-file-size: 6229
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/753277.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/753277.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/753277.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2646168825,1094894018&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/349427.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/349427.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/349427.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3191543352,1642049173&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=854
img2.baidu.com/it/u=3703390478,297776897&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
125.74.110.35200 OK 26 kB URL HTTP/2 img2.baidu.com/it/u=3703390478,297776897&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 354x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 48f050ec213e6150303f6932590386e7
4445e7ca76beabcb8e51b5b51a6a055943c9ec40
1adb80a7132f8027a51b5870c2611b80c74a1302c08481e3cc4007fd056036ba
GET /it/u=3703390478,297776897&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:19 GMT
content-type: image/webp
content-length: 25642
expires: Sun, 22 Jan 2023 06:45:47 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 48f050ec213e6150303f6932590386e7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 06:45:47 GMT
ohc-cache-hit: lz6ct64 [1], xaix211 [2]
ohc-file-size: 25642
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/397340.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/397340.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/397340.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2821205874,4183657161&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=257
12803.url.tudown.com/uploads/images/911604.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/911604.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/911604.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=6941789,1577282212&fm=253&fmt=auto&app=138&f=PNG?w=384&h=960
img0.baidu.com/it/u=588053366,880660267&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=711
125.74.1.35200 OK 62 kB URL HTTP/2 img0.baidu.com/it/u=588053366,880660267&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=711
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x711, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1b7101234a648dc432f7b84eb435eae2
494c0bd76617104cdf597039d0ed01901c2fca9e
07deb2924f5eaf2310ef4319220efc9853df05c21dc0b89087fef19118273fb9
GET /it/u=588053366,880660267&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=711 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:19 GMT
content-type: image/webp
content-length: 61538
expires: Tue, 31 Jan 2023 09:57:36 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 1b7101234a648dc432f7b84eb435eae2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 09:57:36 GMT
ohc-cache-hit: lz4ct50 [1], csix79 [2]
ohc-file-size: 61538
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1673642943&rnd=1580635351&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=10113&r=0&ww=1280&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&tt=%E6%8D%95%E9%B1%BC%E4%B9%90%E5%9B%AD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1673642943&rnd=1580635351&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=10113&r=0&ww=1280&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&tt=%E6%8D%95%E9%B1%BC%E4%B9%90%E5%9B%AD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1673642943&rnd=1580635351&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=10113&r=0&ww=1280&u=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&tt=%E6%8D%95%E9%B1%BC%E4%B9%90%E5%9B%AD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 13 Jan 2023 20:49:19 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=872DAF02F811D867; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cpro.baidustatic.com/cpro/ui/pr.js
220.169.152.35200 OK 191 B URL HTTP/1.1 cpro.baidustatic.com/cpro/ui/pr.js
IP 220.169.152.35:0
File type ASCII text, with CRLF line terminators
Hash 48bbe750b892850b181762bf739e10dd
716574fe9afcde8faef513b16d6867cb07afe626
e538c894cae59538764a334e2cf2bc02e53fa6a9e4efebcd251bc5da82fa2158
GET /cpro/ui/pr.js HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 13 Jan 2023 21:10:44 GMT
Last-Modified: Fri, 25 Nov 2022 03:46:04 GMT
ETag: "63803a7c-ff"
Cache-Control: max-age=3600
Content-Encoding: gzip
Age: 2315
Accept-Ranges: bytes
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 20:10:44 GMT
Ohc-Cache-HIT: yy2ct64 [2], wzix64 [2]
Ohc-File-Size: 191
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/944087.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/944087.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/944087.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=119951684,3744503612&fm=253&app=120&f=JPEG?w=1422&h=800
12803.url.tudown.com/uploads/images/384988.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/384988.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/384988.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2748726506,2060151179&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/112715.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/112715.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/112715.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1154901079,1811853825&fm=253&fmt=auto&app=138&f=JPEG?w=529&h=500
12803.url.tudown.com/uploads/images/181789.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/181789.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/181789.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1742604553,831035310&fm=253&app=138&f=JPEG?w=500&h=889
t13.baidu.com/it/u=2748726506,2060151179&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 42 kB URL HTTP/1.1 t13.baidu.com/it/u=2748726506,2060151179&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f910ff4db070572d5ac95acf4fb77d1d
f140707c7c75f3e17450eb2e0a2cbbd142554493
64cfb86600e35e70a7768d827925e772a02e27c6b5839eebc9c88491a13416a8
GET /it/u=2748726506,2060151179&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpeg
Content-Length: 42525
Connection: keep-alive
Expires: Sun, 12 Feb 2023 18:38:52 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: f910ff4db070572d5ac95acf4fb77d1d
Age: 7827
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 18:38:52 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache57 [1], bdix111 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 42525
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=1222518265,1712720614&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
182.40.78.35200 OK 80 kB URL HTTP/2 img1.baidu.com/it/u=1222518265,1712720614&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e9481661fec8906a3ed267e6ec090545
b05ade9f0b51be15f145764e365062a63b9d077b
3c691f9535e7a8819d4c51ec4a15e2172d6b00dc72834d7606a53e419889224f
GET /it/u=1222518265,1712720614&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:19 GMT
content-type: image/webp
content-length: 79950
expires: Sun, 22 Jan 2023 04:53:50 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: e9481661fec8906a3ed267e6ec090545
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 04:53:50 GMT
ohc-cache-hit: jn3ct54 [1], suzix144 [2]
ohc-file-size: 79950
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/406246.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/406246.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/406246.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=340143712,2330178855&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/640553.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/640553.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/640553.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=878710569,2691075331&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
img1.baidu.com/it/u=3191543352,1642049173&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=854
182.40.78.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=3191543352,1642049173&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=854
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x854, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0647ffc04dba85381fe84a6a67d216c4
ca0905e1d314d2f8ae2d0603f86325ad5252c4fe
d50e3efc6c314af6ceae03b865f96fb189d1e7297e60b7c0d2e4b8732659a24d
GET /it/u=3191543352,1642049173&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=854 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:19 GMT
content-type: image/webp
content-length: 19706
expires: Thu, 26 Jan 2023 04:31:28 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 0647ffc04dba85381fe84a6a67d216c4
age: 134099
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 04:31:28 GMT
ohc-cache-hit: jn3ct55 [4], xaix219 [4]
ohc-file-size: 19706
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2821205874,4183657161&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=257
125.74.1.35200 OK 7.9 kB URL HTTP/2 img0.baidu.com/it/u=2821205874,4183657161&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=257
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x257, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 46eea8086fe8be98f482d65ece48d2b4
0d26b7891c27ed9811c714350a7896601e72755a
213e1871a682c529535750a25e8615d4cd02228520398eb465b029ec6616f98c
GET /it/u=2821205874,4183657161&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=257 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:19 GMT
content-type: image/webp
content-length: 7918
expires: Thu, 19 Jan 2023 17:06:59 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 46eea8086fe8be98f482d65ece48d2b4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 20 Dec 2022 17:06:59 GMT
ohc-cache-hit: lz4ct56 [1], xaix151 [2]
ohc-file-size: 7918
x-cache-status: MISS
X-Firefox-Spdy: h2
bdcode.2345.com/ptqnrmng.js
42.81.8.130200 OK 4.0 kB URL HTTP/1.1 bdcode.2345.com/ptqnrmng.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (11438), with no line terminators
Hash 4927ec7cf61077c3cb553d1e91fbe407
81cecb6db2e670675c9bdac9c8c9225b987262cc
439bad0c6b3cec8c27d7bd369cf89917af4deec831c07836e4e1d265113a641c
Analyzer Verdict Alert fortinet Malware
GET /ptqnrmng.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 4034
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Fri, 13 Jan 2023 21:49:19 GMT
Last-Modified: Mon, 26 Sep 2022 07:31:49 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0e7ff1e239337df-143
Server: yunjiasu
img1.baidu.com/it/u=6941789,1577282212&fm=253&fmt=auto&app=138&f=PNG?w=384&h=960
182.40.78.35200 OK 48 kB URL HTTP/2 img1.baidu.com/it/u=6941789,1577282212&fm=253&fmt=auto&app=138&f=PNG?w=384&h=960
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d4952900fe3df99fda68a571c255fb3f
a70965673456996fa37d8723664f39a88bd98c78
f88b93d746297b4bd8291d0747dad18a09e57cd01e94e46228234ad513760ba1
GET /it/u=6941789,1577282212&fm=253&fmt=auto&app=138&f=PNG?w=384&h=960 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:19 GMT
content-type: image/webp
content-length: 47700
expires: Fri, 20 Jan 2023 13:29:47 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: d4952900fe3df99fda68a571c255fb3f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 13:29:47 GMT
ohc-cache-hit: jn3ct64 [1], qdix158 [2]
ohc-file-size: 47700
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/285571.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/285571.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/285571.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2289902781,314051595&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=724
t15.baidu.com/it/u=340143712,2330178855&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 58 kB URL HTTP/1.1 t15.baidu.com/it/u=340143712,2330178855&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 783e8f3119c4c5bfd04f1bc1923605d1
2d7a5b02ccc0c792f9d0b680d4b407bec6ddc185
e46810f4d68977edaffe9e68a5c51df7f34db20945a01a4c62a7f77834285f7d
GET /it/u=340143712,2330178855&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:19 GMT
Content-Type: image/jpeg
Content-Length: 57891
Connection: keep-alive
Expires: Sun, 15 Jan 2023 01:26:52 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 783e8f3119c4c5bfd04f1bc1923605d1
Age: 1446041
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 16 Dec 2022 01:26:52 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache61 [1], czix188 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57891
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/978349.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/978349.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/978349.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4142117824,1967907595&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img2.baidu.com/it/u=878710569,2691075331&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
125.74.110.35200 OK 9.3 kB URL HTTP/2 img2.baidu.com/it/u=878710569,2691075331&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f34d693aa6c5e9eea619a479e3d4622c
fdfd8c8f22aec09f55071405de5b1d5b4b219a1d
ff7d6bbd739249ad730ca586c9e76a4f04f518c1af86fde557d972157182852c
GET /it/u=878710569,2691075331&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:20 GMT
content-type: image/webp
content-length: 9280
expires: Tue, 07 Feb 2023 06:46:21 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: f34d693aa6c5e9eea619a479e3d4622c
age: 1177
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 06:46:21 GMT
ohc-cache-hit: lz6ct60 [4], bdix60 [2]
ohc-file-size: 9280
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/766627.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/766627.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/766627.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3206076334,524043272&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/478929.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/478929.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/478929.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=689429743,3551920864&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500
12803.url.tudown.com/uploads/images/125860.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/125860.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/125860.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2503606740,1773479665&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12803.url.tudown.com/uploads/images/59760.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/59760.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/59760.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=91406522,3119241137&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=91406522,3119241137&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t14.baidu.com/it/u=91406522,3119241137&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1f069f50bf43a247558202d0291f0339
be7244149ccced4cd548d70f544c73fd1a566f23
f9e044886cabb03ecf92519b5da00be4f10dc12fa134a51c3060d08b3bcd6827
GET /it/u=91406522,3119241137&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpeg
Content-Length: 43704
Connection: keep-alive
Expires: Fri, 27 Jan 2023 14:45:29 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 1f069f50bf43a247558202d0291f0339
Age: 170281
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 14:45:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache62 [1], xaix235 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43704
X-Cache-Status: HIT
Timing-Allow-Origin: *
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 783 B URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (2128), with no line terminators
Hash 621b3563f1231de3a058fa25980064be
c2575c8110cbaba0c87c543fabf7c592789ad67f
37944a5c3981b16d6a498a7dc9427edcd64c1752e6728c5323525bc400efc8d6
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Fri, 13 Jan 2023 20:49:18 GMT
Etag: 5275aa04422cad40820f468d8117e2f9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=DBECCD3DB5B85918; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
12803.url.tudown.com/uploads/images/816085.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/816085.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/816085.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2929395286,1285706636&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=1154901079,1811853825&fm=253&fmt=auto&app=138&f=JPEG?w=529&h=500
125.74.110.35200 OK 9.5 kB URL HTTP/1.1 img2.baidu.com/it/u=1154901079,1811853825&fm=253&fmt=auto&app=138&f=JPEG?w=529&h=500
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 529x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44d06e90735efb104f35456b861f8b13
d01b9f4a273630819196c1c5d92a94c31e707a7d
66b60dc32f4d4acfbe27eb6ed56fa58f10678bda117c8401b050e8d023739efb
GET /it/u=1154901079,1811853825&fm=253&fmt=auto&app=138&f=JPEG?w=529&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/webp
Content-Length: 9546
Connection: keep-alive
Expires: Sat, 21 Jan 2023 23:44:07 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 44d06e90735efb104f35456b861f8b13
Age: 168341
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 22 Dec 2022 23:44:07 GMT
Ohc-Cache-HIT: lz6ct64 [4], qdix162 [2]
Ohc-File-Size: 9546
X-Cache-Status: HIT
img0.baidu.com/it/u=2289902781,314051595&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=724
125.74.1.35200 OK 27 kB URL HTTP/2 img0.baidu.com/it/u=2289902781,314051595&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=724
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x724, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 36aecafc1bc4a0385ee0a4659ba9bba3
c6264e91b9124663e27d33f4c62e0a2d5ea87f07
bf6adab3414b9aaf1650da464a4da1d8142aa43505f00966fcfff3407c39a3f1
GET /it/u=2289902781,314051595&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=724 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:20 GMT
content-type: image/webp
content-length: 27208
expires: Sun, 22 Jan 2023 03:42:00 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 36aecafc1bc4a0385ee0a4659ba9bba3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 03:42:00 GMT
ohc-cache-hit: lz4ct66 [1], qdix199 [2]
ohc-file-size: 27208
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2929395286,1285706636&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 48 kB URL HTTP/1.1 t14.baidu.com/it/u=2929395286,1285706636&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 22b189b17aef3d50321b12736bbcdf92
f35ba179d75a0c583ec0ee0409c181aab4379afe
29d4340ba79eee54f7f1b6b089cc1a51cdf2e347912770094c81ec11f42a0b4c
GET /it/u=2929395286,1285706636&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpeg
Content-Length: 47894
Connection: keep-alive
Expires: Mon, 06 Feb 2023 00:40:57 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 22b189b17aef3d50321b12736bbcdf92
Age: 2434
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 00:40:57 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache55 [4], xaix104 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 47894
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/493213.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/493213.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/493213.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1475098367,3717034611&fm=253&fmt=auto?w=120&h=80
img2.baidu.com/it/u=2503606740,1773479665&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
125.74.110.35200 OK 39 kB URL HTTP/2 img2.baidu.com/it/u=2503606740,1773479665&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d9fab228e2988c7bfdba84cfbcd2c20f
41585f03141614cbf26e9446f3088d681d7f354d
498373cb8036908ada3d943e556f9ddd7cb5b6d36903a5503e6055b867107f5c
GET /it/u=2503606740,1773479665&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:20 GMT
content-type: image/webp
content-length: 39196
expires: Wed, 18 Jan 2023 21:34:05 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d9fab228e2988c7bfdba84cfbcd2c20f
age: 170126
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 21:34:05 GMT
ohc-cache-hit: lz6ct64 [4], suzix64 [2]
ohc-file-size: 39196
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4142117824,1967907595&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
125.74.110.35200 OK 55 kB URL HTTP/2 img2.baidu.com/it/u=4142117824,1967907595&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 292d75fcf033913401c477f29d7c21ed
e489f597f0ec8bbac1c99fd339e18336da446a6d
df072d2d046b5f2d056490d8411ca0081208122629020f5c2c1da671c2ffe6b1
GET /it/u=4142117824,1967907595&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:20 GMT
content-type: image/webp
content-length: 54592
expires: Sat, 21 Jan 2023 23:27:02 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 292d75fcf033913401c477f29d7c21ed
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 23:27:02 GMT
ohc-cache-hit: lz6ct58 [1], suzix151 [2]
ohc-file-size: 54592
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/283911.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/283911.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/283911.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4136145966,2942858870&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
img2.baidu.com/it/u=689429743,3551920864&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500
125.74.110.35200 OK 42 kB URL HTTP/2 img2.baidu.com/it/u=689429743,3551920864&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 362x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6cb185f6e2a411477206a0ab37c20d91
c2aca4f8c75338f9ccb7dcef33d25c32f86cedc0
b076c2f0e0c535a143abdaeebc7b9d97e534b9c79604eb8a3f6ecae0f9d8292e
GET /it/u=689429743,3551920864&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:20 GMT
content-type: image/webp
content-length: 42052
expires: Mon, 23 Jan 2023 09:10:57 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 6cb185f6e2a411477206a0ab37c20d91
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 09:10:57 GMT
ohc-cache-hit: lz6ct65 [1], xiangyix103 [2]
ohc-file-size: 42052
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/857513.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/857513.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/857513.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=201885268,2703098843&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/19520.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/19520.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/19520.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=939708387,2643224094&fm=253&fmt=auto&app=138&f=JPEG?w=307&h=440
bdsearch.2345.com/auto_ds?gjj=vw02rwzz2&ukd=4ONIUDMIHJ&ckl=bnnjWx4Ww9Ww9vw2uxWUolfWUno_iqhWUZigWw9_iqhWw9Wwz8zWwz3uWwz3zWwz8zWwz52Wwz2xWwz8yWwz56Wwz4uwuv0Wyuw2vUvvu0x0WU-r-&vel=-hZi_cha&uij=v&ut=y&tgc=u&uts=UUUYXc_oUohcihUZXffYXZe&ugk=hih-&mvi=vwwv&wgk=uR-iiz4wkYdXtRgK7vG96JkFbSDyQofJtfabNzqdRLfCtJvAE+C7-BKG9NpvJ6-.2p5J1erAuvyYJC1m-Ya5_j9O0g3zGR/IrEHw.oX3Ml+O8G2Oh1vY5bNP.0X6ZA2Mh66nf5LswZxRtXLnhepmSJvjBHAD2edip2_gT8.Gfn21uTYiK1/5ten1_q/rhEOlOjtwPG4gewYduA4Qu7Iou9g2IS9mE94rOE9YdRt_up-bPg2ssPJuLFcjyTexr1FlTzSvgfu9LMIRNH3+C7cbqxeZn06o7QH2.Lh_4biHN07T08PizwbjzvX0KPBoEfAB/0ncM66.SZn2+hKTh8NF/5tRYw1P_+9udpBZXwop6uRZz1eDtEl45F57KOn/c0q.cIKtF9tP+MYvCzcCAygmpa&kcd=v01x0yw3yw&vtu=v<=vw2urvuuw&vogj=vvuuvv&ttv=nlo-&uzj=u&gifk=w&riz=w&in=3x3&urz=u&uz=u&rek=u&umz=uWUu&kgi=v01x0yw3ywv1x&utz=Vv&usm=u&tvt=ON9V2&gj=uru&kte=v01x0yw3yw&gzj=VvrVv&tyz=v&uwk=u&uiz=u&rr=v&ji=vw2urvuwy&twm=u&kz=W80W27W3zW83W5vW56W8yW53W3uW8zW35W47(W8yW52W47W8zW35W57)W8zW48W32W80W30W53W81W57W3vW81W45W33pzWUzWUxv&gjz=.Xzu1x3x3X-y._w_&llzu=22wZYuy1Xyx-xXx1>j=vw02r3x3
42.81.8.129200 OK 78 B URL HTTP/2 bdsearch.2345.com/auto_ds?gjj=vw02rwzz2&ukd=4ONIUDMIHJ&ckl=bnnjWx4Ww9Ww9vw2uxWUolfWUno_iqhWUZigWw9_iqhWw9Wwz8zWwz3uWwz3zWwz8zWwz52Wwz2xWwz8yWwz56Wwz4uwuv0Wyuw2vUvvu0x0WU-r-&vel=-hZi_cha&uij=v&ut=y&tgc=u&uts=UUUYXc_oUohcihUZXffYXZe&ugk=hih-&mvi=vwwv&wgk=uR-iiz4wkYdXtRgK7vG96JkFbSDyQofJtfabNzqdRLfCtJvAE+C7-BKG9NpvJ6-.2p5J1erAuvyYJC1m-Ya5_j9O0g3zGR/IrEHw.oX3Ml+O8G2Oh1vY5bNP.0X6ZA2Mh66nf5LswZxRtXLnhepmSJvjBHAD2edip2_gT8.Gfn21uTYiK1/5ten1_q/rhEOlOjtwPG4gewYduA4Qu7Iou9g2IS9mE94rOE9YdRt_up-bPg2ssPJuLFcjyTexr1FlTzSvgfu9LMIRNH3+C7cbqxeZn06o7QH2.Lh_4biHN07T08PizwbjzvX0KPBoEfAB/0ncM66.SZn2+hKTh8NF/5tRYw1P_+9udpBZXwop6uRZz1eDtEl45F57KOn/c0q.cIKtF9tP+MYvCzcCAygmpa&kcd=v01x0yw3yw&vtu=v<=vw2urvuuw&vogj=vvuuvv&ttv=nlo-&uzj=u&gifk=w&riz=w&in=3x3&urz=u&uz=u&rek=u&umz=uWUu&kgi=v01x0yw3ywv1x&utz=Vv&usm=u&tvt=ON9V2&gj=uru&kte=v01x0yw3yw&gzj=VvrVv&tyz=v&uwk=u&uiz=u&rr=v&ji=vw2urvuwy&twm=u&kz=W80W27W3zW83W5vW56W8yW53W3uW8zW35W47(W8yW52W47W8zW35W57)W8zW48W32W80W30W53W81W57W3vW81W45W33pzWUzWUxv&gjz=.Xzu1x3x3X-y._w_&llzu=22wZYuy1Xyx-xXx1>j=vw02r3x3
IP 42.81.8.129:0
File type ASCII text, with no line terminators
Hash 304b156f8768cce688a716ed8a0f28c3
28696182fd768fb10e39706f6dd382bd2f0cff35
d1c40bc707b5bb6d28700175f8b294456eb0f7b2b2565d89e8ab8553b27b7e05
GET /auto_ds?gjj=vw02rwzz2&ukd=4ONIUDMIHJ&ckl=bnnjWx4Ww9Ww9vw2uxWUolfWUno_iqhWUZigWw9_iqhWw9Wwz8zWwz3uWwz3zWwz8zWwz52Wwz2xWwz8yWwz56Wwz4uwuv0Wyuw2vUvvu0x0WU-r-&vel=-hZi_cha&uij=v&ut=y&tgc=u&uts=UUUYXc_oUohcihUZXffYXZe&ugk=hih-&mvi=vwwv&wgk=uR-iiz4wkYdXtRgK7vG96JkFbSDyQofJtfabNzqdRLfCtJvAE+C7-BKG9NpvJ6-.2p5J1erAuvyYJC1m-Ya5_j9O0g3zGR/IrEHw.oX3Ml+O8G2Oh1vY5bNP.0X6ZA2Mh66nf5LswZxRtXLnhepmSJvjBHAD2edip2_gT8.Gfn21uTYiK1/5ten1_q/rhEOlOjtwPG4gewYduA4Qu7Iou9g2IS9mE94rOE9YdRt_up-bPg2ssPJuLFcjyTexr1FlTzSvgfu9LMIRNH3+C7cbqxeZn06o7QH2.Lh_4biHN07T08PizwbjzvX0KPBoEfAB/0ncM66.SZn2+hKTh8NF/5tRYw1P_+9udpBZXwop6uRZz1eDtEl45F57KOn/c0q.cIKtF9tP+MYvCzcCAygmpa&kcd=v01x0yw3yw&vtu=v<=vw2urvuuw&vogj=vvuuvv&ttv=nlo-&uzj=u&gifk=w&riz=w&in=3x3&urz=u&uz=u&rek=u&umz=uWUu&kgi=v01x0yw3ywv1x&utz=Vv&usm=u&tvt=ON9V2&gj=uru&kte=v01x0yw3yw&gzj=VvrVv&tyz=v&uwk=u&uiz=u&rr=v&ji=vw2urvuwy&twm=u&kz=W80W27W3zW83W5vW56W8yW53W3uW8zW35W47(W8yW52W47W8zW35W57)W8zW48W32W80W30W53W81W57W3vW81W45W33pzWUzWUxv&gjz=.Xzu1x3x3X-y._w_&llzu=22wZYuy1Xyx-xXx1>j=vw02r3x3 HTTP/1.1
Host: bdsearch.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: application/javascript;charset=UTF-8
date: Fri, 13 Jan 2023 20:49:20 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat Jan 14 04:49:20 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: yunjiasu
x-xss-protection: 0
yjs-id: c0e7ff23876c37e5-143
content-length: 78
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/28176.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/28176.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/28176.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2073552160,1954565564&fm=253&fmt=auto&app=138&f=JPEG?w=507&h=500
t13.baidu.com/it/u=201885268,2703098843&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 62 kB URL HTTP/1.1 t13.baidu.com/it/u=201885268,2703098843&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash aefcee65dff3dacf000cc99fc076f9df
ebf581af4de4e534bec7a48d15221d63e36e8ff0
b10bd314f49035f685d9948a3684b42e1883659ea3fa9f55099762ea0ec5f031
GET /it/u=201885268,2703098843&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpeg
Content-Length: 61896
Connection: keep-alive
Expires: Wed, 25 Jan 2023 13:46:24 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: aefcee65dff3dacf000cc99fc076f9df
Age: 171317
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 13:46:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache52 [1], xiangyix83 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 61896
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=2646168825,1094894018&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.110.35200 OK 102 kB URL HTTP/1.1 img2.baidu.com/it/u=2646168825,1094894018&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.110.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 102 kB (101653 bytes)
Hash cca482b62048b875b4a47c3d6d24bb09
882853f40b3b14c710ccc2a083dd8941d69c7815
c4e54099cdab4399cd5b64bd0d5d1893334207cc680d195242ecbbaa3851eb27
GET /it/u=2646168825,1094894018&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpeg
Content-Length: 101653
Connection: keep-alive
Expires: Tue, 07 Feb 2023 14:30:43 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: cca482b62048b875b4a47c3d6d24bb09
Age: 155376
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 14:30:43 GMT
Ohc-Cache-HIT: lz6ct50 [4], wzix99 [4]
Ohc-File-Size: 101653
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/578793.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/578793.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/578793.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2040697761,1407691448&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
img2.baidu.com/it/u=1742604553,831035310&fm=253&app=138&f=JPEG?w=500&h=889
125.74.110.35200 OK 75 kB URL HTTP/1.1 img2.baidu.com/it/u=1742604553,831035310&fm=253&app=138&f=JPEG?w=500&h=889
IP 125.74.110.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash a375c11ca15e6546a8827954c2e56ea9
25d6c326e846b011171c22ba1ffc53df3bce366d
ebdf4e58ec371cda04f4f70b37a2ee84134ac49b42ccd78715a34705d544cc05
GET /it/u=1742604553,831035310&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpeg
Content-Length: 75009
Connection: keep-alive
Expires: Fri, 03 Feb 2023 12:17:52 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: a375c11ca15e6546a8827954c2e56ea9
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 12:17:52 GMT
Ohc-Cache-HIT: lz6ct53 [1], csix84 [2]
Ohc-File-Size: 75009
X-Cache-Status: MISS
img0.baidu.com/it/u=3206076334,524043272&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.1.35200 OK 87 kB URL HTTP/1.1 img0.baidu.com/it/u=3206076334,524043272&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.1.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash bd5cf59a109aab296a1fa84f4efac928
5af1d2ff1320e373c09fa1b9c76f3ec124212f95
5f6cbad94100e88a9f8766d4d621660825657de86aa1238e8350e751ca0de208
GET /it/u=3206076334,524043272&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpeg
Content-Length: 87185
Connection: keep-alive
Expires: Fri, 27 Jan 2023 04:10:34 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: bd5cf59a109aab296a1fa84f4efac928
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 04:10:34 GMT
Ohc-Cache-HIT: lz4ct63 [1], xiangyix140 [2]
Ohc-File-Size: 87185
X-Cache-Status: MISS
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-d658766aebfcef480b2dbc75734bb25be6cafde4&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&t=1673642943494&r=init
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-d658766aebfcef480b2dbc75734bb25be6cafde4&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&t=1673642943494&r=init
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-d658766aebfcef480b2dbc75734bb25be6cafde4&9=0&10=0&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&t=1673642943494&r=init HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Fri, 13 Jan 2023 20:49:20 GMT
content-length: 0
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1475098367,3717034611&fm=253&fmt=auto?w=120&h=80
125.74.110.35200 OK 2.5 kB URL HTTP/2 img2.baidu.com/it/u=1475098367,3717034611&fm=253&fmt=auto?w=120&h=80
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e7aa4cfb9cfade113ed7ad210079b08c
5e83e61c1883bdb728633c66e5112eebc8a71aec
551936e7bc49b6d253342fbff327319945d86d9845c8aa0e427a7fd3c1548bb7
GET /it/u=1475098367,3717034611&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:20 GMT
content-type: image/webp
content-length: 2466
expires: Thu, 19 Jan 2023 03:48:34 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: e7aa4cfb9cfade113ed7ad210079b08c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 20 Dec 2022 03:48:34 GMT
ohc-cache-hit: lz6ct53 [1], czix150 [2]
ohc-file-size: 2466
x-cache-status: MISS
X-Firefox-Spdy: h2
sofire.baidu.com/h5/t/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://12803.url.tudown.com/
Origin: http://12803.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12803.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Fri, 13 Jan 2023 20:49:20 GMT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/105811.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/105811.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/105811.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4113198466,1522172009&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img0.baidu.com/it/u=4136145966,2942858870&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
125.74.1.35200 OK 38 kB URL HTTP/2 img0.baidu.com/it/u=4136145966,2942858870&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ca476963405019372ad9b7e6d616e844
a1a2c440a80149e4ae09571db291d057c854e376
06ca8a804d64a2b7884ecd620947209179b0c3a0151bd6f797a7083792f67305
GET /it/u=4136145966,2942858870&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:20 GMT
content-type: image/webp
content-length: 38480
expires: Sat, 21 Jan 2023 12:37:44 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: ca476963405019372ad9b7e6d616e844
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 12:37:44 GMT
ohc-cache-hit: lz4ct56 [1], qdix240 [4]
ohc-file-size: 38480
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=939708387,2643224094&fm=253&fmt=auto&app=138&f=JPEG?w=307&h=440
125.74.110.35200 OK 33 kB URL HTTP/2 img2.baidu.com/it/u=939708387,2643224094&fm=253&fmt=auto&app=138&f=JPEG?w=307&h=440
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 307x440, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9440c6d856cbeb79aa94b51d6c8b0199
62319f215740d9f70bb8934a9d4c35708c009e0f
280256cbe50bc22a16cfb8c338ed66e8e8a9516225c2ddcf84bd8ecdaafef6f2
GET /it/u=939708387,2643224094&fm=253&fmt=auto&app=138&f=JPEG?w=307&h=440 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:20 GMT
content-type: image/webp
content-length: 32934
expires: Mon, 16 Jan 2023 09:31:25 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 9440c6d856cbeb79aa94b51d6c8b0199
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 17 Dec 2022 09:31:25 GMT
ohc-cache-hit: lz6ct59 [1], qdix78 [2]
ohc-file-size: 32934
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=119951684,3744503612&fm=253&app=120&f=JPEG?w=1422&h=800
182.40.78.35200 OK 135 kB URL HTTP/1.1 img1.baidu.com/it/u=119951684,3744503612&fm=253&app=120&f=JPEG?w=1422&h=800
IP 182.40.78.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 135 kB (135437 bytes)
Hash e240e6076d2090281fd285df1dca1bd2
05f33aeac478a812a1dd2772f974b9acd7b7f2f5
85367fb3fd1e5556baa1120153b53043b0c5d0122a64cf579ee27eaac87917a0
GET /it/u=119951684,3744503612&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpeg
Content-Length: 135437
Connection: keep-alive
Expires: Mon, 06 Feb 2023 16:19:10 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: e240e6076d2090281fd285df1dca1bd2
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 16:19:10 GMT
Ohc-Cache-HIT: jn3ct51 [2], wzix108 [4]
Ohc-File-Size: 135437
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/874602.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/874602.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/874602.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1551797485,3330912731&fm=253&fmt=auto&app=138&f=JPEG?w=279&h=419
12803.url.tudown.com/uploads/images/669089.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/669089.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/669089.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4014731863,2947911801&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
12803.url.tudown.com/uploads/images/995757.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/995757.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/995757.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3393785221,917426829&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=370
img0.baidu.com/it/u=3582644968,505500675&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.1.35200 OK 113 kB URL HTTP/1.1 img0.baidu.com/it/u=3582644968,505500675&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.1.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 113 kB (113439 bytes)
Hash e88249d37e06c501a4347c903a0ba4c7
e58f189aab6c983081579effba3169d3b8e59f71
8c23e15a254d65a782f6e996a5fc57eff215ac34035647ed1636dfc9227a7972
GET /it/u=3582644968,505500675&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpeg
Content-Length: 113439
Connection: keep-alive
Expires: Tue, 07 Feb 2023 06:25:29 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: e88249d37e06c501a4347c903a0ba4c7
Age: 166428
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 06:25:29 GMT
Ohc-Cache-HIT: lz4ct52 [4], suzix194 [2]
Ohc-File-Size: 113439
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/42647.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/42647.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/42647.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2942779562,2816975990&fm=224&app=112&f=JPEG?w=500&h=500
sofire.baidu.com/h5/e/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/e/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/e/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://12803.url.tudown.com/
Origin: http://12803.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12803.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Fri, 13 Jan 2023 20:49:20 GMT
X-Firefox-Spdy: h2
wn.pos.baidu.com/adx.php?c=d25pZD02N2IxMWM4NTcxNTJiMWJlAHM9NjdiMTFjODU3MTUyYjFiZQB0PTE2NzM2NDI5NTkAc2U9MQBidT00AHByaWNlPVk4SER6d0FBeGU1N2pFcGdXNUlBOGd3YjhmLU1FbHlXbEVBNVFnAGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MjQ5MjU2MTk2OAB0dT11NTAzOTUyNABhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz01AGVpZD0wAGNiaWQ9WThIRHp3QUF4ZTU3akVwZ1c1SUE4Z3diOGYtTUVseVdsRUE1UWcAYmNobWQ9MAB0bT0wAHY9MQBpPWZlYTM5Njk2
182.61.62.32200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD02N2IxMWM4NTcxNTJiMWJlAHM9NjdiMTFjODU3MTUyYjFiZQB0PTE2NzM2NDI5NTkAc2U9MQBidT00AHByaWNlPVk4SER6d0FBeGU1N2pFcGdXNUlBOGd3YjhmLU1FbHlXbEVBNVFnAGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MjQ5MjU2MTk2OAB0dT11NTAzOTUyNABhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz01AGVpZD0wAGNiaWQ9WThIRHp3QUF4ZTU3akVwZ1c1SUE4Z3diOGYtTUVseVdsRUE1UWcAYmNobWQ9MAB0bT0wAHY9MQBpPWZlYTM5Njk2
IP 182.61.62.32:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD02N2IxMWM4NTcxNTJiMWJlAHM9NjdiMTFjODU3MTUyYjFiZQB0PTE2NzM2NDI5NTkAc2U9MQBidT00AHByaWNlPVk4SER6d0FBeGU1N2pFcGdXNUlBOGd3YjhmLU1FbHlXbEVBNVFnAGNoYXJnZV9wcmljZT0yAHNoYXJpbmdfcHJpY2U9MjAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MjQ5MjU2MTk2OAB0dT11NTAzOTUyNABhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz01AGVpZD0wAGNiaWQ9WThIRHp3QUF4ZTU3akVwZ1c1SUE4Z3diOGYtTUVseVdsRUE1UWcAYmNobWQ9MAB0bT0wAHY9MQBpPWZlYTM5Njk2 HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Fri, 13 Jan 2023 20:49:20 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=536221E8AB5D8106984DA1336200EA27:FG=1; expires=Sat, 13-Jan-24 20:49:20 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
t14.baidu.com/it/u=2942779562,2816975990&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 32 kB URL HTTP/1.1 t14.baidu.com/it/u=2942779562,2816975990&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ef20a07747eb2ffda62be4ab3c1550aa
562b11b8baac781cd519b14b0989e61062f9fa9d
dd457b4e249f747027d5c708d57f57783bb08157d0fd2eb4679050b429728cbb
GET /it/u=2942779562,2816975990&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpeg
Content-Length: 31669
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:27:38 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: ef20a07747eb2ffda62be4ab3c1550aa
Age: 171848
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:27:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache64 [4], csix92 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31669
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2073552160,1954565564&fm=253&fmt=auto&app=138&f=JPEG?w=507&h=500
125.74.1.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=2073552160,1954565564&fm=253&fmt=auto&app=138&f=JPEG?w=507&h=500
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 507x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2ac71cd28c593700a773e8aff18ddce0
49d83b7ca97a13847152290703d64ddc8664f632
1ddf3fc969c4be1f6ca468f59fd212321519579813c7489146160a8dd502fc94
GET /it/u=2073552160,1954565564&fm=253&fmt=auto&app=138&f=JPEG?w=507&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:20 GMT
content-type: image/webp
content-length: 17150
expires: Sun, 22 Jan 2023 22:59:17 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 2ac71cd28c593700a773e8aff18ddce0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 22:59:17 GMT
ohc-cache-hit: lz4ct72 [1], czix99 [2]
ohc-file-size: 17150
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2040697761,1407691448&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
182.40.78.35200 OK 33 kB URL HTTP/2 img1.baidu.com/it/u=2040697761,1407691448&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 68392ebaaac948b89a13eb8147d0565d
a3fca95b32d9b451565638d659a1835120f2347a
0be41c13ddc07153885ab92891766a07d83f4b1b3e28d739f2ea61cb997691fe
GET /it/u=2040697761,1407691448&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:20 GMT
content-type: image/webp
content-length: 32808
expires: Sun, 22 Jan 2023 10:36:34 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 68392ebaaac948b89a13eb8147d0565d
age: 70802
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 10:36:34 GMT
ohc-cache-hit: jn3ct57 [4], xaix57 [4]
ohc-file-size: 32808
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/715237.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/715237.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/715237.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:20 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 57 kB URL HTTP/1.1 t14.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash cdc24465d02cef5dbf5ff3f9eef95822
f688d3e1c68427475d43888b4821ba4fef52f4ef
c4ee317b1038f857654f2dcb1be0f0d7db69fbf10751dd157e32314b6dd26caa
GET /it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpeg
Content-Length: 56665
Connection: keep-alive
Expires: Sun, 05 Feb 2023 11:31:22 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: cdc24465d02cef5dbf5ff3f9eef95822
Age: 401413
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 11:31:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache57 [1], xaix200 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 56665
X-Cache-Status: HIT
Timing-Allow-Origin: *
wn.pos.baidu.com/adx.php?c=d25pZD0zOTQwYjZjYjBkMTI4MGNjAHM9Mzk0MGI2Y2IwZDEyODBjYwB0PTE2NzM2NDI5NTkAc2U9MQBidT00AHByaWNlPVk4SER6d0FBd3JoN2pFcGdXNUlBOHJ6TEF1VzRvUS1tVU11WTNBAGNoYXJnZV9wcmljZT0yOABzaGFyaW5nX3ByaWNlPTI4MDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0zOTU4NDk5NjE5AHR1PXU0OTY1ODk0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZOEhEendBQXdyaDdqRXBnVzVJQThyekxBdVc0b1EtbVVNdVkzQQBiY2htZD0wAHRtPTAAdj0xAGk9NWYyYjdiODY
182.61.62.32200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD0zOTQwYjZjYjBkMTI4MGNjAHM9Mzk0MGI2Y2IwZDEyODBjYwB0PTE2NzM2NDI5NTkAc2U9MQBidT00AHByaWNlPVk4SER6d0FBd3JoN2pFcGdXNUlBOHJ6TEF1VzRvUS1tVU11WTNBAGNoYXJnZV9wcmljZT0yOABzaGFyaW5nX3ByaWNlPTI4MDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0zOTU4NDk5NjE5AHR1PXU0OTY1ODk0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZOEhEendBQXdyaDdqRXBnVzVJQThyekxBdVc0b1EtbVVNdVkzQQBiY2htZD0wAHRtPTAAdj0xAGk9NWYyYjdiODY
IP 182.61.62.32:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD0zOTQwYjZjYjBkMTI4MGNjAHM9Mzk0MGI2Y2IwZDEyODBjYwB0PTE2NzM2NDI5NTkAc2U9MQBidT00AHByaWNlPVk4SER6d0FBd3JoN2pFcGdXNUlBOHJ6TEF1VzRvUS1tVU11WTNBAGNoYXJnZV9wcmljZT0yOABzaGFyaW5nX3ByaWNlPTI4MDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0zOTU4NDk5NjE5AHR1PXU0OTY1ODk0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZOEhEendBQXdyaDdqRXBnVzVJQThyekxBdVc0b1EtbVVNdVkzQQBiY2htZD0wAHRtPTAAdj0xAGk9NWYyYjdiODY HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Fri, 13 Jan 2023 20:49:21 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=C67BB0D01F449C2ABC7F328C83F33B04:FG=1; expires=Sat, 13-Jan-24 20:49:21 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
sofire.baidu.com/h5/t/8800
36.110.192.156200 OK 591 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with very long lines (591), with no line terminators
Hash f92f75e1a9db1264f1ad5a6fddb04389
6d52fe62c1496f7b954f760fc833e54a46e62a77
94803a0d434d67744d4b5f8f062eb9598ddaa83f0931f31a4993cb57f759acf7
POST /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
X-Bdh5-Pf: 1
Content-Length: 3326
Origin: http://12803.url.tudown.com
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12803.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Fri, 13 Jan 2023 20:49:21 GMT
content-length: 591
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3393785221,917426829&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=370
125.74.1.35200 OK 11 kB URL HTTP/2 img0.baidu.com/it/u=3393785221,917426829&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=370
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x370, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1812fd38adf634991a3383b65b73eb06
c7cfae0d192886e25b47fb734235c0f6df7f2a3e
47ad5103d048c13f83a82eb8e826261a4d436db9545569a583a8b81ff63c82e3
GET /it/u=3393785221,917426829&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=370 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 10596
expires: Thu, 02 Feb 2023 03:40:09 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 1812fd38adf634991a3383b65b73eb06
age: 8346
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 03:40:09 GMT
ohc-cache-hit: lz4ct53 [4], xiangyix199 [4]
ohc-file-size: 10596
x-cache-status: HIT
X-Firefox-Spdy: h2
sofire.baidu.com/h5/e/8800
36.110.192.156200 OK 77 B URL HTTP/2 sofire.baidu.com/h5/e/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 59739cb33678e76b41442a78d87183a5
18dbfb865a7cb21b84d66cb1bcfcb6ee7955d269
4d77d7a47912c1d9809c37d55be53e9b5b0ec466dedb04ed6deb6d8a37507878
POST /h5/e/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Bdh5-Pf: 1
Origin: http://12803.url.tudown.com
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://12803.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Fri, 13 Jan 2023 20:49:21 GMT
content-length: 77
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/454535.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/454535.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/454535.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1947522938,4108008651&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=434
12803.url.tudown.com/uploads/images/435698.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/435698.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/435698.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1464759965,2347452094&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
12803.url.tudown.com/uploads/images/323867.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/323867.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/323867.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=340143712,2330178855&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/691504.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/691504.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/691504.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3480221762,1365393046&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
img1.baidu.com/it/u=4014731863,2947911801&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
182.40.78.35200 OK 110 kB URL HTTP/2 img1.baidu.com/it/u=4014731863,2947911801&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 110 kB (110162 bytes)
Hash 02ee0fba7a835f16acb229445d6fc665
de4573ac3b3d1e2f4244c16d20754b99c9d33dd1
e93d0dc45fe06d0edbc6ab9bf971b55caee13a48317dcba51604906b6faa9c5c
GET /it/u=4014731863,2947911801&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 110162
expires: Sun, 15 Jan 2023 07:17:06 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 02ee0fba7a835f16acb229445d6fc665
age: 554093
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 16 Dec 2022 07:17:06 GMT
ohc-cache-hit: jn3ct72 [4], bdix188 [2]
ohc-file-size: 110162
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/183992.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/183992.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/183992.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2968735583,2880346486&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=1551797485,3330912731&fm=253&fmt=auto&app=138&f=JPEG?w=279&h=419
182.40.78.35200 OK 30 kB URL HTTP/2 img1.baidu.com/it/u=1551797485,3330912731&fm=253&fmt=auto&app=138&f=JPEG?w=279&h=419
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 279x419, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a75052fd9562ae43fc0ee769066b7a6d
2a6706c192a81ab97bc8837323fccf992b832f22
6afee078dcf06a55d3aff11940a5e5a22c9d7a22b668d3956d2b8bdbaf9c3d11
GET /it/u=1551797485,3330912731&fm=253&fmt=auto&app=138&f=JPEG?w=279&h=419 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 30384
expires: Wed, 18 Jan 2023 06:49:33 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: a75052fd9562ae43fc0ee769066b7a6d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 06:49:33 GMT
ohc-cache-hit: jn3ct54 [1], qdix221 [2]
ohc-file-size: 30384
x-cache-status: MISS
X-Firefox-Spdy: h2
cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
220.169.152.35200 OK 4.5 kB URL HTTP/2 cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
IP 220.169.152.35:0
File type PNG image data, 44 x 984, 8-bit colormap, non-interlaced\012- data
Hash 3e2d110dd13ae372eac3c04347687487
666c77091671206a1ee7202bfa821afa63dfed94
4b86aeb9d139835e6517cef965d3442d8efca774abc2d6befc580ec63aace62e
GET /cpro/ui/noexpire/img/2.0.0/native_ad.png HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/png
content-length: 4514
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 01 Apr 2022 07:05:03 GMT
etag: "6246a41f-11a2"
cache-control: max-age=315360000
age: 65407
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Tue, 21 Jun 2022 04:49:12 GMT
ohc-cache-hit: yy2ct60 [2], wzix60 [2]
ohc-file-size: 4514
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4113198466,1522172009&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
182.40.78.35200 OK 30 kB URL HTTP/2 img1.baidu.com/it/u=4113198466,1522172009&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14ae649886884d0858b74584c9256ba1
d04f9e31ec9086501d7378b24debb3d9de081ebd
78316fce46732a4d07c57c907978c2923d1f9d41ed9a4e505042ef745c82c028
GET /it/u=4113198466,1522172009&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 29904
expires: Sat, 21 Jan 2023 09:30:28 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 14ae649886884d0858b74584c9256ba1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 09:30:28 GMT
ohc-cache-hit: jn3ct70 [1], xiangyix165 [2]
ohc-file-size: 29904
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=340143712,2330178855&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124304 Not Modified 0 B URL HTTP/1.1 t15.baidu.com/it/u=340143712,2330178855&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /it/u=340143712,2330178855&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
If-Modified-Since: Sun, 11 Jan 1970 00:00:00 GMT
If-None-Match: 783e8f3119c4c5bfd04f1bc1923605d1
HTTP/1.1 304 Not Modified
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpeg
Connection: keep-alive
Expires: Sun, 15 Jan 2023 01:26:52 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 783e8f3119c4c5bfd04f1bc1923605d1
Age: 1446043
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 16 Dec 2022 01:26:52 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache61 [1], czix188 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57891
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/327527.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/327527.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/327527.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2261658532,3780420007&fm=253&app=120&f=JPEG?w=1280&h=800
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-d658766aebfcef480b2dbc75734bb25be6cafde4&9=0&10=0&11=1682&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&t=1673642945212&r=lo
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-d658766aebfcef480b2dbc75734bb25be6cafde4&9=0&10=0&11=1682&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&t=1673642945212&r=lo
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-d658766aebfcef480b2dbc75734bb25be6cafde4&9=0&10=0&11=1682&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F12803.url.tudown.com%2Fdown%2F%25E5%2590%2595%25E5%25B8%2583%25E4%25BC%25A02016%40281_110636.exe&t=1673642945212&r=lo HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Fri, 13 Jan 2023 20:49:21 GMT
content-length: 0
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1947522938,4108008651&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=434
182.40.78.35200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=1947522938,4108008651&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=434
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x434, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c610bfe3b5e94d966558be7ad47a6ab8
ec3aecc9bb443c612a378fba2d3b99581b1d3a0f
e1b9484a4913bec4629e542d4d63ef13b6ab8ee36c7bff8a3b14876992fae7d7
GET /it/u=1947522938,4108008651&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=434 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 16956
expires: Sun, 22 Jan 2023 23:42:41 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: c610bfe3b5e94d966558be7ad47a6ab8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 23:42:41 GMT
ohc-cache-hit: jn3ct54 [1], suzix121 [2]
ohc-file-size: 16956
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/26350.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/26350.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/26350.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1266412871,576002625&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=280
img1.baidu.com/it/u=1464759965,2347452094&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
182.40.78.35200 OK 39 kB URL HTTP/2 img1.baidu.com/it/u=1464759965,2347452094&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6d7f817c9f0963f05e8c71c1177334d7
9cdb8abf25fe3e40580fe052c75c5c025c1d82ab
73ca273220748f1564b83d319f4eca15e73009d74628301f5d7cd1a3470cb664
GET /it/u=1464759965,2347452094&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 39014
expires: Fri, 20 Jan 2023 11:10:24 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 6d7f817c9f0963f05e8c71c1177334d7
age: 1651
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 11:10:24 GMT
ohc-cache-hit: jn3ct57 [4], bdix57 [2]
ohc-file-size: 39014
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/46130.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/46130.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/46130.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1659083339,3866357200&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/542138.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/542138.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/542138.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284
img0.baidu.com/it/u=3480221762,1365393046&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
125.74.1.35200 OK 45 kB URL HTTP/2 img0.baidu.com/it/u=3480221762,1365393046&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 754c97854c3569005080f33ca57b4c69
c5f80eaa826c2f0c72774be47075f07e6bf95e8d
a368f9dc193da5d904b8221893839483c5d9e07ae2d96d5e52b0ec008eee6ecc
GET /it/u=3480221762,1365393046&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 44878
expires: Fri, 27 Jan 2023 14:01:29 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 754c97854c3569005080f33ca57b4c69
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 14:01:29 GMT
ohc-cache-hit: lz4ct52 [1], czix181 [2]
ohc-file-size: 44878
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/73222.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/73222.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/73222.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2417229615,421980282&fm=253&fmt=auto?w=1422&h=800
img1.baidu.com/it/u=2968735583,2880346486&fm=253&app=120&f=JPEG?w=1280&h=800
182.40.78.35200 OK 81 kB URL HTTP/1.1 img1.baidu.com/it/u=2968735583,2880346486&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.40.78.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 055177ba6b944aa5847964c2adb0eba5
9aae73ef6dd63dd40478a5d7781495d15d567a2d
d67745fc754446f2300059257d8f1782b2b3b9284fa88468ee49031040db094b
GET /it/u=2968735583,2880346486&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpeg
Content-Length: 80641
Connection: keep-alive
Expires: Sun, 12 Feb 2023 14:16:56 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 055177ba6b944aa5847964c2adb0eba5
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 14:16:56 GMT
Ohc-Cache-HIT: jn3ct57 [1], csix116 [2]
Ohc-File-Size: 80641
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/257006.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/257006.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/257006.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3703052397,2199014489&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
12803.url.tudown.com/uploads/images/772697.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/772697.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/772697.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3523343612,1422212921&fm=253&app=120&f=JPEG?w=1280&h=800
img0.baidu.com/it/u=1266412871,576002625&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=280
125.74.1.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=1266412871,576002625&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=280
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aade7333fa87d87fbb580d97f4a8d95e
3f5028191a167b6345bfd643e9117c52ab096385
23bc70746f429eb2a6fb8a9848ec4413fd0bd33095c4254df6f2c27374186d78
GET /it/u=1266412871,576002625&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=280 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 16240
expires: Sun, 29 Jan 2023 03:59:49 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: aade7333fa87d87fbb580d97f4a8d95e
age: 390012
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 03:59:49 GMT
ohc-cache-hit: lz4ct64 [4], qdix201 [2]
ohc-file-size: 16240
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/504358.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/504358.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/504358.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4206600276,275862762&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1098
img1.baidu.com/it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284
182.40.78.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x284, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5cf34726fa4301d9a6aa20ab01c48949
c2e2d62afa7f9ea8c84926317c4e24b9a5ca1550
812b249dbeb71ddf6a9584ee84215a82faaa1934e55b6469b91624c6352fd8e2
GET /it/u=1165601543,2620101250&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=284 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 15312
expires: Sun, 15 Jan 2023 19:06:01 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 5cf34726fa4301d9a6aa20ab01c48949
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 16 Dec 2022 19:06:01 GMT
ohc-cache-hit: jn3ct71 [1], qdix219 [4]
ohc-file-size: 15312
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/686511.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/686511.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/686511.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=183882816,1434396582&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=573
12803.url.tudown.com/uploads/images/105785.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/105785.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/105785.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3680394737,2253167893&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=270
img0.baidu.com/it/u=2261658532,3780420007&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.1.35200 OK 88 kB URL HTTP/1.1 img0.baidu.com/it/u=2261658532,3780420007&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.1.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 3c7b1b2a0cc2d1a4ac1431196f0494f7
8c24f155cb141c4528095429400ef72745f95c8b
3a8445764d3c50d7c80bd287c004826f94e9aabfd0a31828ba4b7de986de4555
GET /it/u=2261658532,3780420007&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpeg
Content-Length: 88194
Connection: keep-alive
Expires: Sun, 29 Jan 2023 03:30:22 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 3c7b1b2a0cc2d1a4ac1431196f0494f7
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 30 Dec 2022 03:30:22 GMT
Ohc-Cache-HIT: lz4ct65 [1], xiangyix113 [2]
Ohc-File-Size: 88194
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/951294.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/951294.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/951294.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=4049047788,76782780&fm=224&app=112&f=JPEG?w=500&h=500&s=CB85618ECDD697F94B24349203008020
img2.baidu.com/it/u=3703052397,2199014489&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
125.74.110.35200 OK 5.5 kB URL HTTP/2 img2.baidu.com/it/u=3703052397,2199014489&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9164ecc14c9272878c8b087898215dab
3e8c0f28bc73a16648e362e759b8d0a26277da74
c70f802c0772092caa4ae58756876bb0bb6fc40a3a9488438e443c568eceadda
GET /it/u=3703052397,2199014489&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 5492
expires: Sun, 22 Jan 2023 04:05:15 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 9164ecc14c9272878c8b087898215dab
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 04:05:15 GMT
ohc-cache-hit: lz6ct50 [1], czix80 [2]
ohc-file-size: 5492
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=4049047788,76782780&fm=224&app=112&f=JPEG?w=500&h=500&s=CB85618ECDD697F94B24349203008020
185.10.104.124200 OK 76 kB URL HTTP/1.1 t14.baidu.com/it/u=4049047788,76782780&fm=224&app=112&f=JPEG?w=500&h=500&s=CB85618ECDD697F94B24349203008020
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 3251f64de0486f5be0af7a2a8cb04e4d
76adb13b46ade918af704b55586d24f015ba40eb
efd9c989ca1c44bbb61a51a1d88b1caada0d2f8ca7d1ce408e1cfcc36ce6b7f2
GET /it/u=4049047788,76782780&fm=224&app=112&f=JPEG?w=500&h=500&s=CB85618ECDD697F94B24349203008020 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpeg
Content-Length: 75565
Connection: keep-alive
Expires: Fri, 27 Jan 2023 10:58:51 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 3251f64de0486f5be0af7a2a8cb04e4d
Age: 171102
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 10:58:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache64 [4], xaix122 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 75565
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/33529.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/33529.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/33529.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2272015776,954508770&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/861427.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/861427.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/861427.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=28409997,3938595205&fm=253&fmt=auto&app=138&f=JPEG?w=584&h=365
img2.baidu.com/it/u=4206600276,275862762&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1098
125.74.110.35200 OK 44 kB URL HTTP/2 img2.baidu.com/it/u=4206600276,275862762&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1098
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1098, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8d893778c557e74248ae0f4ea76db71d
036280be262480dbc087a8a0454af906e356b56b
43ea97346f8282b9323d3f8aa3c2ddc283963a3cf3fc0cb88321001690f1e3ce
GET /it/u=4206600276,275862762&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1098 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:21 GMT
content-type: image/webp
content-length: 43752
expires: Mon, 30 Jan 2023 02:37:01 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 8d893778c557e74248ae0f4ea76db71d
age: 156784
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 31 Dec 2022 02:37:01 GMT
ohc-cache-hit: lz6ct62 [4], xiangyix154 [2]
ohc-file-size: 43752
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=2272015776,954508770&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 41 kB URL HTTP/1.1 t15.baidu.com/it/u=2272015776,954508770&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 67d519d89ace3b9311ffe4d8505522c9
86a71d7a3559df3eb608f48c23d800904af60eaf
6987a8f8b71ed20b69a27fcbb99a9495453415a63604d8b0ec3da09794388480
GET /it/u=2272015776,954508770&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpeg
Content-Length: 41185
Connection: keep-alive
Expires: Thu, 02 Feb 2023 10:02:36 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 67d519d89ace3b9311ffe4d8505522c9
Age: 170943
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 10:02:36 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache50 [4], qdix150 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 41185
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1659083339,3866357200&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.1.35200 OK 89 kB URL HTTP/1.1 img0.baidu.com/it/u=1659083339,3866357200&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.1.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 624fa22a179a6eadebda41242da9a91a
8f9bc398f8299e8eaf946740b609233cb8b3a3af
d3f6dd475cbacc7dc8c3c6f5e48d08760af0eec2df18411472a5c0013ee2963f
GET /it/u=1659083339,3866357200&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpeg
Content-Length: 89173
Connection: keep-alive
Expires: Thu, 09 Feb 2023 03:52:22 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 624fa22a179a6eadebda41242da9a91a
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 03:52:22 GMT
Ohc-Cache-HIT: lz4ct72 [1], csix107 [2]
Ohc-File-Size: 89173
X-Cache-Status: MISS
img1.baidu.com/it/u=2417229615,421980282&fm=253&fmt=auto?w=1422&h=800
182.40.78.35200 OK 51 kB URL HTTP/1.1 img1.baidu.com/it/u=2417229615,421980282&fm=253&fmt=auto?w=1422&h=800
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7fe7940f299ab3855ef0e05889f7a2b3
6bffb912c361216094c4b02f494879ac5c3deb81
3b1bb42b9e7e1a007e0f939b7de32c8e5aa466121772603671d553fc986936f7
GET /it/u=2417229615,421980282&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/webp
Content-Length: 50598
Connection: keep-alive
Expires: Thu, 19 Jan 2023 07:21:25 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 7fe7940f299ab3855ef0e05889f7a2b3
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 20 Dec 2022 07:21:25 GMT
Ohc-Cache-HIT: jn3ct82 [1], bdix142 [2]
Ohc-File-Size: 50598
X-Cache-Status: MISS
img2.baidu.com/it/u=183882816,1434396582&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=573
125.74.110.35200 OK 15 kB URL HTTP/2 img2.baidu.com/it/u=183882816,1434396582&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=573
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 440x573, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d9c93b46761d4673cb478321ea4851f7
4109bbad0155fcd83a3987d5d9cc154958893fa6
df3d3e1148007fcc5ab8d802fec35a303b1c22f9f1a267b6c280a17e048e6365
GET /it/u=183882816,1434396582&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=573 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:22 GMT
content-type: image/webp
content-length: 14968
expires: Sat, 21 Jan 2023 12:42:52 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d9c93b46761d4673cb478321ea4851f7
age: 150707
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 12:42:52 GMT
ohc-cache-hit: lz6ct61 [4], xaix244 [2]
ohc-file-size: 14968
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/634567.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/634567.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/634567.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2688390421,310851128&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=3680394737,2253167893&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=270
182.40.78.35200 OK 22 kB URL HTTP/2 img1.baidu.com/it/u=3680394737,2253167893&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=270
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 480x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 632387cda95c8f57259b0fbc95ad1508
ca4f9469ab51f6e59fef883e5c4a995dd8cd2106
ac651be11c17d9362df1c6d3867f6dc33b4fcd764c79a2e00f3b332abb7adcb3
GET /it/u=3680394737,2253167893&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=270 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:22 GMT
content-type: image/webp
content-length: 22290
expires: Wed, 18 Jan 2023 19:17:52 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 632387cda95c8f57259b0fbc95ad1508
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 19:17:52 GMT
ohc-cache-hit: jn3ct54 [1], qdix54 [2]
ohc-file-size: 22290
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3523343612,1422212921&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.110.35200 OK 106 kB URL HTTP/1.1 img2.baidu.com/it/u=3523343612,1422212921&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.110.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 106 kB (105679 bytes)
Hash 4061d045a409903032f93c7bce870da2
3d610268a81ef2eb1bb6dade6c7b8eefa8c0094c
80d333bda14dde17e08faab8525ed9daf0b4e43f1acb44484fda8cbb9d2d7a57
GET /it/u=3523343612,1422212921&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:21 GMT
Content-Type: image/jpeg
Content-Length: 105679
Connection: keep-alive
Expires: Fri, 03 Feb 2023 11:16:02 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 4061d045a409903032f93c7bce870da2
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 11:16:02 GMT
Ohc-Cache-HIT: lz6ct60 [1], bdix139 [2]
Ohc-File-Size: 105679
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/728274.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/728274.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/728274.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1478380730,832256753&fm=253&fmt=auto&app=138&f=JPG?w=561&h=500
12803.url.tudown.com/uploads/images/982493.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/982493.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/982493.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1205739495,1245237169&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
12803.url.tudown.com/uploads/images/596942.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/596942.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/596942.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1430908940,238574966&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
12803.url.tudown.com/uploads/images/781179.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/781179.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/781179.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3382288167,2523748933&fm=253&fmt=auto?w=1280&h=800
img2.baidu.com/it/u=28409997,3938595205&fm=253&fmt=auto&app=138&f=JPEG?w=584&h=365
125.74.110.35200 OK 16 kB URL HTTP/2 img2.baidu.com/it/u=28409997,3938595205&fm=253&fmt=auto&app=138&f=JPEG?w=584&h=365
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 584x365, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 315ccca30f855ad54fb6a24f83c34962
31b5647184445159032062bb15718edd8b632ed6
dc9802ce8ea8772713313e7846e112a91bd5e75536a5a2043c8d1b37eddd0db8
GET /it/u=28409997,3938595205&fm=253&fmt=auto&app=138&f=JPEG?w=584&h=365 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:22 GMT
content-type: image/webp
content-length: 16070
expires: Sun, 29 Jan 2023 04:28:20 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 315ccca30f855ad54fb6a24f83c34962
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 04:28:20 GMT
ohc-cache-hit: lz6ct61 [1], xiangyix194 [2]
ohc-file-size: 16070
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/22689.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/22689.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/22689.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2250372665,4131499017&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/614582.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/614582.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/614582.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2179758687,2656114737&fm=253&app=120&f=JPEG?w=1422&h=800
img0.baidu.com/it/u=1205739495,1245237169&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
125.74.1.35200 OK 4.9 kB URL HTTP/2 img0.baidu.com/it/u=1205739495,1245237169&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b777e8397fff5831e281d1d256b32e87
55608c227b0d5e91bd47e1653d5a326cc6afa107
5e91b497ec03639bd756175e7226acc860e07d3f86604ace456fc68905bae452
GET /it/u=1205739495,1245237169&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:22 GMT
content-type: image/webp
content-length: 4880
expires: Wed, 25 Jan 2023 05:49:58 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: b777e8397fff5831e281d1d256b32e87
age: 688381
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 05:49:58 GMT
ohc-cache-hit: lz4ct50 [4], xaix199 [4]
ohc-file-size: 4880
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/289298.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/289298.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/289298.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=1430908940,238574966&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
182.40.78.35200 OK 4.3 kB URL HTTP/2 img1.baidu.com/it/u=1430908940,238574966&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP 182.40.78.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 30323ed72abcb47d7602351f226708f8
e1976a95731ecdb1057d1d7fce69816db58d427f
65c927289db7b7816f7d3f7895ae712aaf294bf08be5e5f77cf883b9d7a6b9cb
GET /it/u=1430908940,238574966&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:22 GMT
content-type: image/webp
content-length: 4252
expires: Fri, 20 Jan 2023 02:33:50 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 30323ed72abcb47d7602351f226708f8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 02:33:50 GMT
ohc-cache-hit: jn3ct73 [1], bdix91 [2]
ohc-file-size: 4252
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/397686.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/397686.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/397686.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3468574198,3733177484&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=622
12803.url.tudown.com/uploads/images/275636.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/275636.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/275636.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1626739494,1664083240&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=2688390421,310851128&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.1.35200 OK 69 kB URL HTTP/1.1 img0.baidu.com/it/u=2688390421,310851128&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.1.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash c1d9b0a20c9d31bde5ff9694a64ca11a
8bdcdfd3bda3024aeb1e1030ad993dc84f3174db
807a69cccde2ed24645da418fa2edab0a940d43f3474440e029998faca537c96
GET /it/u=2688390421,310851128&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpeg
Content-Length: 68737
Connection: keep-alive
Expires: Thu, 02 Feb 2023 06:10:43 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: c1d9b0a20c9d31bde5ff9694a64ca11a
Age: 170947
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 06:10:43 GMT
Ohc-Cache-HIT: lz4ct62 [4], xiangyix97 [4]
Ohc-File-Size: 68737
X-Cache-Status: HIT
t15.baidu.com/it/u=2250372665,4131499017&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 52 kB URL HTTP/1.1 t15.baidu.com/it/u=2250372665,4131499017&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f3af04aa512bbc7ababc97537cf5afe6
a354396ccddfd6760f5647e35ba5625f1bb92f8c
b9fd8950300912d1985b97277481d710c3802035075f250ae01f59db58d80bae
GET /it/u=2250372665,4131499017&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpeg
Content-Length: 51685
Connection: keep-alive
Expires: Sat, 04 Feb 2023 21:26:47 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: f3af04aa512bbc7ababc97537cf5afe6
Age: 170425
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 21:26:47 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache53 [1], xiangyix169 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51685
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t13.baidu.com/it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0040264420ef153ab3c0b7e7e83d0b42
f6ac9efcf4df9f7ec29859c8e94b2e8b1415bc76
820fda4cc93ddedda12c439a81a29b7fd5b0e2a948aeb231d20ba058474d3575
GET /it/u=3993228290,1779746090&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpeg
Content-Length: 39445
Connection: keep-alive
Expires: Tue, 17 Jan 2023 09:37:21 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 0040264420ef153ab3c0b7e7e83d0b42
Age: 1617944
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 18 Dec 2022 09:37:20 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache60 [1], wzix117 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39445
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=3382288167,2523748933&fm=253&fmt=auto?w=1280&h=800
125.74.110.35200 OK 124 kB URL HTTP/2 img2.baidu.com/it/u=3382288167,2523748933&fm=253&fmt=auto?w=1280&h=800
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 124 kB (124358 bytes)
Hash 82b6c31283630e3d2648444cdda2670c
62747dcf7256d12a50ff260d40e679d0f77a260d
6c7c4c322772a977b084df75029227cdebe96c39b4e4b7a88a7215e20bb04409
GET /it/u=3382288167,2523748933&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:22 GMT
content-type: image/webp
content-length: 124358
expires: Sat, 11 Feb 2023 01:46:05 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 82b6c31283630e3d2648444cdda2670c
age: 97836
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 01:46:05 GMT
ohc-cache-hit: lz6ct63 [4], xiangyix89 [4]
ohc-file-size: 124358
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/323661.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/323661.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/323661.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2779127374,1603055162&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/405305.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/405305.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/405305.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540
t15.baidu.com/it/u=1626739494,1664083240&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 60 kB URL HTTP/1.1 t15.baidu.com/it/u=1626739494,1664083240&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2782f47fec88092bea09fbd7f661e266
d9fc408a701ed4c686acd3da0da44d0128363bd6
d59791f6ebf4ba105d563144fbd681e5ec315b20eadb89919ff887a6b75f6acf
GET /it/u=1626739494,1664083240&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpeg
Content-Length: 59535
Connection: keep-alive
Expires: Sat, 14 Jan 2023 15:18:25 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 2782f47fec88092bea09fbd7f661e266
Age: 171836
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 15 Dec 2022 15:18:25 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache58 [1], xiangyix122 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 59535
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1478380730,832256753&fm=253&fmt=auto&app=138&f=JPG?w=561&h=500
125.74.1.35200 OK 28 kB URL HTTP/2 img0.baidu.com/it/u=1478380730,832256753&fm=253&fmt=auto&app=138&f=JPG?w=561&h=500
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 561x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2f77a08e29d3bd738a4611f6904ecfd7
6c4bf2de75056c62cb2d728c4db9cf5746fb9029
476c1c6bb827e591c8e7cb42920667f1d5c209acf63acbed7e32c6b1d8e4401f
GET /it/u=1478380730,832256753&fm=253&fmt=auto&app=138&f=JPG?w=561&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:22 GMT
content-type: image/webp
content-length: 28100
expires: Sun, 22 Jan 2023 13:17:05 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 2f77a08e29d3bd738a4611f6904ecfd7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 13:17:05 GMT
ohc-cache-hit: lz4ct65 [1], bdix159 [2]
ohc-file-size: 28100
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/274251.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/274251.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/274251.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1962900692,349528856&fm=224&app=112&f=JPEG?w=500&h=500&s=78F6209E000522F85296FD760300B069
img1.baidu.com/it/u=2179758687,2656114737&fm=253&app=120&f=JPEG?w=1422&h=800
182.40.78.35200 OK 97 kB URL HTTP/1.1 img1.baidu.com/it/u=2179758687,2656114737&fm=253&app=120&f=JPEG?w=1422&h=800
IP 182.40.78.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Hash aa56613d3824458bdf82758ebc994c84
461f0a13adc1e8a87f8374bc40a66402b7348a7d
475df7a82ca96d74133eb00d056efd4d36342100fb65da138512b591934c603d
GET /it/u=2179758687,2656114737&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpeg
Content-Length: 97284
Connection: keep-alive
Expires: Sat, 21 Jan 2023 00:48:00 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: aa56613d3824458bdf82758ebc994c84
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 22 Dec 2022 00:48:00 GMT
Ohc-Cache-HIT: jn3ct67 [1], xiangyix124 [2]
Ohc-File-Size: 97284
X-Cache-Status: MISS
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0013e9db00b6a3eb9f40d36b5ffa1370
51ef63e4917fc895d31a8351a728469a95511018
8cb05fbaa34d97773b8cc4ed804ef9ff6ee2e8a03fb64c9658618632fd6cb34d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 13 Jan 2023 20:49:22 GMT
Ali-Swift-Global-Savetime: 1673642962
Via: cache25.l2de2[46,45,200-0,M], cache25.l2de2[46,0], cache7.se1[68,67,200-0,M], cache7.se1[69,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 20:49:22 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16736429628058295e
12803.url.tudown.com/uploads/images/468274.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/468274.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/468274.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2592493909,2413524070&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/381817.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/381817.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/381817.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=0Xeoo5A2qbjazXmQD1MFCPqLhYJ4WulPzlghT5wjXRlIzP1GK+IDeHQMFTv1PCef8vBP7kxG014bPI7sebgBdpFU6m95MX/OxKN2fua9Sr+UEM8Un71bBhTVf6aCcG8SnCCtlBRy2c3XzaRtnkvsYP1pHNGJ8kjov8dmZEfMlt870ZboQ7/Bzkt7dw/xnKUrUpz2VMAmk2bj0GAW0DOu0Fm8OYFsKFAxUKFbjXzd0vehVm8yyVP0RLip4Zk3x7LrZ5Y1ml0FRSOXTN9+IDihw3kct6CuDWN8fRndAhoNT6DZ6EVo52hp51a6QVHuKlGH/6tiSCCfYct8+nQZnETL/BzXb27Vd+F0jvHca2uvC0Xc57kJzKrABLBDQUt/i6wfiOQzLFzV+Sb1I5iIG4msvg==|LQCej1Co6Eot81+j+y8ALeXEJTjyVNCcFM5tosleNCY=|10|c488b9b0fb2a95b149ddd26a0dafc622
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=864823261,2900204953&fm=253&fmt=auto&app=138&f=JPEG?w=625&h=500
t15.baidu.com/it/u=2779127374,1603055162&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 35 kB URL HTTP/1.1 t15.baidu.com/it/u=2779127374,1603055162&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9393b8bf3aa0701ac3ec3218178bdb38
26ab8114b046618ae9029e7c422ac7631d4ea857
8f3c21203d53c8040a6102e3216c1a47deace92fa2c30f2ccb42d4708fdfd839
GET /it/u=2779127374,1603055162&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpeg
Content-Length: 35046
Connection: keep-alive
Expires: Mon, 16 Jan 2023 09:42:16 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 9393b8bf3aa0701ac3ec3218178bdb38
Age: 1963270
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 17 Dec 2022 09:42:16 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache62 [1], wzix116 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 35046
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1962900692,349528856&fm=224&app=112&f=JPEG?w=500&h=500&s=78F6209E000522F85296FD760300B069
185.10.104.124200 OK 42 kB URL HTTP/1.1 t15.baidu.com/it/u=1962900692,349528856&fm=224&app=112&f=JPEG?w=500&h=500&s=78F6209E000522F85296FD760300B069
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 84e81a969f5457e35889bca98ca398c5
b6044f4b5a7024af76caecd2b8a5baccc1054f80
a9f9957d0197d2855bcd4070ca874f309fa3197f3f1917581e3f824ceed008cd
GET /it/u=1962900692,349528856&fm=224&app=112&f=JPEG?w=500&h=500&s=78F6209E000522F85296FD760300B069 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpeg
Content-Length: 42241
Connection: keep-alive
Expires: Mon, 23 Jan 2023 07:20:31 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 84e81a969f5457e35889bca98ca398c5
Age: 170259
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 24 Dec 2022 07:20:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache50 [2], wzix50 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 42241
X-Cache-Status: HIT
Timing-Allow-Origin: *
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0013e9db00b6a3eb9f40d36b5ffa1370
51ef63e4917fc895d31a8351a728469a95511018
8cb05fbaa34d97773b8cc4ed804ef9ff6ee2e8a03fb64c9658618632fd6cb34d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 20:49:22 GMT
Last-Modified: Fri, 13 Jan 2023 15:48:36 GMT
ETag: "63c17d54-1d7"
Expires: Sun, 15 Jan 2023 15:48:36 GMT
Cache-Control: max-age=154754
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673642963
Via: cache26.l2de2[231,231,200-0,M], cache26.l2de2[233,0], cache2.se1[255,254,200-0,M], cache2.se1[256,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 20:49:23 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9616736429627812517e
t15.baidu.com/it/u=2592493909,2413524070&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 52 kB URL HTTP/1.1 t15.baidu.com/it/u=2592493909,2413524070&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c1f821a0aa85eb64b9f5f2385bc186c1
8213df38108e4b15f4ec97d845aad5a1b1f205f9
1787754cae6bd77a4a0649d0e343a60a01d35e94091d8ffd9a881ece0bd5fd97
GET /it/u=2592493909,2413524070&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Fri, 13 Jan 2023 20:49:22 GMT
Content-Type: image/jpeg
Content-Length: 51852
Connection: keep-alive
Expires: Sat, 04 Feb 2023 15:40:32 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: c1f821a0aa85eb64b9f5f2385bc186c1
Age: 171715
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 15:40:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache65 [4], qdix145 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51852
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3468574198,3733177484&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=622
125.74.1.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=3468574198,3733177484&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=622
IP 125.74.1.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x622, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77beaa6f50b70335c22d94f6a7fd523e
42657f35294b7c9c795879ae7af8b31bfbf0b72b
500a57332ee218105e95a7a042d42dca7836af3cbfe90a0c75ff5fbabbdcaab7
GET /it/u=3468574198,3733177484&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=622 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:22 GMT
content-type: image/webp
content-length: 17260
expires: Fri, 03 Feb 2023 02:38:12 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 77beaa6f50b70335c22d94f6a7fd523e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 02:38:12 GMT
ohc-cache-hit: lz4ct56 [1], xiangyix226 [2]
ohc-file-size: 17260
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540
125.74.110.35200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x540, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a5a89c839fa21ba4bbababa34511342f
2de60273a26da90ddbf60410b47f1f42c3709653
52314c6231e808930866c0b1984f1c12ee60667be2a89b8671d0847bac64aba7
GET /it/u=367606663,3364643501&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=540 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:22 GMT
content-type: image/webp
content-length: 29808
expires: Sun, 22 Jan 2023 05:16:35 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: a5a89c839fa21ba4bbababa34511342f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 05:16:35 GMT
ohc-cache-hit: lz6ct61 [1], suzix162 [4]
ohc-file-size: 29808
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=864823261,2900204953&fm=253&fmt=auto&app=138&f=JPEG?w=625&h=500
125.74.110.35200 OK 17 kB URL HTTP/2 img2.baidu.com/it/u=864823261,2900204953&fm=253&fmt=auto&app=138&f=JPEG?w=625&h=500
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 625x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3ea9ca11b0d8eb4937fba938f4f3ce04
a3688268436ff424799c97978a89d52d4fb3541e
a7a07fa3cb10178882602ae7bc38da13af6ff45cf4a4cb61f36b97c3c66274f1
GET /it/u=864823261,2900204953&fm=253&fmt=auto&app=138&f=JPEG?w=625&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:23 GMT
content-type: image/webp
content-length: 17196
expires: Tue, 24 Jan 2023 10:55:10 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3ea9ca11b0d8eb4937fba938f4f3ce04
age: 152995
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 10:55:10 GMT
ohc-cache-hit: lz6ct65 [4], xiangyix155 [2]
ohc-file-size: 17196
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0013e9db00b6a3eb9f40d36b5ffa1370
51ef63e4917fc895d31a8351a728469a95511018
8cb05fbaa34d97773b8cc4ed804ef9ff6ee2e8a03fb64c9658618632fd6cb34d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Fri, 13 Jan 2023 20:49:23 GMT
Last-Modified: Fri, 13 Jan 2023 15:48:36 GMT
ETag: "63c17d54-1d7"
Expires: Sun, 15 Jan 2023 15:48:36 GMT
Cache-Control: max-age=154753
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673642963
Via: cache6.l2de2[460,459,200-0,M], cache6.l2de2[461,0], cache3.se1[483,483,200-0,M], cache3.se1[485,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 20:49:23 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716736429627817653e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0013e9db00b6a3eb9f40d36b5ffa1370
51ef63e4917fc895d31a8351a728469a95511018
8cb05fbaa34d97773b8cc4ed804ef9ff6ee2e8a03fb64c9658618632fd6cb34d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 13 Jan 2023 20:49:23 GMT
Ali-Swift-Global-Savetime: 1673642963
Via: cache4.l2de2[463,463,200-0,M], cache4.l2de2[465,0], cache8.se1[489,488,200-0,M], cache8.se1[491,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 20:49:23 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16736429627854022e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0013e9db00b6a3eb9f40d36b5ffa1370
51ef63e4917fc895d31a8351a728469a95511018
8cb05fbaa34d97773b8cc4ed804ef9ff6ee2e8a03fb64c9658618632fd6cb34d
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 13 Jan 2023 20:49:23 GMT
Ali-Swift-Global-Savetime: 1673642963
Via: cache19.l2de2[479,479,200-0,M], cache19.l2de2[480,0], cache3.se1[504,503,200-0,M], cache3.se1[505,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 13 Jan 2023 20:49:23 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716736429627657641e
eclick.baidu.com/rs.jpg?pageSearchId=1673642944068gktg9cshjpu&content=%7BpgSacI%22%22634946gt9sju%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F183ultdw.o%2Fon%2559%255E%2588%254B%2500621103.x%22%22aeerhd%3A1762408kgchp%22%5D%22aeerhd%3A1762408kgchp%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F20.r.uoncmdw%2FE%2509%255B%253E%25CA21%408_166ee%2CpgSacI%22%22634946gt9sju%7D%7D
110.242.68.137200 OK 0 B URL HTTP/1.1 eclick.baidu.com/rs.jpg?pageSearchId=1673642944068gktg9cshjpu&content=%7BpgSacI%22%22634946gt9sju%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F183ultdw.o%2Fon%2559%255E%2588%254B%2500621103.x%22%22aeerhd%3A1762408kgchp%22%5D%22aeerhd%3A1762408kgchp%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F20.r.uoncmdw%2FE%2509%255B%253E%25CA21%408_166ee%2CpgSacI%22%22634946gt9sju%7D%7D
IP 110.242.68.137:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rs.jpg?pageSearchId=1673642944068gktg9cshjpu&content=%7BpgSacI%22%22634946gt9sju%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F183ultdw.o%2Fon%2559%255E%2588%254B%2500621103.x%22%22aeerhd%3A1762408kgchp%22%5D%22aeerhd%3A1762408kgchp%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F20.r.uoncmdw%2FE%2509%255B%253E%25CA21%408_166ee%2CpgSacI%22%22634946gt9sju%7D%7D HTTP/1.1
Host: eclick.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: image/jpeg
Date: Fri, 13 Jan 2023 20:49:23 GMT
Etag: "630ecdab-0"
Expires: Fri, 13 Jan 2023 20:49:23 GMT
Last-Modified: Wed, 31 Aug 2022 02:55:39 GMT
Server: nginx
lupic.cdn.bcebos.com/20191203/3019002680_14.jpg
118.112.225.35200 OK 40 kB URL HTTP/2 lupic.cdn.bcebos.com/20191203/3019002680_14.jpg
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 374x267, components 3\012- data
Hash 9132c8aeea8e30753c140a93b266f6df
66febd02e42a1bd190b07ea14c9efca54a302548
196891c82b9756220b355e5c58934fc42aa4c04f37cbef185ac4a109956b81ce
GET /20191203/3019002680_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:23 GMT
content-type: image/jpeg
content-length: 39693
expires: Sun, 15 Jan 2023 08:04:12 GMT
last-modified: Tue, 03 Dec 2019 11:33:29 GMT
etag: "9132c8aeea8e30753c140a93b266f6df"
age: 122007
accept-ranges: bytes
content-md5: kTLIruqOMHU8FAqTsmb23w==
x-bce-content-crc32: 1945341393
x-bce-debug-id: ZMV5mMVH+DQDUpiWsKDRwFtmGXJngdbetsjKc7FV0TkPoPdmhl3WX6PfHC8hPT03GjS1k23hV0yosOP2bGmQXw==
x-bce-request-id: 0e562c98-5054-4982-b70a-9cecd8847fbc
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 08:04:12 GMT
ohc-cache-hit: cd6ct78 [2], wzix78 [2]
ohc-file-size: 39693
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 12803.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/%E5%90%95%E5%B8%83%E4%BC%A02016@281_110636.exe
Cookie: __bid_n=185acbf778b3d155b44207; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591; FPTOKEN=lWvvPmfjNAAFSpaigGb7jgrICBmGm2gV1xACKQgwHXjmEEMKPlc+K110Gphz8Xp0KDunbjNhg1rO5L7n857OBirn6zIAM3nz7wajoFv6KX1XDcDOAXKwycbyvc5Yt/7g8GR7/NssDGiV4qzho3LR68JCz+uSRZszssmkIc/NfwsiJkJl38NZYWH0mAI/3PG7/6J2xTy9xN7UmNwCzdR7/E5fg5W7iavXo4cXqPALpow7DHmUax+0cQbkPLUvmFASaUdWQqs+OXVzkBYb8eLpJlv0skxUbmkp7fJf3uhfYyPP14ASRqr5mBrSozaPsqR5eaqgRadQOSE14YutMs+hhzGII7rDLmx1uL7URLAVRQrTiqo/4VAXLZthOuHp1CSDMfDRI1ACKS7U+3ZC2IZzOQ==|D1N2dNQCi8XEOXrLv/13lPO6D4DsISH2HPQqFeY5fg4=|10|44d0b3b2388f8164d44f3799b8660da6; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673641591,1673642943; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1673642943
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 13 Jan 2023 20:49:23 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
lupic.cdn.bcebos.com/20191203/3016601033_14.jpg
118.112.225.35200 OK 47 kB URL HTTP/2 lupic.cdn.bcebos.com/20191203/3016601033_14.jpg
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 474x338, components 3\012- data
Hash a27709bc00cead67c82dd1ea0e4c8365
cea12ca631fec53180d5b9ec351eefa1518874fe
626b82102871facf10702a6bb8cd9f8a8480506dba8c1deb37576635c5b69bb4
GET /20191203/3016601033_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Fri, 13 Jan 2023 20:49:23 GMT
content-type: image/jpeg
content-length: 47080
expires: Sat, 14 Jan 2023 10:53:49 GMT
last-modified: Tue, 03 Dec 2019 07:54:34 GMT
etag: "a27709bc00cead67c82dd1ea0e4c8365"
age: 208004
accept-ranges: bytes
content-md5: oncJvADOrWfILdHqDkyDZQ==
x-bce-content-crc32: 3269727261
x-bce-debug-id: adyLlDj5eUD2ze+hmX0aK9jFkGCUxhYqOc73zuYCpoS+O9iWmSFgrhpfAg6UlsW96wDXDVULNGNEb9p2M8U4cw==
x-bce-request-id: 528f781b-06fa-422a-ba8c-ce9731cab9f9
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 10:53:49 GMT
ohc-cache-hit: cd6ct68 [2], czix232 [2]
ohc-file-size: 47080
x-cache-status: HIT
X-Firefox-Spdy: h2
bdcode.2345.com/js/logo/js/logo.js
42.81.8.130200 OK 0 B URL HTTP/2 bdcode.2345.com/js/logo/js/logo.js
IP 42.81.8.130:0
Analyzer Verdict Alert fortinet Malware
GET /js/logo/js/logo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: application/x-javascript
date: Fri, 13 Jan 2023 20:49:20 GMT
etag: W/"6396dcbe-371a"
expires: Fri, 13 Jan 2023 21:49:20 GMT
last-modified: Mon, 12 Dec 2022 07:48:14 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c0e7ff21b00d37e0-143
X-Firefox-Spdy: h2
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.206200 OK 0 B URL HTTP/2 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.206:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
strict-transport-security: max-age=5184000
date: Fri, 13 Jan 2023 20:42:26 GMT
last-modified: Wed, 06 Nov 2019 08:19:39 GMT
etag: W/"5dc2821b-4c53"
vary: Accept-Encoding, Accept-Encoding
expires: Tue, 22 Nov 2022 14:45:06 GMT
cache-control: max-age=600
ali-swift-global-savetime: 1673642546
via: cache1.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache8.se1[0,0,200-0,H], cache1.se1[1,0]
age: 411
x-cache: HIT TCP_MEM_HIT dirn:4:175331669
x-swift-savetime: Fri, 13 Jan 2023 20:44:56 GMT
x-swift-cachetime: 450
content-encoding: br
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
timing-allow-origin: *
eagleid: 2ff62c9516736429570448359e
X-Firefox-Spdy: h2
e2.2345.com/news/module2/js/newsModule-v2.js
180.101.199.241200 OK 0 B URL HTTP/2 e2.2345.com/news/module2/js/newsModule-v2.js
IP 180.101.199.241:0
GET /news/module2/js/newsModule-v2.js HTTP/1.1
Host: e2.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Fri, 13 Jan 2023 19:54:39 GMT
etag: W/"5f35e38f-cacf"
last-modified: Fri, 14 Aug 2020 01:06:23 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
ali-swift-global-savetime: 1673639679
via: cache59.l2cn3037[42,42,304-0,M], cache20.l2cn3037[43,0], cache20.l2cn3037[44,0], vcache23.cn4733[0,0,200-0,H], vcache1.cn4733[1,0]
age: 3278
x-cache: HIT TCP_MEM_HIT dirn:11:281726773
x-swift-savetime: Fri, 13 Jan 2023 19:54:39 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b465c71516736429570522783e
content-encoding: gzip
X-Firefox-Spdy: h2