r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7a9cb518d929d10c471394adc89cdfa
d609cb0d94e645141ab1372f19c014c1b00b83af
200db48dd5e87cba8dc962e8981f72def9c12e21d5a417361c4f77425e55597a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "200DB48DD5E87CBA8DC962E8981F72DEF9C12E21D5A417361C4F77425E55597A"
Last-Modified: Sun, 12 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21339
Expires: Sun, 12 Mar 2023 11:34:27 GMT
Date: Sun, 12 Mar 2023 05:38:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9ce33c47154f4826255fe9bbe54d72be
e10a363c007a6d15ed43eb35b4e5c246d85c5eed
cf423db1a8ad1dce1b5c25f6025d14411b4a46e95a6001288949f046e244bc24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF423DB1A8AD1DCE1B5C25F6025D14411B4A46E95A6001288949F046E244BC24"
Last-Modified: Fri, 10 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4453
Expires: Sun, 12 Mar 2023 06:53:01 GMT
Date: Sun, 12 Mar 2023 05:38:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 12 Mar 2023 05:09:12 GMT
content-type: application/json
age: 1776
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1a564ae484daef6a82bb08116ad794eb
f75350abf28a42c16324901035889a1f3af700a1
225214187df3f50835a8aafcc4555fe47cf0b78938b71d34fb422942292b153b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "225214187DF3F50835A8AAFCC4555FE47CF0B78938B71D34FB422942292B153B"
Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Sun, 12 Mar 2023 06:59:55 GMT
Date: Sun, 12 Mar 2023 05:38:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eqOJrNz3xtueG4yQrOvYsccyDb+sVAPLRqUVbS/phYnAyFXx22383UBuByp50ZqijCQjEJx5vs8SgE3p7aB1kQ==
x-amz-request-id: 596G53F37D65K24B
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 12 Mar 2023 04:45:49 GMT
age: 3179
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Mar 2023 05:38:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, ETag, Backoff, Expires, Alert, Pragma, Cache-Control, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 12 Mar 2023 05:12:32 GMT
age: 1576
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
168.206.200.52200 OK 6.6 kB URL HTTP/1.1 12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
IP 168.206.200.52:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (306), with CRLF, LF line terminators
Hash 51b3b20fe1d81dfd09ffc8d5637d2601
74a9c8ac21d7c18c772482715686dc9a8f27285b
e0529e34c1847cc9898a565c8fff4ca72bb32bcac379ccfe06775987fba0579a
Analyzer Verdict Alert fortinet Malware
GET /down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d960a8d21b339ab0d7987e3b1eb16fdc
08d4430c549151295ee4e1dc8f24dbd3d9456b0b
522b75aa714f87a716a9a693a7c3ed1cab6e5b1725f20a67df46dec2967b5960
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "522B75AA714F87A716A9A693A7C3ED1CAB6E5B1725F20A67DF46DEC2967B5960"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6455
Expires: Sun, 12 Mar 2023 07:26:24 GMT
Date: Sun, 12 Mar 2023 05:38:49 GMT
Connection: keep-alive
push.services.mozilla.com/
52.40.68.141101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.68.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2t5256uyoZCQKlZSrStt3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1ECIimd05s7FzSCRlRF9fYzzZ8o=
12254.url.tudown.com/template/company/42xz/css/common.css
168.206.200.52200 OK 1.9 kB URL HTTP/1.1 12254.url.tudown.com/template/company/42xz/css/common.css
IP 168.206.200.52:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5
GET /template/company/42xz/css/common.css HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:49 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Sun, 12 Mar 2023 17:38:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12254.url.tudown.com/js/orsxg5a.script
168.206.200.52200 OK 527 B URL HTTP/1.1 12254.url.tudown.com/js/orsxg5a.script
IP 168.206.200.52:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash d7657fee4b1bb7f07e4d8c3c56f3a392
8c3fc571d2e8c537b349e453d0e8a63c745f3079
162b7cb211f9277017b6103bee6a718c2b07c1c4dc9fe61550ce32fe2ae8f743
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12254.url.tudown.com/template/company/42xz/css/soft.css
168.206.200.52200 OK 6.6 kB URL HTTP/1.1 12254.url.tudown.com/template/company/42xz/css/soft.css
IP 168.206.200.52:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356
GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:49 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Sun, 12 Mar 2023 17:38:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12254.url.tudown.com/template/company/42xz/js/soft.js
168.206.200.52200 OK 3.6 kB URL HTTP/1.1 12254.url.tudown.com/template/company/42xz/js/soft.js
IP 168.206.200.52:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d
Analyzer Verdict Alert fortinet Malware
GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:49 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Sun, 12 Mar 2023 17:38:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12254.url.tudown.com/template/company/42xz/images/tab_line.png
168.206.200.52200 OK 1.2 kB URL HTTP/1.1 12254.url.tudown.com/template/company/42xz/images/tab_line.png
IP 168.206.200.52:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 190 x 7\012- data
Hash 4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06
GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes
12254.url.tudown.com/uploads/images/559194.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/559194.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/559194.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=307986375,177628273&fm=253&app=120&f=PNG?w=800&h=1280
12254.url.tudown.com/uploads/images/562795.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/562795.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/562795.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1903058838,3471988754&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=658
12254.url.tudown.com/uploads/images/53138.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/53138.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/53138.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3976526279,1574086724&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12254.url.tudown.com/uploads/images/logo.png?n=5gkknznxt3s3raxgswm6ravs46tzdzukqdsyrnxjqcqolduc&w=250
168.206.200.52200 OK 3.5 kB URL HTTP/1.1 12254.url.tudown.com/uploads/images/logo.png?n=5gkknznxt3s3raxgswm6ravs46tzdzukqdsyrnxjqcqolduc&w=250
IP 168.206.200.52:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash cb93d63fadd85c40af4d089658f71e93
c48c3bd2f56a89707f8d997b94b484c0494a3937
34542b8ff46ed591ded5537eaffe78f76a90f083249cd849ec93c9625eb9d68f
GET /uploads/images/logo.png?n=5gkknznxt3s3raxgswm6ravs46tzdzukqdsyrnxjqcqolduc&w=250 HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12254.url.tudown.com/uploads/images/978119.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/978119.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/978119.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1099339887,639831898&fm=253&app=120&f=JPEG?w=1280&h=800
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 27d4aff35b86e039853a302db3f85b4e
60205d42e81fc884cd507cb65526feab2e73696a
62471fb182a12310805f965b7b0e821d91ed92054a61e55773619d8bb5f0caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62471FB182A12310805F965B7B0E821D91ED92054A61E55773619D8BB5F0CAA2"
Last-Modified: Sat, 11 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7962
Expires: Sun, 12 Mar 2023 07:51:32 GMT
Date: Sun, 12 Mar 2023 05:38:50 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 4f8a1ac45bb434fae253d1f72bb722e0
551f5bd4c77f6399e82143d5c7c885f3bda7b50b
e222cd77635f71bfd05a6047d23dd936431bd1867edccdef57b3cea5fa2ed3f1
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 16 Mar 2023 04:49:36 GMT
ETag: "551f5bd4c77f6399e82143d5c7c885f3bda7b50b"
Last-Modified: Sun, 12 Mar 2023 04:49:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1141
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a69b1797f4fb4ee-OSL
12254.url.tudown.com/uploads/images/955710.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/955710.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/955710.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=648896954,2537565643&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
12254.url.tudown.com/uploads/images/537627.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/537627.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/537627.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2401905200,1762955414&fm=224&app=112&f=JPEG?w=500&h=500
12254.url.tudown.com/uploads/images/472479.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/472479.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/472479.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=556391668,2468105701&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=94
12254.url.tudown.com/uploads/images/257252.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/257252.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/257252.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3165672432,1163045020&fm=253&app=138&f=PNG?w=500&h=800
12254.url.tudown.com/uploads/images/662887.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/662887.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/662887.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2382841459,2778013980&fm=224&app=112&f=JPEG?w=500&h=500
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9853
Expires: Sun, 12 Mar 2023 08:23:03 GMT
Date: Sun, 12 Mar 2023 05:38:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a4d6ee7d459e2a9b742d0dbca932998
eada4a4de40e5035173bb18ee51aacd624b8b169
2e6eef4f452ef3700d4c9d06e8c3bf8999e077e24c332ab4670edd0884839d38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6053
x-amzn-requestid: 5f306311-ac84-4ce2-b9c2-6af31c110062
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bosb-FD5oAMFwJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf44c-61fea28e45516fad0d30cf65;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: gE_WoxZmuEc9mzbWmh3tMo_UshbjeTGIdbA8xew7ZB44sigj9fR3cw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 22:09:20 GMT
age: 26970
etag: "eada4a4de40e5035173bb18ee51aacd624b8b169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BkEcBGizoAMFgOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Nn4eV-UeuWZ02ANOxzTUSgE4UODtaZxeIjp8UJfU8PgUny2shFaDjQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:25 GMT
age: 28585
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13023a0e-6076-492b-85f7-561f44c10dbc.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13023a0e-6076-492b-85f7-561f44c10dbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eec0a8ace7d436f1b1274597ce85d1e5
b77e1a9598e9623fa633adc18cf1109420f93f85
aae51362b60519c7193c4c8b71215147d382e337ac257ce1aed362b05f840db9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13023a0e-6076-492b-85f7-561f44c10dbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8229
x-amzn-requestid: d45ea140-a43e-4c2d-8aea-0f15df3f2385
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BoszIHh_IAMF-qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4e0-714cd100321abf0f2b27939d;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: MWzxECUzh6ZVuXfHr8wzJEcfxJbVgK8sM_wYPGALRCwbCW-h4HpK_Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:57:00 GMT
age: 27710
etag: "b77e1a9598e9623fa633adc18cf1109420f93f85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae3c2980-a44e-45c6-a99d-629945594f8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae3c2980-a44e-45c6-a99d-629945594f8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56954902055f7b634773a3cf27cec213
c08733caed5383a2790e0760a889a6e545753105
16aa87074a92c80776c901da479e182fff8e81600d0a026b1e8c2ca38033b4fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae3c2980-a44e-45c6-a99d-629945594f8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11176
x-amzn-requestid: 8f3332e2-954e-4c35-96c9-390e257f5451
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BosvyFdeIAMF3MA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4cb-3869435d54341ff376a91d06;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: JdyxGvD16BjZNkG6J1b5pDwb4kJcyDZBDJAPi793Hxf3tP3VPm6Izw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 22:01:01 GMT
age: 27469
etag: "c08733caed5383a2790e0760a889a6e545753105"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9853
Expires: Sun, 12 Mar 2023 08:23:03 GMT
Date: Sun, 12 Mar 2023 05:38:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F232cdb17-98f3-4be0-b78a-14393eef7fa1.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F232cdb17-98f3-4be0-b78a-14393eef7fa1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cb2fe8b8a9441336c7c2d0db72a5b71b
2f1ed85d55504056381c5fd7c659f6d365f63613
f77d6bfd65cc01a3486560083306a45542132b2e2e23b749d43807634beb952d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F232cdb17-98f3-4be0-b78a-14393eef7fa1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5234
x-amzn-requestid: a0f2e1e3-f409-45bb-950b-eeec829c1c73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BnNfYEX4IAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640c5c62-27c1dcb05b6998ac435f405c;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 10:48:02 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: n7V_mrWVVJbnEDlgjSbfDDhTGo7Kn5gcqcekNG7c5XsTKZOFk_fAZQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 22:01:45 GMT
age: 27425
etag: "2f1ed85d55504056381c5fd7c659f6d365f63613"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9853
Expires: Sun, 12 Mar 2023 08:23:03 GMT
Date: Sun, 12 Mar 2023 05:38:50 GMT
Connection: keep-alive
12254.url.tudown.com/template/company/42xz/js/jquery.js
168.206.200.52200 OK 46 kB URL HTTP/1.1 12254.url.tudown.com/template/company/42xz/js/jquery.js
IP 168.206.200.52:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash 49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be
Analyzer Verdict Alert fortinet Malware
GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:49 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Sun, 12 Mar 2023 17:38:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12254.url.tudown.com/uploads/images/308528.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/308528.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/308528.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3919443128,1808455130&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
12254.url.tudown.com/uploads/images/250505.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/250505.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/250505.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1511202857,3964488049&fm=224&app=112&f=JPEG?w=500&h=500
12254.url.tudown.com/uploads/images/941218.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/941218.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/941218.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4062455783,3283285497&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1084
12254.url.tudown.com/uploads/images/247108.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/247108.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/247108.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1062674779,247533530&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12254.url.tudown.com/uploads/images/580042.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/580042.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/580042.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1875326278,3972451444&fm=253&app=138&f=JPEG?w=800&h=500
12254.url.tudown.com/uploads/images/597571.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/597571.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/597571.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:50 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2649818390,3631363123&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 12 Mar 2023 05:38:51 GMT
Etag: "4078521116"
Expires: Mon, 11 Mar 2024 05:38:51 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=2BF4550280E452775FCF43DB98DE2958:FG=1; max-age=31536000; expires=Mon, 11-Mar-24 05:38:51 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
12254.url.tudown.com/uploads/images/24441.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/24441.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/24441.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4150659980,2653165631&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
12254.url.tudown.com/uploads/images/93376.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/93376.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/93376.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3780010149,641055172&fm=224&app=112&f=JPEG?w=402&h=500
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 359144fdcfb8a7fe8b96d8bfe94ddeba
b95a658595b5c5bdfd42393c32f2a119702f3b14
a99393dcd26fd4847fe862e5cc754ed6e32495cc3669dae1953b3f49afe37e0f
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12254.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sun, 12 Mar 2023 05:38:50 GMT
Etag: dd15dc2f226d5d4c10b8a96ec68525d0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A6CF75CC572A55D0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
12254.url.tudown.com/uploads/images/270121.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/270121.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/270121.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1985517073,447975328&fm=253&fmt=auto?w=1280&h=800
12254.url.tudown.com/uploads/images/50699.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/50699.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/50699.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2231353858,294808761&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12254.url.tudown.com/uploads/images/767263.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/767263.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/767263.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=253336021,925506439&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
12254.url.tudown.com/uploads/images/219058.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/219058.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/219058.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2475096660,2644517219&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=603
12254.url.tudown.com/uploads/images/621402.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/621402.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/621402.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2522746013,3257611493&fm=253&app=120&f=JPEG?w=1280&h=800
12254.url.tudown.com/uploads/images/932771.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/932771.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/932771.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=396887868,238860106&fm=253&fmt=auto&app=138&f=JPEG?w=542&h=500
12254.url.tudown.com/uploads/images/937615.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/937615.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/937615.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3347399911,480973484&fm=253&app=138&f=JPEG?w=500&h=889
12254.url.tudown.com/uploads/images/379292.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/379292.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/379292.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3860193544,4111283646&fm=253&fmt=auto&app=138&f=JPEG?w=365&h=500
12254.url.tudown.com/uploads/images/147352.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/147352.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/147352.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3879927139,327649193&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2063948676&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=51577&r=0&ww=1280&u=http%3A%2F%2F12254.url.tudown.com%2Fdown%2F%25E6%2588%25BF%25E6%2580%259D%25E7%2590%25AA%25E7%259A%2584%25E5%2588%259D%25E6%2581%258B%25E4%25B9%2590%25E5%259B%25AD%40306_248332.exe&tt=%E7%88%B1%E8%B5%A2%E4%BD%93%E8%82%B2app%E4%B8%8B%E8%BD%BD%E6%BE%B3%E9%97%A8(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2063948676&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=51577&r=0&ww=1280&u=http%3A%2F%2F12254.url.tudown.com%2Fdown%2F%25E6%2588%25BF%25E6%2580%259D%25E7%2590%25AA%25E7%259A%2584%25E5%2588%259D%25E6%2581%258B%25E4%25B9%2590%25E5%259B%25AD%40306_248332.exe&tt=%E7%88%B1%E8%B5%A2%E4%BD%93%E8%82%B2app%E4%B8%8B%E8%BD%BD%E6%BE%B3%E9%97%A8(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2063948676&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=51577&r=0&ww=1280&u=http%3A%2F%2F12254.url.tudown.com%2Fdown%2F%25E6%2588%25BF%25E6%2580%259D%25E7%2590%25AA%25E7%259A%2584%25E5%2588%259D%25E6%2581%258B%25E4%25B9%2590%25E5%259B%25AD%40306_248332.exe&tt=%E7%88%B1%E8%B5%A2%E4%BD%93%E8%82%B2app%E4%B8%8B%E8%BD%BD%E6%BE%B3%E9%97%A8(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12254.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 12 Mar 2023 05:38:51 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=49F605C70B39BF8F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
12254.url.tudown.com/template/company/42xz/images/dian1.png
168.206.200.52200 OK 1.1 kB URL HTTP/1.1 12254.url.tudown.com/template/company/42xz/images/dian1.png
IP 168.206.200.52:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685
GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 12 Mar 2023 05:38:51 GMT
12254.url.tudown.com/template/company/42xz/images/dian2.png
168.206.200.52200 OK 1.1 kB URL HTTP/1.1 12254.url.tudown.com/template/company/42xz/images/dian2.png
IP 168.206.200.52:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash 3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1
GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.20.226:0
Hash 7db47a505ef848fbd09bc511074a1a73
fb0e8337d997c69c069fa9ba8a212db3f300c1b5
00ba2767796a8089c62acec94c0844f7befb528e93e05a47f5f4858979b5f0a7
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Thu, 16 Mar 2023 04:20:04 GMT
ETag: "fb0e8337d997c69c069fa9ba8a212db3f300c1b5"
Last-Modified: Sun, 12 Mar 2023 04:20:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2814
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a69b182aa6bb505-OSL
img0.baidu.com/it/u=3879927139,327649193&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
175.6.243.35200 OK 25 kB URL HTTP/2 img0.baidu.com/it/u=3879927139,327649193&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 354x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 41d363e9f86dd1857a24cd16dcff56d9
a2ce2b61fd7119c638f86e43ab464105e70bc2ba
119a32402c402b3f10ac30e4e2cbac19327cf931ff734b74fb9e5e24e485431d
GET /it/u=3879927139,327649193&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:51 GMT
content-type: image/webp
content-length: 25108
expires: Wed, 29 Mar 2023 13:42:24 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 41d363e9f86dd1857a24cd16dcff56d9
age: 74179
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 27 Feb 2023 13:42:24 GMT
ohc-cache-hit: hengyct54 [4], czix206 [4]
ohc-file-size: 25108
x-cache-status: HIT
X-Firefox-Spdy: h2
12254.url.tudown.com/uploads/images/984466.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/984466.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/984466.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2268678062,4221220499&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
12254.url.tudown.com/uploads/images/9063.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/9063.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/9063.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1617651569,1110449370&fm=224&app=112&f=JPEG?w=500&h=500&s=B085DB14550642E44E8062D8030050B2
12254.url.tudown.com/uploads/images/669955.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/669955.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/669955.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=606166360,4004582932&fm=253&fmt=auto&app=138&f=JPEG?w=527&h=500
12254.url.tudown.com/uploads/images/748150.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/748150.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/748150.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1903058838,3471988754&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=658
12254.url.tudown.com/uploads/images/200464.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/200464.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/200464.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1338558106,1913865723&fm=224&app=112&f=JPEG?w=500&h=500&s=1A106C8004C772F8DEAC49DA030090A2
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
104.192.110.245200 OK 117 B URL HTTP/1.1 js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP 104.192.110.245:0
ASN #55992 Beijing Qihu Technology Company Limited
File type HTML document, ASCII text, with no line terminators
Hash 8f00a362b03a2a9253ae0140918497d5
6978ec97a2a3f0b365dcfc6f3f896dfce03754a5
e18aa0f9f9678fca1a94de5b00bee2fa5b7d4a202263de1f4d8e07c235ecb08f
GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Sun, 12 Mar 2023 05:48:52 GMT
KCS-Via: HIT from w-fc01.lato;REVALIDATED from w-sc02.lato
Content-Encoding: gzip
t15.baidu.com/it/u=1511202857,3964488049&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 50 kB URL HTTP/1.1 t15.baidu.com/it/u=1511202857,3964488049&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 08e40239420e386970b83fa2082647e3
80d1055c6cc574e76da87e91aa9fe9c761dd5727
240d280ed5116e7671fca90d6540300ff45d9dd0745813412a64e9d629dd3f4a
GET /it/u=1511202857,3964488049&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpeg
Content-Length: 50532
Connection: keep-alive
Expires: Thu, 30 Mar 2023 06:02:58 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 08e40239420e386970b83fa2082647e3
Age: 1035354
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 28 Feb 2023 06:02:58 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache58 [1], xaix220 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 50532
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2649818390,3631363123&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
175.6.243.35200 OK 24 kB URL HTTP/2 img0.baidu.com/it/u=2649818390,3631363123&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x312, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ee1c25a08a9a1f1ac6d182e87ac4cbec
07038c9233ada067e3a3e7a797cb006eb1059d2b
d5e5e9584f4a7affa8896f5799d414d4a5f13612e54f6c136936f6b6b080b15f
GET /it/u=2649818390,3631363123&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:51 GMT
content-type: image/webp
content-length: 24420
expires: Sun, 09 Apr 2023 02:52:21 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: ee1c25a08a9a1f1ac6d182e87ac4cbec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 10 Mar 2023 02:52:21 GMT
ohc-cache-hit: hengyct84 [1], xiangyix105 [2]
ohc-file-size: 24420
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3919443128,1808455130&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
175.6.243.35200 OK 3.1 kB URL HTTP/2 img1.baidu.com/it/u=3919443128,1808455130&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 224x224, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e0b36924c76417173458447c5d9b9d2
7e4be9e21d923e772da56ae4b0d1fac75c9b3696
fe9948d06a5396607b865d329369bb39e88418d6cea25dd78ebf0c6ab3bbb1ac
GET /it/u=3919443128,1808455130&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 3148
expires: Thu, 16 Mar 2023 09:32:23 GMT
last-modified: Mon, 12 Jan 1970 00:00:00 GMT
etag: 1e0b36924c76417173458447c5d9b9d2
age: 142879
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 14 Feb 2023 09:32:23 GMT
ohc-cache-hit: hengyct68 [4], suzix101 [4]
ohc-file-size: 3148
x-cache-status: HIT
X-Firefox-Spdy: h2
12254.url.tudown.com/uploads/images/374408.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/374408.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/374408.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1890333994,2700406796&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img1.baidu.com/it/u=3860193544,4111283646&fm=253&fmt=auto&app=138&f=JPEG?w=365&h=500
175.6.243.35200 OK 26 kB URL HTTP/2 img1.baidu.com/it/u=3860193544,4111283646&fm=253&fmt=auto&app=138&f=JPEG?w=365&h=500
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 365x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 98a5df1b1f7c881ebb18770a6679b0a5
6ddbe2328ab2e04ddc3c1ca5b575af1c8cba1a17
5c5c4362777b84c26f5ea9716b30068010b958f39f5de952178a0e9c9b8dabd8
GET /it/u=3860193544,4111283646&fm=253&fmt=auto&app=138&f=JPEG?w=365&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 25766
expires: Sat, 18 Mar 2023 08:47:31 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 98a5df1b1f7c881ebb18770a6679b0a5
age: 110523
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 16 Feb 2023 08:47:31 GMT
ohc-cache-hit: hengyct66 [4], xaix203 [2]
ohc-file-size: 25766
x-cache-status: HIT
X-Firefox-Spdy: h2
12254.url.tudown.com/uploads/images/246935.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/246935.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/246935.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3792299447,1207792583&fm=253&fmt=auto&app=138&f=JPEG?w=735&h=314
12254.url.tudown.com/uploads/images/247120.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/247120.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/247120.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1044765638,1941870469&fm=253&fmt=auto&app=120&f=JPEG?w=448&h=252
12254.url.tudown.com/uploads/images/868026.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/868026.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/868026.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1858255056,1367665810&fm=224&app=112&f=JPEG?w=500&h=500
12254.url.tudown.com/uploads/images/563327.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/563327.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/563327.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2755809886,440258571&fm=253&fmt=auto&app=138&f=JPEG?w=228&h=302
12254.url.tudown.com/uploads/images/650215.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/650215.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/650215.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=924351922,3177371266&fm=253&app=120&f=JPEG?w=1280&h=800
t15.baidu.com/it/u=1617651569,1110449370&fm=224&app=112&f=JPEG?w=500&h=500&s=B085DB14550642E44E8062D8030050B2
185.10.104.124200 OK 32 kB URL HTTP/1.1 t15.baidu.com/it/u=1617651569,1110449370&fm=224&app=112&f=JPEG?w=500&h=500&s=B085DB14550642E44E8062D8030050B2
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ae380cb87e6bdb1b6e0fe7b890c1e9d9
89c828720a7c34c78230ec2fc5cc048c9dc4fc2d
7cdf1613f5c7ad1bbeae10296f27f1dcc9725d5db7c6fc4a11cb5abea578cd81
GET /it/u=1617651569,1110449370&fm=224&app=112&f=JPEG?w=500&h=500&s=B085DB14550642E44E8062D8030050B2 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpeg
Content-Length: 32052
Connection: keep-alive
Expires: Mon, 27 Mar 2023 11:17:49 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: ae380cb87e6bdb1b6e0fe7b890c1e9d9
Age: 1428
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 25 Feb 2023 11:17:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache54 [1], xaix222 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 32052
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=2401905200,1762955414&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 22 kB URL HTTP/1.1 t15.baidu.com/it/u=2401905200,1762955414&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a9613c78ff2aeb7eece70f855e047fdd
d02d1965ea2c6bf8ada5c0604476bf3a4b3b93b9
407e3b9cc1e56685d892af3996818d21dea73c337945ce30aaad0f8d82b3f933
GET /it/u=2401905200,1762955414&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpeg
Content-Length: 22437
Connection: keep-alive
Expires: Tue, 04 Apr 2023 11:19:43 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: a9613c78ff2aeb7eece70f855e047fdd
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 05 Mar 2023 11:19:43 GMT
Ohc-Upstream-Trace: 122.228.213.58; 58.20.204.58
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache58 [1], wzix58 [4]
Ohc-Response-Time: 1 0 0 0 274 275
Ohc-File-Size: 22437
X-Cache-Status: MISS
Timing-Allow-Origin: *
img1.baidu.com/it/u=4062455783,3283285497&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1084
175.6.243.35200 OK 38 kB URL HTTP/2 img1.baidu.com/it/u=4062455783,3283285497&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1084
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1084, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 161fe41fce84d3049dde228143e02a5d
cd14f528860540adebe442b297036ad0e136c515
42058f939ebbf6d6a114c1c9d4247489d391795b5f41533c339dba78e00b5bf3
GET /it/u=4062455783,3283285497&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1084 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 38384
expires: Tue, 14 Mar 2023 05:37:14 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 161fe41fce84d3049dde228143e02a5d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 12 Feb 2023 05:37:14 GMT
ohc-cache-hit: hengyct81 [1], xiangyix180 [2]
ohc-file-size: 38384
x-cache-status: MISS
X-Firefox-Spdy: h2
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
106.119.193.217200 OK 20 B URL HTTP/2 s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP 106.119.193.217:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12254.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Sun, 12 Mar 2023 05:16:33 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sun, 12 Mar 2023 05:16:33 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1678598193
via: cache9.l2cn3071[42,42,200-0,M], cache37.l2cn3071[43,0], cache6.cn3263[0,0,200-0,H], cache7.cn3263[0,0]
age: 1339
x-cache: HIT TCP_MEM_HIT dirn:2:378883275
x-swift-savetime: Sun, 12 Mar 2023 05:16:33 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 6a77c11b16785995323931960e
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3347399911,480973484&fm=253&app=138&f=JPEG?w=500&h=889
175.6.243.35200 OK 55 kB URL HTTP/1.1 img0.baidu.com/it/u=3347399911,480973484&fm=253&app=138&f=JPEG?w=500&h=889
IP 175.6.243.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash c38c3eb4a04d3f58d0ea0a27ce384c16
da338962eeead5d44c29b1af41b2997b3dccf42a
ed870a038684d3d0d06fd14e242892da55911984ff001322facb08ccdf4838bf
GET /it/u=3347399911,480973484&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpeg
Content-Length: 54777
Connection: keep-alive
Expires: Thu, 16 Mar 2023 23:18:07 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: c38c3eb4a04d3f58d0ea0a27ce384c16
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 14 Feb 2023 23:18:07 GMT
Ohc-Cache-HIT: hengyct76 [1], qdix76 [2]
Ohc-File-Size: 54777
X-Cache-Status: MISS
img2.baidu.com/it/u=396887868,238860106&fm=253&fmt=auto&app=138&f=JPEG?w=542&h=500
175.6.243.35200 OK 12 kB URL HTTP/2 img2.baidu.com/it/u=396887868,238860106&fm=253&fmt=auto&app=138&f=JPEG?w=542&h=500
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 542x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e4fa5ec5444739869d36cbbf9b895e0
127ff3f07859f00ae16bc8dfc769da114b10c671
bb5f16f22b493293d942f7755d7c304135b15a81731746c6a5b126cf9c337ddf
GET /it/u=396887868,238860106&fm=253&fmt=auto&app=138&f=JPEG?w=542&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 11466
expires: Mon, 20 Mar 2023 00:15:53 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 1e4fa5ec5444739869d36cbbf9b895e0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 18 Feb 2023 00:15:53 GMT
ohc-cache-hit: hengyct53 [1], czix219 [4]
ohc-file-size: 11466
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1062674779,247533530&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
175.6.243.35200 OK 12 kB URL HTTP/2 img1.baidu.com/it/u=1062674779,247533530&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b6ca909235771190fb9cc22fa396b93
bdf2342e1b1d81d1f29ea3355599976ac21c767b
70b30cbc47ad45de2dc69ce73e310760c8470baa9f22b599915f6b37790b61dd
GET /it/u=1062674779,247533530&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 12312
expires: Thu, 23 Mar 2023 14:06:20 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 4b6ca909235771190fb9cc22fa396b93
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 21 Feb 2023 14:06:20 GMT
ohc-cache-hit: hengyct64 [1], xaix92 [2]
ohc-file-size: 12312
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1875326278,3972451444&fm=253&app=138&f=JPEG?w=800&h=500
175.6.243.35200 OK 54 kB URL HTTP/1.1 img1.baidu.com/it/u=1875326278,3972451444&fm=253&app=138&f=JPEG?w=800&h=500
IP 175.6.243.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash 84e21f59fb84ddfd6c637bec75d09357
f57bb0e937fd2c339c4473f72dc3c73b3df5ef9e
77775a6b9fb0f6bb52555f6c0dc496acac90b0be24fe1dd04e39443569c46a28
GET /it/u=1875326278,3972451444&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpeg
Content-Length: 54377
Connection: keep-alive
Expires: Sun, 12 Mar 2023 06:13:17 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 84e21f59fb84ddfd6c637bec75d09357
Age: 236705
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 10 Feb 2023 06:13:17 GMT
Ohc-Cache-HIT: hengyct55 [4], wzix101 [4]
Ohc-File-Size: 54377
X-Cache-Status: HIT
12254.url.tudown.com/uploads/images/479248.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/479248.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/479248.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4094714741,3265251617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1043
s8.qhres2.com/static/ab77b6ea7f3fbf79.js
54.230.111.35200 OK 478 B URL HTTP/1.1 s8.qhres2.com/static/ab77b6ea7f3fbf79.js
IP 54.230.111.35:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s8.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3CUnqGXV851Ajc9l2iAVejSaK2-b0d3YKBLCnz3mxbHZLP4WQ8Nx4g==
Age: 14442627
t15.baidu.com/it/u=2382841459,2778013980&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 54 kB URL HTTP/1.1 t15.baidu.com/it/u=2382841459,2778013980&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2702a9863c254aa15cfe4b4994d90156
8852d4416093cc2edb32eac87f8980a6dd529f1f
c24d5e7d4e5c92d65045f8f51a1648688283640b4dff3b51a75546ae472490ac
GET /it/u=2382841459,2778013980&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpeg
Content-Length: 53618
Connection: keep-alive
Expires: Mon, 13 Mar 2023 03:32:51 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 2702a9863c254aa15cfe4b4994d90156
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 11 Feb 2023 03:32:51 GMT
Ohc-Upstream-Trace: 113.142.198.177; 58.20.204.51
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [1], zhuzuncache51 [1], xaix177 [4]
Ohc-Response-Time: 1 0 0 0 362 362
Ohc-File-Size: 53618
X-Cache-Status: MISS
Timing-Allow-Origin: *
img2.baidu.com/it/u=648896954,2537565643&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
175.6.243.35200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=648896954,2537565643&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f0060db004a457d3390ef267fbe93911
d09f525c14c422b7f48c7b0c07b42f45be5101de
3dd4919f8e9f1b63e1a8a7df12dec68736b04cf7f392c5ea4d35be3c76cbd61a
GET /it/u=648896954,2537565643&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 29962
expires: Wed, 22 Mar 2023 07:07:34 GMT
last-modified: Mon, 12 Jan 1970 00:00:00 GMT
etag: f0060db004a457d3390ef267fbe93911
age: 873135
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 20 Feb 2023 07:07:34 GMT
ohc-cache-hit: hengyct50 [4], qdix187 [4]
ohc-file-size: 29962
x-cache-status: HIT
X-Firefox-Spdy: h2
12254.url.tudown.com/uploads/images/671696.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/671696.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/671696.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1192998448,3576190731&fm=253&fmt=auto?w=640&h=220
12254.url.tudown.com/uploads/images/164470.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/164470.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/164470.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=924540176,93292248&fm=224&app=112&f=JPEG?w=500&h=500&s=79B7B7BA4006C3FB1005087C03008064
12254.url.tudown.com/uploads/images/18807.jpg
168.206.200.52301 Moved Permanently 0 B URL HTTP/1.1 12254.url.tudown.com/uploads/images/18807.jpg
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/18807.jpg HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4241892396,2786208654&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
img2.baidu.com/it/u=4150659980,2653165631&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
175.6.243.35200 OK 58 kB URL HTTP/2 img2.baidu.com/it/u=4150659980,2653165631&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9c43dd8179232fcc87aa4ed8b91ad0c2
93f24df2c85bef2f2ae34a9df17be0c36112ae9c
2dd4fed07b4072b45326daa3d64011101d102faf15a900b23efb33684c29d035
GET /it/u=4150659980,2653165631&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 57696
expires: Wed, 22 Mar 2023 06:34:13 GMT
last-modified: Mon, 12 Jan 1970 00:00:00 GMT
etag: 9c43dd8179232fcc87aa4ed8b91ad0c2
age: 876888
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 20 Feb 2023 06:34:13 GMT
ohc-cache-hit: hengyct59 [4], qdix132 [2]
ohc-file-size: 57696
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3976526279,1574086724&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
175.6.243.35200 OK 82 kB URL HTTP/2 img1.baidu.com/it/u=3976526279,1574086724&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0c06221099dd953d245ef6c431a2c402
a306886627da6f7ac2ad3f2b19800d47c21f396d
f3b121a4654346cc5c1c615d0a4cab33dfe369bec94e4db4029464d1140140c5
GET /it/u=3976526279,1574086724&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 82464
expires: Sun, 19 Mar 2023 06:32:31 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 0c06221099dd953d245ef6c431a2c402
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 17 Feb 2023 06:32:31 GMT
ohc-cache-hit: hengyct87 [1], suzix100 [4]
ohc-file-size: 82464
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2475096660,2644517219&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=603
175.6.243.35200 OK 39 kB URL HTTP/2 img2.baidu.com/it/u=2475096660,2644517219&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=603
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x603, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d41c667edf9bb3bdc56ea075ff65ca76
d89f177df08cb0262ea16c49faf53e6416d1065f
68ef17ce2635454ce160a8ae7a6cf6a352b7676ff1349e311199842d9a1b8cbc
GET /it/u=2475096660,2644517219&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=603 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 38888
expires: Fri, 24 Mar 2023 03:05:47 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: d41c667edf9bb3bdc56ea075ff65ca76
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 22 Feb 2023 03:05:47 GMT
ohc-cache-hit: hengyct75 [1], qdix243 [2]
ohc-file-size: 38888
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3165672432,1163045020&fm=253&app=138&f=PNG?w=500&h=800
124.239.243.35200 OK 396 kB URL HTTP/1.1 img2.baidu.com/it/u=3165672432,1163045020&fm=253&app=138&f=PNG?w=500&h=800
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type PNG image data, 500 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 396 kB (396473 bytes)
Hash ab42e7b0d54a4b5f6df4e94ea33625fa
093bf30a4aaad4dbf44af4d7101a82ab648048da
6c36b0bbcfa244e2b6acaa41368f38d227ccc8d8f10a226604deeff1d6662950
GET /it/u=3165672432,1163045020&fm=253&app=138&f=PNG?w=500&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/png
Content-Length: 396473
Connection: keep-alive
Expires: Fri, 31 Mar 2023 00:51:03 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: ab42e7b0d54a4b5f6df4e94ea33625fa
Age: 815711
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Mar 2023 00:51:03 GMT
Ohc-Cache-HIT: lf7ct88 [4], xaix108 [4]
Ohc-File-Size: 396473
X-Cache-Status: HIT
img2.baidu.com/it/u=606166360,4004582932&fm=253&fmt=auto&app=138&f=JPEG?w=527&h=500
175.6.243.35200 OK 9.3 kB URL HTTP/2 img2.baidu.com/it/u=606166360,4004582932&fm=253&fmt=auto&app=138&f=JPEG?w=527&h=500
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 527x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 487abf66c5bbad6fa8412bceb368ce2b
043e86bd2ac27480f523e1523efe5f56714523d2
606ccb422715b3a9414f9f2e0777046a222895dbf1628f0670695cb9bc7c936c
GET /it/u=606166360,4004582932&fm=253&fmt=auto&app=138&f=JPEG?w=527&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 9260
expires: Fri, 17 Mar 2023 02:38:08 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 487abf66c5bbad6fa8412bceb368ce2b
age: 1110821
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 15 Feb 2023 02:38:08 GMT
ohc-cache-hit: hengyct88 [4], qdix197 [2]
ohc-file-size: 9260
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2522746013,3257611493&fm=253&app=120&f=JPEG?w=1280&h=800
175.6.243.35200 OK 127 kB URL HTTP/1.1 img0.baidu.com/it/u=2522746013,3257611493&fm=253&app=120&f=JPEG?w=1280&h=800
IP 175.6.243.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 127 kB (126576 bytes)
Hash 303474373e2ad55e86ae6a428743c24e
ee6f840c982cd138de4c93fd5843cbeefb8fde75
e55990a1260dc57c1e56f00c689970e5fd1dd624cb30791aa95ddc53b07fcf15
GET /it/u=2522746013,3257611493&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpeg
Content-Length: 126576
Connection: keep-alive
Expires: Sat, 01 Apr 2023 08:42:54 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 303474373e2ad55e86ae6a428743c24e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Mar 2023 08:42:54 GMT
Ohc-Cache-HIT: hengyct71 [1], wzix71 [4]
Ohc-File-Size: 126576
X-Cache-Status: MISS
img2.baidu.com/it/u=1985517073,447975328&fm=253&fmt=auto?w=1280&h=800
175.6.243.35200 OK 74 kB URL HTTP/2 img2.baidu.com/it/u=1985517073,447975328&fm=253&fmt=auto?w=1280&h=800
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 759d67143ff2a2645f279ced8379b656
c38d092d5638391c135bc9d815dfa0106fab0a4a
52f1148c1f1865190cb646310951563a94f9b1257e9e56ed0372271899278a57
GET /it/u=1985517073,447975328&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 73872
expires: Mon, 20 Mar 2023 04:06:51 GMT
last-modified: Mon, 12 Jan 1970 00:00:00 GMT
etag: 759d67143ff2a2645f279ced8379b656
age: 100656
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 18 Feb 2023 04:06:51 GMT
ohc-cache-hit: hengyct61 [2], bdix61 [2]
ohc-file-size: 73872
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2268678062,4221220499&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
175.6.243.35200 OK 4.5 kB URL HTTP/2 img2.baidu.com/it/u=2268678062,4221220499&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 86db75c77020494e3bfc9c1eaf5232ef
79cffa519271635bc8f53aa619671af784ae78ec
1b1fa25e5f0bbcc21c1a939be0d6e0a660ffd1d424a6d34bf145f38dd1177f76
GET /it/u=2268678062,4221220499&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 4548
expires: Sat, 01 Apr 2023 11:40:37 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 86db75c77020494e3bfc9c1eaf5232ef
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Mar 2023 11:40:37 GMT
ohc-cache-hit: hengyct63 [1], csix98 [4]
ohc-file-size: 4548
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=307986375,177628273&fm=253&app=120&f=PNG?w=800&h=1280
175.6.243.35200 OK 922 kB URL HTTP/1.1 img0.baidu.com/it/u=307986375,177628273&fm=253&app=120&f=PNG?w=800&h=1280
IP 175.6.243.35:0
File type PNG image data, 800 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size 922 kB (921798 bytes)
Hash 16eee48f70b9a9952d2ae4cc170684cf
e21e5f888c2602e70097b280aae434a227950423
9fc29c5cd97d22e65d8ea5560eac352b601c6a589bf7938b8d1acdc83f560c06
GET /it/u=307986375,177628273&fm=253&app=120&f=PNG?w=800&h=1280 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:51 GMT
Content-Type: image/png
Content-Length: 921798
Connection: keep-alive
Expires: Tue, 11 Apr 2023 04:42:19 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 16eee48f70b9a9952d2ae4cc170684cf
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 12 Mar 2023 04:42:19 GMT
Ohc-Cache-HIT: hengyct74 [2], xiangyix221 [4]
Ohc-File-Size: 921798
X-Cache-Status: MISS
img2.baidu.com/it/u=1903058838,3471988754&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=658
175.6.243.35200 OK 38 kB URL HTTP/2 img2.baidu.com/it/u=1903058838,3471988754&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=658
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x658, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 70422df2fde13f1dd714e65433ee7c2a
36ea954f0331988f2daaf3846edf5ef128ac8fb4
2d39adea5294dfcb5a680d6298f4a559275d5213ed8a269f7b6305662e00d9d5
GET /it/u=1903058838,3471988754&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=658 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 37572
expires: Thu, 23 Mar 2023 06:27:10 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 70422df2fde13f1dd714e65433ee7c2a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 21 Feb 2023 06:27:10 GMT
ohc-cache-hit: hengyct71 [1], wzix71 [4]
ohc-file-size: 37572
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=253336021,925506439&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
175.6.243.35200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=253336021,925506439&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 602210bc88270b8bd884c39f204d949f
49ea0e3a33f0b90ff6f8cff0a21e636ce3c249bf
c621fb9c3e8b523709a8e2527169877959ce878d85c77de21e220af56eafea4f
GET /it/u=253336021,925506439&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 18864
expires: Mon, 10 Apr 2023 16:55:24 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 602210bc88270b8bd884c39f204d949f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 11 Mar 2023 16:55:24 GMT
ohc-cache-hit: hengyct87 [2], wzix111 [4]
ohc-file-size: 18864
x-cache-status: MISS
X-Firefox-Spdy: h2
s.360.cn/so/zz.gif?url=http%3A%2F%2F12254.url.tudown.com%2Fdown%2F%25E6%2588%25BF%25E6%2580%259D%25E7%2590%25AA%25E7%259A%2584%25E5%2588%259D%25E6%2581%258B%25E4%25B9%2590%25E5%259B%25AD%40306_248332.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a223631804e23_a690b39@0D
171.8.167.90200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F12254.url.tudown.com%2Fdown%2F%25E6%2588%25BF%25E6%2580%259D%25E7%2590%25AA%25E7%259A%2584%25E5%2588%259D%25E6%2581%258B%25E4%25B9%2590%25E5%259B%25AD%40306_248332.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a223631804e23_a690b39@0D
IP 171.8.167.90:0
ASN #137687 Luoyang, Henan Province, P.R.China.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F12254.url.tudown.com%2Fdown%2F%25E6%2588%25BF%25E6%2580%259D%25E7%2590%25AA%25E7%259A%2584%25E5%2588%259D%25E6%2581%258B%25E4%25B9%2590%25E5%259B%25AD%40306_248332.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a223631804e23_a690b39@0D HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Tue, 23 Jul 2019 07:36:18 GMT
Connection: keep-alive
ETag: "5d36b8f2-0"
Accept-Ranges: bytes
img1.baidu.com/it/u=3792299447,1207792583&fm=253&fmt=auto&app=138&f=JPEG?w=735&h=314
175.6.243.35200 OK 21 kB URL HTTP/2 img1.baidu.com/it/u=3792299447,1207792583&fm=253&fmt=auto&app=138&f=JPEG?w=735&h=314
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 735x314, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8e7512a719c81ce992f4f0b75a691e2b
22d2cdb7386dfafd7ddcc9c6ce03f6170e5064d2
035474d207dfe779c1bef70ddeb4a221b631b32ead93c2e0f0f7f77461c1bc86
GET /it/u=3792299447,1207792583&fm=253&fmt=auto&app=138&f=JPEG?w=735&h=314 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 21410
expires: Sun, 09 Apr 2023 15:19:28 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 8e7512a719c81ce992f4f0b75a691e2b
age: 84223
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 10 Mar 2023 15:19:28 GMT
ohc-cache-hit: hengyct61 [4], xaix61 [4]
ohc-file-size: 21410
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1890333994,2700406796&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
175.6.243.35200 OK 63 kB URL HTTP/2 img0.baidu.com/it/u=1890333994,2700406796&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cdfc3736d080aab01ef1b1e6c80886c9
3c6b2e9c7e2af1af0865443e8948c162fdfb7fc4
5c4082fd02bf4ac12c1fc1edb6bf16cb3136bb36eb81ac2afc307aa6770c7fa5
GET /it/u=1890333994,2700406796&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 63108
expires: Fri, 24 Mar 2023 06:47:42 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: cdfc3736d080aab01ef1b1e6c80886c9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 22 Feb 2023 06:47:42 GMT
ohc-cache-hit: hengyct85 [1], bdix154 [4]
ohc-file-size: 63108
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1044765638,1941870469&fm=253&fmt=auto&app=120&f=JPEG?w=448&h=252
175.6.243.35200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=1044765638,1941870469&fm=253&fmt=auto&app=120&f=JPEG?w=448&h=252
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 448x252, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69d7f25cb76307087abf27fa66200363
05edcdc08b1559ae54c480dd9d58f105ab655ece
f78703c32623fac9385de7d376904272a9a9b28b7ca13ae3e75371723bd20b00
GET /it/u=1044765638,1941870469&fm=253&fmt=auto&app=120&f=JPEG?w=448&h=252 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 22560
expires: Sat, 01 Apr 2023 07:46:30 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 69d7f25cb76307087abf27fa66200363
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Mar 2023 07:46:30 GMT
ohc-cache-hit: hengyct78 [1], bdix209 [4]
ohc-file-size: 22560
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2755809886,440258571&fm=253&fmt=auto&app=138&f=JPEG?w=228&h=302
175.6.243.35200 OK 9.8 kB URL HTTP/2 img0.baidu.com/it/u=2755809886,440258571&fm=253&fmt=auto&app=138&f=JPEG?w=228&h=302
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 228x302, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 292c784b18b6845491ac86ac3399946c
2e387e7561caaac524a00dc4ecfc45ba91c7d6a7
69319ebdf2b1b2959a0f6baa0db6ee680888a198ed599be56cad170b0c8ea823
GET /it/u=2755809886,440258571&fm=253&fmt=auto&app=138&f=JPEG?w=228&h=302 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 9824
expires: Wed, 22 Mar 2023 14:37:22 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 292c784b18b6845491ac86ac3399946c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 20 Feb 2023 14:37:22 GMT
ohc-cache-hit: hengyct52 [1], qdix52 [4]
ohc-file-size: 9824
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2231353858,294808761&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
175.6.243.35200 OK 26 kB URL HTTP/2 img0.baidu.com/it/u=2231353858,294808761&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 74f874e56e4824b35a037acadfbeedee
ed0f45750497dba51c2e69017c5e184fef3acf06
29210114f36705e4305addba3631a5f6563c73d62da84f17aa193efab381ce07
GET /it/u=2231353858,294808761&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 25826
expires: Wed, 22 Mar 2023 06:29:15 GMT
last-modified: Mon, 12 Jan 1970 00:00:00 GMT
etag: 74f874e56e4824b35a037acadfbeedee
age: 131963
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 20 Feb 2023 06:29:15 GMT
ohc-cache-hit: hengyct52 [4], bdix110 [2]
ohc-file-size: 25826
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=924351922,3177371266&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.1.35200 OK 129 kB URL HTTP/1.1 img0.baidu.com/it/u=924351922,3177371266&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.1.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 129 kB (129085 bytes)
Hash df3f5fad30f12732596976151f306c7f
fc84c584e0fafa162221f02339888d3821506149
cf04391f5e163715982d67b3a8757a4deb792c3c1b304aa9123fd0f666a24830
GET /it/u=924351922,3177371266&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpeg
Content-Length: 129085
Connection: keep-alive
Expires: Mon, 20 Mar 2023 03:15:48 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: df3f5fad30f12732596976151f306c7f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 18 Feb 2023 03:15:48 GMT
Ohc-Cache-HIT: lz4ct72 [1], bdix119 [4]
Ohc-File-Size: 129085
X-Cache-Status: MISS
img0.baidu.com/it/u=4094714741,3265251617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1043
175.6.243.35200 OK 35 kB URL HTTP/2 img0.baidu.com/it/u=4094714741,3265251617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1043
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1043, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ef53c31f308d26ad1fcea172c307656f
7d7025c80150fbf746962acf47ef1b8d91cb4ad9
a9cb2b43863dd6ab4d6684de2478d4e1deca37a1795451b886ab9400d85abab2
GET /it/u=4094714741,3265251617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1043 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 34684
expires: Tue, 21 Mar 2023 13:52:35 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ef53c31f308d26ad1fcea172c307656f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 19 Feb 2023 13:52:35 GMT
ohc-cache-hit: hengyct64 [1], suzix95 [4]
ohc-file-size: 34684
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1192998448,3576190731&fm=253&fmt=auto?w=640&h=220
175.6.243.35200 OK 10 kB URL HTTP/2 img2.baidu.com/it/u=1192998448,3576190731&fm=253&fmt=auto?w=640&h=220
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5d32120b7b446bffa850664792b52dd
55b0a75e044ca9176bbe243206060f4e8f6779cd
6fe41a62171e99140d3fb141d50c2a472a8e73b283d61bac3400e19495c02d20
GET /it/u=1192998448,3576190731&fm=253&fmt=auto?w=640&h=220 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 10266
expires: Thu, 16 Mar 2023 07:37:16 GMT
last-modified: Mon, 12 Jan 1970 00:00:00 GMT
etag: c5d32120b7b446bffa850664792b52dd
age: 172326
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 14 Feb 2023 07:37:16 GMT
ohc-cache-hit: hengyct86 [4], czix234 [4]
ohc-file-size: 10266
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4241892396,2786208654&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
175.6.243.35200 OK 55 kB URL HTTP/2 img2.baidu.com/it/u=4241892396,2786208654&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2085e0ad7435869270951a69d24eb955
8cc3aa94153864aa6978c95e94cc890f741ed5c7
012964ff43bd089ab79c7ba9e0bb171c5a859c0e5462edf0dde10afbb8d98cac
GET /it/u=4241892396,2786208654&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:52 GMT
content-type: image/webp
content-length: 55060
expires: Sun, 19 Mar 2023 07:03:46 GMT
last-modified: Mon, 12 Jan 1970 00:00:00 GMT
etag: 2085e0ad7435869270951a69d24eb955
age: 95180
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 17 Feb 2023 07:03:46 GMT
ohc-cache-hit: hengyct55 [4], suzix55 [4]
ohc-file-size: 55060
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=556391668,2468105701&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=94
175.6.243.35200 OK 4.3 kB URL HTTP/2 img2.baidu.com/it/u=556391668,2468105701&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=94
IP 175.6.243.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x94, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01409a138085509cc00e0f0f0fece498
6edbcee7da34353914e8d9f051550ede2ff20113
191105239923cb4c83cb2409fd9dc65d6fa5c96dc5410924427736ca607d59ca
GET /it/u=556391668,2468105701&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=94 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12254.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 05:38:53 GMT
content-type: image/webp
content-length: 4332
expires: Mon, 27 Mar 2023 08:13:15 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 01409a138085509cc00e0f0f0fece498
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 25 Feb 2023 08:13:15 GMT
ohc-cache-hit: hengyct63 [1], czix197 [2]
ohc-file-size: 4332
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1099339887,639831898&fm=253&app=120&f=JPEG?w=1280&h=800
124.239.243.35200 OK 136 kB URL HTTP/1.1 img2.baidu.com/it/u=1099339887,639831898&fm=253&app=120&f=JPEG?w=1280&h=800
IP 124.239.243.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 136 kB (136384 bytes)
Hash 7995f427f213ec528248b2284c4594c4
d1a7ba463ed650415621bca91f00f5baae7c535b
52dcee5b87daaff7ebd6466a6f065b4edceb42eddb0dab0bc617e1fa250f878f
GET /it/u=1099339887,639831898&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:52 GMT
Content-Type: image/jpeg
Content-Length: 136384
Connection: keep-alive
Expires: Sat, 18 Mar 2023 07:27:57 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 7995f427f213ec528248b2284c4594c4
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 16 Feb 2023 07:27:57 GMT
Ohc-Cache-HIT: lf7ct52 [2], suzix96 [4]
Ohc-File-Size: 136384
X-Cache-Status: MISS
12254.url.tudown.com/favicon.ico
168.206.200.52200 OK 0 B URL HTTP/1.1 12254.url.tudown.com/favicon.ico
IP 168.206.200.52:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 12254.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12254.url.tudown.com/down/%E6%88%BF%E6%80%9D%E7%90%AA%E7%9A%84%E5%88%9D%E6%81%8B%E4%B9%90%E5%9B%AD@306_248332.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1678599532; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1678599532
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 05:38:54 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
t14.baidu.com/it/u=3780010149,641055172&fm=224&app=112&f=JPEG?w=402&h=500
185.10.104.124200 OK 30 kB URL HTTP/1.1 t14.baidu.com/it/u=3780010149,641055172&fm=224&app=112&f=JPEG?w=402&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 402x500, components 3\012- data
Hash 4db463e193f35bbe205c843c7585f794
f0b6053ff2a17aa5ab0a7e21869c1a11a4d6fff3
9a1ed5f514fa23be6954253a0a4a88e919292487cb0a1096dcfd580de0ebe714
GET /it/u=3780010149,641055172&fm=224&app=112&f=JPEG?w=402&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:54 GMT
Content-Type: image/jpeg
Content-Length: 29549
Connection: keep-alive
Expires: Mon, 10 Apr 2023 04:48:41 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: 4db463e193f35bbe205c843c7585f794
Age: 5615
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 11 Mar 2023 04:48:41 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache50 [1], xiangyix98 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 29549
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1338558106,1913865723&fm=224&app=112&f=JPEG?w=500&h=500&s=1A106C8004C772F8DEAC49DA030090A2
185.10.104.124200 OK 54 kB URL HTTP/1.1 t14.baidu.com/it/u=1338558106,1913865723&fm=224&app=112&f=JPEG?w=500&h=500&s=1A106C8004C772F8DEAC49DA030090A2
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c7803ebf89ffdc47f560d1636e687b67
97db3bbb0dfa80903d72cba7cd58eaef006f35cc
4c398f61eecb0a8f614594254a72b1af3068b4bc16d85d7b1dc2ba67fd108351
GET /it/u=1338558106,1913865723&fm=224&app=112&f=JPEG?w=500&h=500&s=1A106C8004C772F8DEAC49DA030090A2 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:54 GMT
Content-Type: image/jpeg
Content-Length: 53931
Connection: keep-alive
Expires: Thu, 30 Mar 2023 02:01:55 GMT
Last-Modified: Mon, 19 Jan 1970 00:00:00 GMT
ETag: c7803ebf89ffdc47f560d1636e687b67
Age: 1387
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 28 Feb 2023 02:01:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache61 [1], qdix136 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53931
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=1858255056,1367665810&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 31 kB URL HTTP/1.1 t13.baidu.com/it/u=1858255056,1367665810&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1d05b5948a15602d79b26d6ff0eed43f
2f47cb7bcaae8cb2ccc6e58064ebe3939826b9a5
2723c4d2db059e74746ea13abe109b4e46bd5d8f187c46a97e776211ee553447
GET /it/u=1858255056,1367665810&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:55 GMT
Content-Type: image/jpeg
Content-Length: 30894
Connection: keep-alive
Expires: Fri, 31 Mar 2023 02:37:03 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 1d05b5948a15602d79b26d6ff0eed43f
Age: 859386
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Mar 2023 02:37:03 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache55 [1], suzix196 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 30894
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=924540176,93292248&fm=224&app=112&f=JPEG?w=500&h=500&s=79B7B7BA4006C3FB1005087C03008064
185.10.104.124200 OK 66 kB URL HTTP/1.1 t13.baidu.com/it/u=924540176,93292248&fm=224&app=112&f=JPEG?w=500&h=500&s=79B7B7BA4006C3FB1005087C03008064
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9754467fde15e36856b1019bff4f6621
89e57e6eb2a139b88b3ae3f4d9f7ff23d946b53d
f59699809858c5322964e5bd9d7adf851c9633dffdaff7f7def37572eb13f95f
GET /it/u=924540176,93292248&fm=224&app=112&f=JPEG?w=500&h=500&s=79B7B7BA4006C3FB1005087C03008064 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12254.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 05:38:56 GMT
Content-Type: image/jpeg
Content-Length: 66406
Connection: keep-alive
Expires: Fri, 17 Mar 2023 11:20:20 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 9754467fde15e36856b1019bff4f6621
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 15 Feb 2023 11:20:19 GMT
Ohc-Upstream-Trace: 122.228.213.82; 58.20.204.53
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache137 [1], qdix137 [4]
Ohc-Response-Time: 1 0 0 11 380 381
Ohc-File-Size: 66406
X-Cache-Status: MISS