r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Sat, 04 Feb 2023 09:46:47 GMT
Date: Sat, 04 Feb 2023 08:09:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3589
Expires: Sat, 04 Feb 2023 09:09:43 GMT
Date: Sat, 04 Feb 2023 08:09:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7028
Expires: Sat, 04 Feb 2023 10:07:02 GMT
Date: Sat, 04 Feb 2023 08:09:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 07:43:37 GMT
content-type: application/json
age: 1577
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Td0APaIDW/cl2AIWay6b7qBw5tFJeOhAnnCdgyu6MaYPNP+Jt3xDO3fzzHWbaMQIBTx/i8zJuYb/eB8k/DbNQA==
x-amz-request-id: 6VYK1MDT962BNTS8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 07:52:45 GMT
age: 1029
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:09:54 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 08:07:19 GMT
age: 155
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10808
Expires: Sat, 04 Feb 2023 11:10:03 GMT
Date: Sat, 04 Feb 2023 08:09:55 GMT
Connection: keep-alive
21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
154.218.151.71200 OK 6.8 kB URL HTTP/1.1 21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (729), with CRLF, LF line terminators
Hash c23f0257df41c3f1cfb4204191c0ec07
76264c1a281ddf60e5b102999311da816790e31f
836ab859e0688c775ca98b6e29167bab23901897beb6cc1b6b8f5041fe726c79
Analyzer Verdict Alert fortinet Malware
GET /xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:09:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
35.166.224.175101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.224.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pgPoEPJhAVg+2U2hDfb8vw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5HQcGqWfcPdCNbYMWXLwcOM/wII=
21426.url.tudown.com/template/company/0302/css/style.min.css
154.218.151.71200 OK 5.0 kB URL HTTP/1.1 21426.url.tudown.com/template/company/0302/css/style.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (25242), with no line terminators
Hash c7b1260ebcbb9c63a6744c1e9f37ba87
08de2e04ca3fe765892cc77a80c65d2c42eedec7
d8d7b908e1455fef566bb414772fd354a739ea3738d79294feea1293265a0d57
GET /template/company/0302/css/style.min.css HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:09:55 GMT
Content-Type: text/css
Last-Modified: Tue, 02 Mar 2021 15:32:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"603e5a86-629a"
Expires: Sat, 04 Feb 2023 20:09:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21426.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 21426.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:09:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
21426.url.tudown.com/template/company/0302/css//style.css
154.218.151.71200 OK 20 kB URL HTTP/1.1 21426.url.tudown.com/template/company/0302/css//style.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with very long lines (65196), with CRLF line terminators
Hash 5867494c833cc596e0a94c636a8b4e49
387a9f0cd088b2d551446ef3e4f44858f5588829
10b2002f9661120f7f6d13a8cbf377070a42b5bedf5f458bd8e7384a85f8a760
GET /template/company/0302/css//style.css HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:09:55 GMT
Content-Type: text/css
Last-Modified: Tue, 02 Mar 2021 15:38:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"603e5bde-1bc98"
Expires: Sat, 04 Feb 2023 20:09:55 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21426.url.tudown.com/template/company/0302/js/jquery.min.js
154.218.151.71200 OK 33 kB URL HTTP/1.1 21426.url.tudown.com/template/company/0302/js/jquery.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32110), with CRLF line terminators
Hash 7509321c69d54b101a4a43e782868a2a
679c3d5a3772a714bc03a99ed06c18ab35961a53
b3fe20feaad99931eb923101edfaffcc11ca67d7d0f87f772b62fb2d86f74db0
GET /template/company/0302/js/jquery.min.js HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:09:56 GMT
Content-Type: application/javascript
Last-Modified: Thu, 27 Aug 2020 11:40:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f479bab-1449c"
Expires: Sat, 04 Feb 2023 20:09:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21426.url.tudown.com/template/company/0302/js/main.js
154.218.151.71200 OK 18 kB URL HTTP/1.1 21426.url.tudown.com/template/company/0302/js/main.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (17543), with CRLF line terminators
Hash ea96e586f9095ed9d4b542159488d75a
81fd5eb364579e7c609f545be90d109eddf8b695
89fc7055f00e92705f671d339bf701a965f31a8a02852918c6a5de9ef2836483
GET /template/company/0302/js/main.js HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:09:56 GMT
Content-Type: application/javascript
Last-Modified: Thu, 27 Aug 2020 11:40:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f479ba8-cd88"
Expires: Sat, 04 Feb 2023 20:09:56 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ae58d39edb7923f0dac8e7b20767f306
827e75323edf1548d2b898b96caaec9556893e3a
2c18f66718230665099bdc4a96dbed4e667ff233f9853aebd3e0802235c658d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C18F66718230665099BDC4A96DBED4E667FF233F9853AEBD3E0802235C658D8"
Last-Modified: Thu, 02 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21331
Expires: Sat, 04 Feb 2023 14:05:27 GMT
Date: Sat, 04 Feb 2023 08:09:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5075
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:09:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5075
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:09:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5075
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:09:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 37312
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 35963
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 35786
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 28153
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 35964
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f926cd4f39b1a10b152e5959b28ae29e
2b1982d21321071394e363888e007598e968fb35
a51b246a9aa5a2583cae7fd4f0a3bdf73f0b318b7838828d36ea5674a5f26753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13309
x-amzn-requestid: f6a3f0f3-d91b-4f4d-8265-0f87742ba5d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFeBFX4oAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd82bf-5808ceec265756c702d212dc;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:55:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WWjzs8W8GmSAM0-Uc8XBTxz67RJJCIzp3fBYhkoIWZ26UrobmZV8mw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:28:17 GMT
age: 34899
etag: "2b1982d21321071394e363888e007598e968fb35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
21426.url.tudown.com/uploads/images/447099.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/447099.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/447099.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2137406555,4096306465&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=436
21426.url.tudown.com/uploads/images/227157.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/227157.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/227157.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1783721675,635933565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
21426.url.tudown.com/uploads/images/68813.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/68813.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/68813.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2848506614,1597189311&fm=224&app=112&f=PNG?w=500&h=500
21426.url.tudown.com/uploads/images/583191.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/583191.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/583191.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1463220144,1141645343&fm=224&app=112&f=JPEG?w=500&h=500&s=29D27387840237FF6600A49A0300D093
21426.url.tudown.com/uploads/images/27111.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/27111.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/27111.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1962900692,349528856&fm=224&app=112&f=JPEG?w=500&h=500&s=78F6209E000522F85296FD760300B069
21426.url.tudown.com/uploads/images/757709.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/757709.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/757709.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:56 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2199658093,3860547960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash fd85c457807ba420192d9fdb1e3b2e76
1309191996088c5e1bce3f6d5ca5b8ea2ff489ad
7d1c4dba2f7a95c9ec75b4f5abeb2b9d66abc8650424b896152f4d27fd3b4a8c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 06:27:25 GMT
ETag: "1309191996088c5e1bce3f6d5ca5b8ea2ff489ad"
Last-Modified: Sat, 04 Feb 2023 06:27:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3489
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941ed54aac40b31-OSL
21426.url.tudown.com/uploads/images/306672.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/306672.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/306672.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3206076334,524043272&fm=253&app=120&f=JPEG?w=1280&h=800
21426.url.tudown.com/uploads/images/15613.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/15613.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/15613.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1703669981,2176740673&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=333
21426.url.tudown.com/uploads/images/491531.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/491531.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/491531.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1072862072,1898667836&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=588
21426.url.tudown.com/uploads/images/384256.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/384256.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/384256.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2721007798,1536758920&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=240
21426.url.tudown.com/uploads/images/logo.png?n=5gmjz2mywps3raxfrsc6ri4f4weln2maudsy5aq&w=250
154.218.151.71200 OK 3.5 kB URL HTTP/1.1 21426.url.tudown.com/uploads/images/logo.png?n=5gmjz2mywps3raxfrsc6ri4f4weln2maudsy5aq&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 54a0b5531a7677fa22acfb911c9cd66f
23117d308412030737b0baef4f1e139062397123
7f028ddfaab6034bada7cf7c1d0c34d1c9bc578634bd26d45818edcc9dc7ccbd
GET /uploads/images/logo.png?n=5gmjz2mywps3raxfrsc6ri4f4weln2maudsy5aq&w=250 HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
21426.url.tudown.com/template/company/0302/css//fonts/iconfont.woff2
154.218.151.71200 OK 34 kB URL HTTP/1.1 21426.url.tudown.com/template/company/0302/css//fonts/iconfont.woff2
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (729), with CRLF, LF line terminators
Hash 4b71dc63e73c3677474949ed2630926c
4ffbe3045ca427a777490f9275713d9fd9e96b5e
af2136d1cf04c05d9050f96fa0ea1311f1648ae7928924a245a3789f87c4deb8
GET /template/company/0302/css//fonts/iconfont.woff2 HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://21426.url.tudown.com/template/company/0302/css//style.css
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
at.alicdn.com/t/font_1652089_tg0x7qv1f1.woff2
47.246.44.251200 OK 1.0 kB URL HTTP/1.1 at.alicdn.com/t/font_1652089_tg0x7qv1f1.woff2
IP 47.246.44.251:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type Web Open Font Format (Version 2), TrueType, length 1032, version 1.0\012- data
Hash 5011371b36b7287ee277dee3889c83f6
d8e51076284dd4265431a4d44025642da256a89e
ccc1ce96db7771bb8bb0e54318fd87ab463c24b2e6bf0d9826fb33b097b6233f
GET /t/font_1652089_tg0x7qv1f1.woff2 HTTP/1.1
Host: at.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://21426.url.tudown.com
Connection: keep-alive
Referer: http://21426.url.tudown.com/
HTTP/1.1 200 OK
Server: Tengine
Content-Type: font/woff2
Content-Length: 1032
Connection: keep-alive
Date: Sat, 04 Feb 2023 08:09:57 GMT
x-oss-request-id: 63DE12D59DDDB03537FC9207
Vary: Origin
Accept-Ranges: bytes
ETag: "5011371B36B7287EE277DEE3889C83F6"
Last-Modified: Fri, 24 Dec 2021 17:00:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16100374768313971226
x-oss-storage-class: Standard
Cache-Control: max-age=63072000
Content-MD5: UBE3Gza3KH7id97jiJyD9g==
x-oss-server-time: 47
Ali-Swift-Global-Savetime: 1675498197
Via: cache13.l2us1[484,484,200-0,M], cache23.l2us1[485,0], cache3.se1[585,584,200-0,M], cache5.se1[587,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Sat, 04 Feb 2023 08:09:57 GMT
X-Swift-CacheTime: 31104000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9916754981969836969e
21426.url.tudown.com/uploads/images/383801.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/383801.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/383801.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2999582254,2869472530&fm=224&app=112&f=JPEG?w=500&h=500
21426.url.tudown.com/uploads/images/956147.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/956147.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/956147.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1094340344,855539174&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=676
21426.url.tudown.com/uploads/images/837386.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/837386.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/837386.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=59549531,2692727658&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=200
21426.url.tudown.com/uploads/images/435583.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/435583.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/435583.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3949420600,2442572290&fm=253&app=120&f=JPEG?w=1422&h=800
21426.url.tudown.com/uploads/images/937967.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/937967.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/937967.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=359193520,2939900075&fm=224&app=112&f=JPEG?w=500&h=500
21426.url.tudown.com/uploads/images/521423.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/521423.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/521423.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=16218521,333722630&fm=224&app=112&f=JPEG?w=397&h=500
21426.url.tudown.com/uploads/images/693710.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/693710.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/693710.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=86110167,2849203977&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
21426.url.tudown.com/uploads/images/108997.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/108997.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/108997.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4252571863,1839450856&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500
21426.url.tudown.com/uploads/images/535120.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/535120.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/535120.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1928007667,2265831670&fm=224&app=112&f=JPEG?w=500&h=500
21426.url.tudown.com/uploads/images/877797.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/877797.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/877797.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4152553465,2571926182&fm=253&fmt=auto&app=138&f=JPEG?w=413&h=620
21426.url.tudown.com/uploads/images/494527.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/494527.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/494527.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4286396864,596511379&fm=253&fmt=auto&app=138&f=JPEG?w=359&h=499
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e425d8f9e367de5af66503bc3e0e27b8
05b44906cbeb26e8515afbf78519e70e26fae4ee
9c792ca2e2db616bb44b4bea2d4e3229047698321c791e6b5907bf9bf026fc95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124404
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:09:58 GMT
Etag: "63dd55ca-1d7"
Expires: Sun, 05 Feb 2023 18:43:22 GMT
Last-Modified: Fri, 03 Feb 2023 18:43:22 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e425d8f9e367de5af66503bc3e0e27b8
05b44906cbeb26e8515afbf78519e70e26fae4ee
9c792ca2e2db616bb44b4bea2d4e3229047698321c791e6b5907bf9bf026fc95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1682
Cache-Control: max-age=126086
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:09:58 GMT
Etag: "63dd55ca-1d7"
Expires: Sun, 05 Feb 2023 19:11:24 GMT
Last-Modified: Fri, 03 Feb 2023 18:43:22 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
21426.url.tudown.com/uploads/images/169739.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/169739.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/169739.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=4122408476,2975001452&fm=224&app=112&f=JPEG?w=500&h=500
21426.url.tudown.com/uploads/images/651622.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/651622.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/651622.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=334040582,3735622414&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e425d8f9e367de5af66503bc3e0e27b8
05b44906cbeb26e8515afbf78519e70e26fae4ee
9c792ca2e2db616bb44b4bea2d4e3229047698321c791e6b5907bf9bf026fc95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124404
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:09:58 GMT
Etag: "63dd55ca-1d7"
Expires: Sun, 05 Feb 2023 18:43:22 GMT
Last-Modified: Fri, 03 Feb 2023 18:43:22 GMT
Server: nginx
Content-Length: 471
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash d7edbcf234b303926dfdc1a9376eeaf2
1115101d92806d2f1bf8c0ef76f23432fa73b4f3
e732a8b293efb2448a5ae3afb6351f4dc21730ecde9a00d93b4046ff1f03de6b
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21426.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 08:09:57 GMT
Etag: 4c0733546c5b36c82e86251c18d1cedb
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=07D4219424EBA3FE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
21426.url.tudown.com/uploads/images/466236.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/466236.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/466236.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1364284388,198794146&fm=253&fmt=auto&app=138&f=GIF?w=500&h=691
21426.url.tudown.com/uploads/images/168036.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/168036.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/168036.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1658491064,4170403912&fm=224&app=112&f=JPEG?w=401&h=500
hm.baidu.com/hm.js?71b36f22c21839fd7a38e40d68b92934
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?71b36f22c21839fd7a38e40d68b92934
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (624)
Hash af2c4ce5614d738ddf54be486bad99b9
869cbc2a4da9866e4980b9bdb0d181b91127c1a4
a9a4eb52d331cb4d64b1eb704b88ad6a89c1ec8052c36bf2a0578798aa1b35fe
GET /hm.js?71b36f22c21839fd7a38e40d68b92934 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21426.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11262
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 08:09:57 GMT
Etag: 349ab1115b22db3ae139fe24c37259a0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=19E0C2B70ED94234; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
21426.url.tudown.com/template/company/0302/css//fonts/iconfont.woff
154.218.151.71200 OK 34 kB URL HTTP/1.1 21426.url.tudown.com/template/company/0302/css//fonts/iconfont.woff
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (729), with CRLF, LF line terminators
Hash 4e13b56f7571724d33151ac6091f2b51
6978ef3e934f8c20af109645395ea9d93304d5f2
317171bfd7287cac511da12996fb3637114e728bd3f7ebb9efa1e748f629f4e2
GET /template/company/0302/css//fonts/iconfont.woff HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://21426.url.tudown.com/template/company/0302/css//style.css
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
21426.url.tudown.com/uploads/images/633916.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/633916.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/633916.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1838257260,3150999738&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1422
t15.baidu.com/it/u=1962900692,349528856&fm=224&app=112&f=JPEG?w=500&h=500&s=78F6209E000522F85296FD760300B069
185.10.104.124200 OK 42 kB URL HTTP/1.1 t15.baidu.com/it/u=1962900692,349528856&fm=224&app=112&f=JPEG?w=500&h=500&s=78F6209E000522F85296FD760300B069
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 84e81a969f5457e35889bca98ca398c5
b6044f4b5a7024af76caecd2b8a5baccc1054f80
a9f9957d0197d2855bcd4070ca874f309fa3197f3f1917581e3f824ceed008cd
GET /it/u=1962900692,349528856&fm=224&app=112&f=JPEG?w=500&h=500&s=78F6209E000522F85296FD760300B069 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 42241
Connection: keep-alive
Expires: Wed, 22 Feb 2023 14:00:16 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 84e81a969f5457e35889bca98ca398c5
Age: 991609
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 14:00:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache50 [2], wzix50 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 42241
X-Cache-Status: HIT
Timing-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e425d8f9e367de5af66503bc3e0e27b8
05b44906cbeb26e8515afbf78519e70e26fae4ee
9c792ca2e2db616bb44b4bea2d4e3229047698321c791e6b5907bf9bf026fc95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124404
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:09:58 GMT
Etag: "63dd55ca-1d7"
Expires: Sun, 05 Feb 2023 18:43:22 GMT
Last-Modified: Fri, 03 Feb 2023 18:43:22 GMT
Server: nginx
Content-Length: 471
t15.baidu.com/it/u=16218521,333722630&fm=224&app=112&f=JPEG?w=397&h=500
185.10.104.124200 OK 49 kB URL HTTP/1.1 t15.baidu.com/it/u=16218521,333722630&fm=224&app=112&f=JPEG?w=397&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 397x500, components 3\012- data
Hash 4da62e1ead068b80047ec33317b75fb5
398dac3e27dc25660e41575b011226e4e99beb9b
63d75015c715143a90ad7ed283d4b312068f8ac3faa0438d33ee041772f5a87b
GET /it/u=16218521,333722630&fm=224&app=112&f=JPEG?w=397&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 48848
Connection: keep-alive
Expires: Sun, 05 Feb 2023 14:45:32 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 4da62e1ead068b80047ec33317b75fb5
Age: 2024608
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 14:45:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache54 [4], xaix127 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 48848
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=359193520,2939900075&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 47 kB URL HTTP/1.1 t15.baidu.com/it/u=359193520,2939900075&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fa144cc53688a22c5839bbff31f38afd
72c36eb96ef7e9cde7c2e1eb7745eff21272ce60
305bd100736f21f4f38ff1305f560b868bf700ab62ba3acc6f7d52553d467129
GET /it/u=359193520,2939900075&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 47234
Connection: keep-alive
Expires: Wed, 08 Feb 2023 10:44:39 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: fa144cc53688a22c5839bbff31f38afd
Age: 2025465
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 10:44:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache54 [1], bdix68 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 47234
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1928007667,2265831670&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 60 kB URL HTTP/1.1 t15.baidu.com/it/u=1928007667,2265831670&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 332a195c9bc9c9ea18b527cb53535dca
792d0e5893a32fa7cfe38a7e17b503a1506dc72c
55a03c97a93b477cea6480796fc9ed11a169e721046477c52755a6f3f127a54b
GET /it/u=1928007667,2265831670&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 59853
Connection: keep-alive
Expires: Sun, 26 Feb 2023 01:54:34 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 332a195c9bc9c9ea18b527cb53535dca
Age: 364752
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 27 Jan 2023 01:54:34 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache59 [1], xaix95 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 59853
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=2848506614,1597189311&fm=224&app=112&f=PNG?w=500&h=500
185.10.104.124200 OK 415 kB URL HTTP/1.1 t14.baidu.com/it/u=2848506614,1597189311&fm=224&app=112&f=PNG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 415 kB (414586 bytes)
Hash 8e1d1d3377242616425688dbe49b9693
7870c9ec53555bb660fd09caebc44d235d10b839
dcf08f0437cdb4d1f41237b82aea3267bcfedef817e4cd4029932b3ae1fd76a3
GET /it/u=2848506614,1597189311&fm=224&app=112&f=PNG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/png
Content-Length: 414586
Connection: keep-alive
Expires: Wed, 08 Feb 2023 11:29:21 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 8e1d1d3377242616425688dbe49b9693
Age: 2027082
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 11:29:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], xzuncache57 [1], xaix57 [3]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 414586
X-Cache-Status: HIT
Timing-Allow-Origin: *
img.yingyongge.com/wp-content/uploads/apk.png
47.75.18.176404 Not Found 264 B URL HTTP/1.1 img.yingyongge.com/wp-content/uploads/apk.png
IP 47.75.18.176:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type XML 1.0 document text\012- XML document, ASCII text
Hash 3322bf970b845964e5105557d69d90fb
36abc838a8f8ef6b6c3d55df822211fcde847dd4
a9c1cca48a5a52b2ff6fce33131fe3ecf46cad348ff48b8b87794214b17135d2
GET /wp-content/uploads/apk.png HTTP/1.1
Host: img.yingyongge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21426.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: AliyunOSS
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: application/xml
Content-Length: 264
Connection: keep-alive
x-oss-request-id: 63DE12D6D0409B393122F7E0
x-oss-server-time: 8
img.yingyongge.com/wp-content/uploads/ios.png
47.75.18.176404 Not Found 264 B URL HTTP/1.1 img.yingyongge.com/wp-content/uploads/ios.png
IP 47.75.18.176:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type XML 1.0 document text\012- XML document, ASCII text
Hash 9a658faa8a824bcece73605f4dddac81
82b8ca5d81a4227c8e18cf13b545f8820cb3067e
99f38d400fc4540640ce264c69ced629990ece113744f20de7ef239e67c7e020
GET /wp-content/uploads/ios.png HTTP/1.1
Host: img.yingyongge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21426.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: AliyunOSS
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: application/xml
Content-Length: 264
Connection: keep-alive
x-oss-request-id: 63DE12D6DA8A7930355560FF
x-oss-server-time: 4
t14.baidu.com/it/u=1658491064,4170403912&fm=224&app=112&f=JPEG?w=401&h=500
185.10.104.124200 OK 29 kB URL HTTP/1.1 t14.baidu.com/it/u=1658491064,4170403912&fm=224&app=112&f=JPEG?w=401&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 401x500, components 3\012- data
Hash debb65dbff027286be526682d8369ce3
69befa1f0bf59ad4ca810c3646c9d43bf8da23f0
43761587ee1722e0b2895706be9f257448c9f71b87ebf017a063ef680b0e6b37
GET /it/u=1658491064,4170403912&fm=224&app=112&f=JPEG?w=401&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 29329
Connection: keep-alive
Expires: Fri, 10 Feb 2023 02:46:15 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: debb65dbff027286be526682d8369ce3
Age: 2026078
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 02:46:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache64 [2], czix164 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 29329
X-Cache-Status: HIT
Timing-Allow-Origin: *
21426.url.tudown.com/uploads/images/915009.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/915009.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/915009.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=923650067,1582786918&fm=224&app=112&f=JPEG?w=500&h=500&s=D89CFCB218564FEF46A0217103005072
21426.url.tudown.com/uploads/images/211800.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/211800.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/211800.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1788862553,3012281700&fm=253&fmt=auto?w=240&h=180
t14.baidu.com/it/u=923650067,1582786918&fm=224&app=112&f=JPEG?w=500&h=500&s=D89CFCB218564FEF46A0217103005072
185.10.104.124200 OK 61 kB URL HTTP/1.1 t14.baidu.com/it/u=923650067,1582786918&fm=224&app=112&f=JPEG?w=500&h=500&s=D89CFCB218564FEF46A0217103005072
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash fe525d3e114b4bc6e7bb6d73d8637be1
4e4038a96bfa1effa5d6e3e4991105c65cf6545a
d78dd2fbe12416f091c8c61f74d585d7f4e08e43c2acd65a56add649457e084e
GET /it/u=923650067,1582786918&fm=224&app=112&f=JPEG?w=500&h=500&s=D89CFCB218564FEF46A0217103005072 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 61059
Connection: keep-alive
Expires: Thu, 02 Mar 2023 17:12:29 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: fe525d3e114b4bc6e7bb6d73d8637be1
Age: 190292
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 31 Jan 2023 17:12:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache62 [4], csix107 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 61059
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=4122408476,2975001452&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 38 kB URL HTTP/1.1 t14.baidu.com/it/u=4122408476,2975001452&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 62c06ca01cb2577770747a9e998c09d3
f3501afd1077bc2f93c685cf14686d38750d6a61
b3fc231fe03e429e41ca81fdc965b76a0b308f184fbecc898e3efb786523d3d3
GET /it/u=4122408476,2975001452&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 37860
Connection: keep-alive
Expires: Mon, 06 Feb 2023 18:53:23 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 62c06ca01cb2577770747a9e998c09d3
Age: 2026767
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 18:53:23 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache59 [4], xiangyix221 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 37860
X-Cache-Status: HIT
Timing-Allow-Origin: *
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1249593159&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=30423&r=0&ww=1280&u=http%3A%2F%2F21426.url.tudown.com%2Fxiaz%2F%25E4%25B8%2587%25E8%2583%25BD%25E7%25BD%2591%25E5%258D%25A1%25E9%25A9%25B1%25E5%258A%25A8forwin1064bitv2018.01.24.1733%40719_271513.exe&tt=Ag%E4%BA%9A%E6%B4%B2%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1249593159&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=30423&r=0&ww=1280&u=http%3A%2F%2F21426.url.tudown.com%2Fxiaz%2F%25E4%25B8%2587%25E8%2583%25BD%25E7%25BD%2591%25E5%258D%25A1%25E9%25A9%25B1%25E5%258A%25A8forwin1064bitv2018.01.24.1733%40719_271513.exe&tt=Ag%E4%BA%9A%E6%B4%B2%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1249593159&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=30423&r=0&ww=1280&u=http%3A%2F%2F21426.url.tudown.com%2Fxiaz%2F%25E4%25B8%2587%25E8%2583%25BD%25E7%25BD%2591%25E5%258D%25A1%25E9%25A9%25B1%25E5%258A%25A8forwin1064bitv2018.01.24.1733%40719_271513.exe&tt=Ag%E4%BA%9A%E6%B4%B2%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21426.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 08:09:58 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F7A9E36A64AF358B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
t13.baidu.com/it/u=2999582254,2869472530&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 46 kB URL HTTP/1.1 t13.baidu.com/it/u=2999582254,2869472530&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0763f480a22ca010bcd5dcfe8f288412
6b37f8d6270986a82afd66f3146b5b0690656ac0
ce14be0fa49272f92f2ec54e56f5f7d5b4332b5e51dad9010bdb2a526f26a999
GET /it/u=2999582254,2869472530&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 45738
Connection: keep-alive
Expires: Mon, 06 Feb 2023 21:28:50 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 0763f480a22ca010bcd5dcfe8f288412
Age: 1959677
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 21:28:50 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache62 [1], qdix162 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 45738
X-Cache-Status: HIT
Timing-Allow-Origin: *
21426.url.tudown.com/uploads/images/46221.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/46221.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/46221.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2245729360,3478553822&fm=253&fmt=auto&app=120&f=JPEG?w=350&h=350
t14.baidu.com/it/u=1463220144,1141645343&fm=224&app=112&f=JPEG?w=500&h=500&s=29D27387840237FF6600A49A0300D093
185.10.104.124200 OK 52 kB URL HTTP/1.1 t14.baidu.com/it/u=1463220144,1141645343&fm=224&app=112&f=JPEG?w=500&h=500&s=29D27387840237FF6600A49A0300D093
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 69f46be60272b10aab2918436b83cee9
d1d70dfaf08126eeb5329a29d70a398c50bd9673
c0523ac0b6bd671c82e3d0842b94b42f1a1764e09e8934dd935123f247e38bc4
GET /it/u=1463220144,1141645343&fm=224&app=112&f=JPEG?w=500&h=500&s=29D27387840237FF6600A49A0300D093 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 51976
Connection: keep-alive
Expires: Sun, 12 Feb 2023 08:55:39 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 69f46be60272b10aab2918436b83cee9
Age: 1861438
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 08:55:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache65 [1], suzix207 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51976
X-Cache-Status: HIT
Timing-Allow-Origin: *
21426.url.tudown.com/uploads/images/39152.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/39152.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/39152.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3147742287,2683026221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
21426.url.tudown.com/uploads/images/869225.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/869225.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/869225.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3084522320,777156884&fm=224&app=112&f=JPEG?w=500&h=500
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=671195154&si=71b36f22c21839fd7a38e40d68b92934&v=1.3.0&lv=1&sn=30423&r=0&ww=1280&u=http%3A%2F%2F21426.url.tudown.com%2Fxiaz%2F%25E4%25B8%2587%25E8%2583%25BD%25E7%25BD%2591%25E5%258D%25A1%25E9%25A9%25B1%25E5%258A%25A8forwin1064bitv2018.01.24.1733%40719_271513.exe&tt=Ag%E4%BA%9A%E6%B4%B2%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=671195154&si=71b36f22c21839fd7a38e40d68b92934&v=1.3.0&lv=1&sn=30423&r=0&ww=1280&u=http%3A%2F%2F21426.url.tudown.com%2Fxiaz%2F%25E4%25B8%2587%25E8%2583%25BD%25E7%25BD%2591%25E5%258D%25A1%25E9%25A9%25B1%25E5%258A%25A8forwin1064bitv2018.01.24.1733%40719_271513.exe&tt=Ag%E4%BA%9A%E6%B4%B2%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=671195154&si=71b36f22c21839fd7a38e40d68b92934&v=1.3.0&lv=1&sn=30423&r=0&ww=1280&u=http%3A%2F%2F21426.url.tudown.com%2Fxiaz%2F%25E4%25B8%2587%25E8%2583%25BD%25E7%25BD%2591%25E5%258D%25A1%25E9%25A9%25B1%25E5%258A%25A8forwin1064bitv2018.01.24.1733%40719_271513.exe&tt=Ag%E4%BA%9A%E6%B4%B2%E6%B8%B8%E6%88%8F(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99v5.5.31 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21426.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 08:09:58 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7792B85E4FFD4082; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img0.baidu.com/it/u=4152553465,2571926182&fm=253&fmt=auto&app=138&f=JPEG?w=413&h=620
113.219.142.35200 OK 12 kB URL HTTP/2 img0.baidu.com/it/u=4152553465,2571926182&fm=253&fmt=auto&app=138&f=JPEG?w=413&h=620
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 413x620, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 73c8eac7ff96d5461fd63429e0379a5c
3407f2b4abf6a92f7f7ac0b39d6bb4958a22b347
4f726e66461f196bdf401359deeb8860e60a9664bed93ddbf68cd7e5453361e6
GET /it/u=4152553465,2571926182&fm=253&fmt=auto&app=138&f=JPEG?w=413&h=620 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:58 GMT
content-type: image/webp
content-length: 11620
expires: Thu, 02 Mar 2023 02:38:16 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 73c8eac7ff96d5461fd63429e0379a5c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 02:38:16 GMT
ohc-cache-hit: chenzct59 [1], csix59 [4]
ohc-file-size: 11620
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=3084522320,777156884&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 49 kB URL HTTP/1.1 t15.baidu.com/it/u=3084522320,777156884&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 25c5db0db4ff083f25ece9c625aa11fe
b68b298dd0901f24367724a24462d713c6112d80
a727347a8c9326c6bc4fe4e2e372dbd01b437776c714e11bfd12d68ee72921f7
GET /it/u=3084522320,777156884&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:59 GMT
Content-Type: image/jpeg
Content-Length: 48827
Connection: keep-alive
Expires: Sun, 05 Feb 2023 11:10:37 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 25c5db0db4ff083f25ece9c625aa11fe
Age: 2025376
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 11:10:37 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache61 [4], suzix184 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 48827
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1788862553,3012281700&fm=253&fmt=auto?w=240&h=180
113.219.142.35200 OK 4.6 kB URL HTTP/2 img0.baidu.com/it/u=1788862553,3012281700&fm=253&fmt=auto?w=240&h=180
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x180, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0be5d972f7d6ac2ab462977d1e78000e
88176387a86e689db7f0553d1a09956723bbe06a
145b4a25f40f38a90d3e3e8382f6cb5c2083907c0f903a9e0b0b5b2d3400d89e
GET /it/u=1788862553,3012281700&fm=253&fmt=auto?w=240&h=180 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 4622
expires: Thu, 23 Feb 2023 00:36:51 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0be5d972f7d6ac2ab462977d1e78000e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 00:36:51 GMT
ohc-cache-hit: chenzct82 [1], bdix189 [4]
ohc-file-size: 4622
x-cache-status: MISS
X-Firefox-Spdy: h2
21426.url.tudown.com/uploads/images/664482.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/664482.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/664482.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2379956074,1169273549&fm=253&fmt=auto&app=138&f=JPEG?w=422&h=500
21426.url.tudown.com/uploads/images/741344.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/741344.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/741344.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=927344494,1003611236&fm=253&fmt=auto&app=138&f=JPEG?w=891&h=500
img1.baidu.com/it/u=86110167,2849203977&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
125.64.104.35200 OK 39 kB URL HTTP/2 img1.baidu.com/it/u=86110167,2849203977&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e680b47e00be3d29d64d7a0db8bf1985
a5310cd053e3bc09aaa04926b251d1fdd85aed6e
b2beec2b73ccbcc9cc470232a573aed753f8ed297673fecc9eaeaa3b23614177
GET /it/u=86110167,2849203977&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:58 GMT
content-type: image/webp
content-length: 38622
expires: Tue, 28 Feb 2023 01:27:00 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: e680b47e00be3d29d64d7a0db8bf1985
age: 84109
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 01:27:00 GMT
ohc-cache-hit: dy2ct71 [4], wzix71 [4]
ohc-file-size: 38622
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2199658093,3860547960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
125.64.104.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=2199658093,3860547960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x313, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 47ad6cc1b07f19953b54e7d08cd2ee1b
9181bf6020a72d36140642354f4e8b32052519dd
54a6a9c78f576c85e1702c7d0dd15260844e309c200ef492d4de8be3f0e788b9
GET /it/u=2199658093,3860547960&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:58 GMT
content-type: image/webp
content-length: 20408
expires: Tue, 21 Feb 2023 01:40:10 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 47ad6cc1b07f19953b54e7d08cd2ee1b
age: 54463
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 01:40:10 GMT
ohc-cache-hit: dy2ct99 [4], suzix136 [4]
ohc-file-size: 20408
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3949420600,2442572290&fm=253&app=120&f=JPEG?w=1422&h=800
125.64.104.35200 OK 113 kB URL HTTP/1.1 img1.baidu.com/it/u=3949420600,2442572290&fm=253&app=120&f=JPEG?w=1422&h=800
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 113 kB (113066 bytes)
Hash 40a408010d4c99edc434f632ef278ca4
aea17995f037c2a873b4bc8f6fe2e6f3a5c1cf27
e45e3c035d4eb5b5c887298b190effff6ac37ba34134e71b2bb5d7af153983b5
GET /it/u=3949420600,2442572290&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 113066
Connection: keep-alive
Expires: Mon, 06 Feb 2023 06:49:06 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: 40a408010d4c99edc434f632ef278ca4
Age: 86526
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 06:49:06 GMT
Ohc-Cache-HIT: dy2ct57 [4], xaix57 [4]
Ohc-File-Size: 113066
X-Cache-Status: HIT
21426.url.tudown.com/template/company/0302/css//fonts/iconfont.ttf
154.218.151.71200 OK 6.8 kB URL HTTP/1.1 21426.url.tudown.com/template/company/0302/css//fonts/iconfont.ttf
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (729), with CRLF, LF line terminators
Hash 53fd7b2db1b9aa41e682ecf73a433d69
a38f24e7e6de9f74b84bb4419a1360c6a71f8e04
868c0325cf2cd6efa80f11878f3a4522464f7e171089ac5b039a6f37caa52b64
GET /template/company/0302/css//fonts/iconfont.ttf HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/template/company/0302/css//style.css
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675498233; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675498233; Hm_lvt_71b36f22c21839fd7a38e40d68b92934=1675498233; Hm_lpvt_71b36f22c21839fd7a38e40d68b92934=1675498233
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:09:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
21426.url.tudown.com/uploads/images/405480.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/405480.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/405480.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=976054514,2806933368&fm=253&fmt=auto&app=120&f=JPEG?w=410&h=410
img0.baidu.com/it/u=3206076334,524043272&fm=253&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 87 kB URL HTTP/1.1 img0.baidu.com/it/u=3206076334,524043272&fm=253&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash bd5cf59a109aab296a1fa84f4efac928
5af1d2ff1320e373c09fa1b9c76f3ec124212f95
5f6cbad94100e88a9f8766d4d621660825657de86aa1238e8350e751ca0de208
GET /it/u=3206076334,524043272&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21426.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:09:58 GMT
Content-Type: image/jpeg
Content-Length: 87185
Connection: keep-alive
Expires: Mon, 06 Mar 2023 08:09:58 GMT
Last-Modified: Sat, 03 Jan 1970 00:00:00 GMT
ETag: bd5cf59a109aab296a1fa84f4efac928
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Feb 2023 08:09:58 GMT
Ohc-Cache-HIT: chenzct63 [1], xiangyix164 [1]
Ohc-File-Size: 87185
X-Cache-Status: MISS
21426.url.tudown.com/uploads/images/450281.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/450281.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/450281.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4206873190,3004808356&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=300
21426.url.tudown.com/uploads/images/9107.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/9107.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/9107.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1121689686,3778806586&fm=253&fmt=auto&app=138&f=JPEG?w=566&h=500
img1.baidu.com/it/u=1703669981,2176740673&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=333
125.64.104.35200 OK 11 kB URL HTTP/2 img1.baidu.com/it/u=1703669981,2176740673&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=333
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x333, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2e14dbaea2e71c9cbd2b382ba2a50eb6
f8b5affd18a7147ef09c7f3df926316ad87559a1
bab1995f348c0211874d8441f5436fabb4ee1b4194214f13e5b4302e512faf4a
GET /it/u=1703669981,2176740673&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=333 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:58 GMT
content-type: image/webp
content-length: 11152
expires: Thu, 16 Feb 2023 17:09:59 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 2e14dbaea2e71c9cbd2b382ba2a50eb6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 17 Jan 2023 17:09:59 GMT
ohc-cache-hit: dy2ct62 [1], csix62 [4]
ohc-file-size: 11152
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=59549531,2692727658&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=200
125.64.104.35200 OK 9.4 kB URL HTTP/2 img1.baidu.com/it/u=59549531,2692727658&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=200
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9605fbc942580af7f03c4fbee7e1e66f
be9d091c49bd0c16ee33edce45ca2e2c5cd553e8
f9633590c1a2f88b7321be4df97a24f2f0e1e84aa50d7269a9f435f9d76b9b6c
GET /it/u=59549531,2692727658&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=200 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:58 GMT
content-type: image/webp
content-length: 9354
expires: Wed, 22 Feb 2023 02:05:53 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 9605fbc942580af7f03c4fbee7e1e66f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:05:53 GMT
ohc-cache-hit: dy2ct109 [1], suzix215 [4]
ohc-file-size: 9354
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1094340344,855539174&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=676
125.64.104.35200 OK 22 kB URL HTTP/2 img1.baidu.com/it/u=1094340344,855539174&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=676
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x676, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3362514ad3bf7be6c10a574c13b8f9ff
4381a583c1d1dd0d14d557156118fee85833f2d9
a8a9359d1eb11bb2d0e4cf7ae813240be6b0a7dd7dc0ed899fba01b9ef667166
GET /it/u=1094340344,855539174&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=676 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:58 GMT
content-type: image/webp
content-length: 22482
expires: Wed, 22 Feb 2023 02:34:19 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 3362514ad3bf7be6c10a574c13b8f9ff
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:34:19 GMT
ohc-cache-hit: dy2ct116 [1], qdix142 [4]
ohc-file-size: 22482
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4252571863,1839450856&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500
42.101.56.35200 OK 39 kB URL HTTP/2 img2.baidu.com/it/u=4252571863,1839450856&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500
IP 42.101.56.35:0
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 362x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c04cd35e3b7220c37852f0895289c8eb
de893f6c029cda5837965356a06d7234b2c42308
2f9fe4c3c2e39ef66408e6f91e8d31e55521b5e6903776d30f1a6fc940bff8bf
GET /it/u=4252571863,1839450856&fm=253&fmt=auto&app=138&f=JPEG?w=362&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 39240
expires: Sun, 19 Feb 2023 05:33:28 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: c04cd35e3b7220c37852f0895289c8eb
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 05:33:28 GMT
ohc-cache-hit: hrb4ct76 [1], qdix76 [2]
ohc-file-size: 39240
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1072862072,1898667836&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=588
42.101.56.35200 OK 18 kB URL HTTP/2 img2.baidu.com/it/u=1072862072,1898667836&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=588
IP 42.101.56.35:0
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x588, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e27ba8b4252fd549c0d45b18af8da88f
454082e6926cb24d305d7dd9ef7a5e79f07972f8
524af69d83e2e124ffd46ca948a02468db2c39c40e0e2d176abeb8dc4c548de7
GET /it/u=1072862072,1898667836&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=588 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 18280
expires: Fri, 03 Mar 2023 07:20:31 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: e27ba8b4252fd549c0d45b18af8da88f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 07:20:31 GMT
ohc-cache-hit: hrb4ct51 [2], csix51 [2]
ohc-file-size: 18280
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=334040582,3735622414&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
113.219.142.35200 OK 11 kB URL HTTP/2 img0.baidu.com/it/u=334040582,3735622414&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b1d62bdc1cb20d9bdefc1b3b78356ec
2b7d7e4fa6404d2075ef162b75a7c625db26e2d9
70f68abd6972d25c44c3d67620ad0f0f190c97523c975c36670c44d5e217e7b2
GET /it/u=334040582,3735622414&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 11068
expires: Sat, 04 Mar 2023 03:01:32 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 3b1d62bdc1cb20d9bdefc1b3b78356ec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 03:01:32 GMT
ohc-cache-hit: chenzct74 [1], xiangyix155 [2]
ohc-file-size: 11068
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1783721675,635933565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
113.219.142.35200 OK 27 kB URL HTTP/2 img0.baidu.com/it/u=1783721675,635933565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x753, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b17ce1899916b9599538d6327c66232f
03acc9318ee66e9709aa4d13af10a549e4f40d6a
2ee776a46276f9b77abd68d07408c630b90add59878c3303e6037d1a590ebc7b
GET /it/u=1783721675,635933565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 27114
expires: Tue, 21 Feb 2023 21:31:51 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b17ce1899916b9599538d6327c66232f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 21:31:51 GMT
ohc-cache-hit: chenzct54 [1], suzix221 [4]
ohc-file-size: 27114
x-cache-status: MISS
X-Firefox-Spdy: h2
21426.url.tudown.com/uploads/images/813642.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/813642.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/813642.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3475017141,1283094648&fm=253&fmt=auto?w=1422&h=800
21426.url.tudown.com/uploads/images/981126.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21426.url.tudown.com/uploads/images/981126.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/981126.jpg HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:09:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=580850201,2848496032&fm=253&fmt=auto&app=120&f=JPEG?w=634&h=441
img1.baidu.com/it/u=4286396864,596511379&fm=253&fmt=auto&app=138&f=JPEG?w=359&h=499
125.64.104.35200 OK 36 kB URL HTTP/2 img1.baidu.com/it/u=4286396864,596511379&fm=253&fmt=auto&app=138&f=JPEG?w=359&h=499
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 359x499, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2edf5f2a8b439035ecf1434e9b831b58
16b6c9f4d07f4926afee248d63f203260418f5ee
9d13a90fffc9504eec8cb9cadf0f23423628c77f7f957b86e0cd61039588c701
GET /it/u=4286396864,596511379&fm=253&fmt=auto&app=138&f=JPEG?w=359&h=499 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:58 GMT
content-type: image/webp
content-length: 35920
expires: Mon, 06 Feb 2023 09:41:30 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 2edf5f2a8b439035ecf1434e9b831b58
age: 14473
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 09:41:30 GMT
ohc-cache-hit: dy2ct59 [4], csix59 [4]
ohc-file-size: 35920
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2379956074,1169273549&fm=253&fmt=auto&app=138&f=JPEG?w=422&h=500
125.64.104.35200 OK 37 kB URL HTTP/2 img1.baidu.com/it/u=2379956074,1169273549&fm=253&fmt=auto&app=138&f=JPEG?w=422&h=500
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 422x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 773212806f6e0a668d1c862591e78bec
4be66718cb6d4b6d574aa8b4152d4039dc23930e
7154be577be6eefff1426e07b7b44599a94bd28aef76ba9ff71aeea25e24046e
GET /it/u=2379956074,1169273549&fm=253&fmt=auto&app=138&f=JPEG?w=422&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 37232
expires: Mon, 20 Feb 2023 11:09:01 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 773212806f6e0a668d1c862591e78bec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 11:09:01 GMT
ohc-cache-hit: dy2ct62 [1], xaix62 [4]
ohc-file-size: 37232
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4206873190,3004808356&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=300
125.64.104.35200 OK 5.0 kB URL HTTP/2 img1.baidu.com/it/u=4206873190,3004808356&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=300
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 440x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8b373439782959471ae685561e2531ce
e3a8c30634358a48c0d915c26075ce18d1412f80
6ee68d03df7bb7128f42f58c7aa43b69fe135bbf51dd8f9fa1e9b25cd4da3db0
GET /it/u=4206873190,3004808356&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=300 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 4950
expires: Thu, 16 Feb 2023 10:08:19 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 8b373439782959471ae685561e2531ce
age: 85065
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 17 Jan 2023 10:08:19 GMT
ohc-cache-hit: dy2ct68 [4], czix68 [4]
ohc-file-size: 4950
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2245729360,3478553822&fm=253&fmt=auto&app=120&f=JPEG?w=350&h=350
42.101.56.35200 OK 28 kB URL HTTP/2 img2.baidu.com/it/u=2245729360,3478553822&fm=253&fmt=auto&app=120&f=JPEG?w=350&h=350
IP 42.101.56.35:0
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a97e30bc8813f957c1facbe95c450a5c
f33740da46df1612ef78cfe5520f8a4f1144c177
e12e80700147fdbd11d76420c6f1aaec240dc26491b01a9c55c7911c2e705ab4
GET /it/u=2245729360,3478553822&fm=253&fmt=auto&app=120&f=JPEG?w=350&h=350 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 27932
expires: Tue, 14 Feb 2023 02:43:29 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: a97e30bc8813f957c1facbe95c450a5c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 02:43:29 GMT
ohc-cache-hit: hrb4ct66 [1], xiangyix178 [2]
ohc-file-size: 27932
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3475017141,1283094648&fm=253&fmt=auto?w=1422&h=800
125.64.104.35200 OK 78 kB URL HTTP/2 img1.baidu.com/it/u=3475017141,1283094648&fm=253&fmt=auto?w=1422&h=800
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0a465a305564290d68c5f0c0fc2e6c1c
36398a72f4a765727e897c3f20419b91663489f8
39fa2735b15d188f98927764ec4ae635236512813d701745960ffafc68b2be8d
GET /it/u=3475017141,1283094648&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 77722
expires: Sat, 04 Mar 2023 12:49:09 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 0a465a305564290d68c5f0c0fc2e6c1c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 12:49:09 GMT
ohc-cache-hit: dy2ct71 [1], wzix71 [4]
ohc-file-size: 77722
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1364284388,198794146&fm=253&fmt=auto&app=138&f=GIF?w=500&h=691
42.101.56.35200 OK 125 kB URL HTTP/2 img2.baidu.com/it/u=1364284388,198794146&fm=253&fmt=auto&app=138&f=GIF?w=500&h=691
IP 42.101.56.35:0
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type GIF image data, version 89a, 500 x 691\012- data
Size 125 kB (124740 bytes)
Hash 9eeb3aded8928c4ac87e9515b5945d39
014a8dfe45c4cfcff37f8a79e8c147c3e943637a
7d017fe93a6f0057bd32695f5de747068e3cc59e771f0209d292d58faf3290bc
GET /it/u=1364284388,198794146&fm=253&fmt=auto&app=138&f=GIF?w=500&h=691 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/gif
content-length: 124740
expires: Fri, 24 Feb 2023 09:08:52 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 9eeb3aded8928c4ac87e9515b5945d39
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 09:08:52 GMT
ohc-cache-hit: hrb4ct65 [1], wzix65 [4]
ohc-file-size: 124740
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2137406555,4096306465&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=436
42.101.56.35200 OK 40 kB URL HTTP/2 img2.baidu.com/it/u=2137406555,4096306465&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=436
IP 42.101.56.35:0
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x436, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5b261fc4584a2a76bb908c9ef4b268e4
06ba86e8520251fb22aa5f3cb6ce3e04e9c5a117
827a8ddda1e73be44b46f7204b0a5ce97e003b77cea615273e940fced58c26db
GET /it/u=2137406555,4096306465&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=436 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 39878
expires: Fri, 10 Feb 2023 19:45:10 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 5b261fc4584a2a76bb908c9ef4b268e4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 19:45:10 GMT
ohc-cache-hit: hrb4ct78 [1], wzix98 [4]
ohc-file-size: 39878
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3147742287,2683026221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
42.101.56.35200 OK 9.2 kB URL HTTP/2 img2.baidu.com/it/u=3147742287,2683026221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 42.101.56.35:0
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9b73d4a05a965972980d12322e9cb382
a9fa48d0c251f077566e891f6db8ff73a29d7640
7b25e4e82a50f92fbdcaee9177d0d3f0de66571d6d89b570428eab3b43265169
GET /it/u=3147742287,2683026221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 9206
expires: Sun, 12 Feb 2023 07:26:14 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 9b73d4a05a965972980d12322e9cb382
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 07:26:14 GMT
ohc-cache-hit: hrb4ct53 [1], wzix119 [4]
ohc-file-size: 9206
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=976054514,2806933368&fm=253&fmt=auto&app=120&f=JPEG?w=410&h=410
42.101.56.35200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=976054514,2806933368&fm=253&fmt=auto&app=120&f=JPEG?w=410&h=410
IP 42.101.56.35:0
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 410x410, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af5a409edb2a104a6bfa09d94184e470
f2e028b0bb8d5ef75bc270a2d8937477e2af12d2
cf2188013c468d9137160a4e9e8eb8cccfbe931f309ed485bdb513474b8b2451
GET /it/u=976054514,2806933368&fm=253&fmt=auto&app=120&f=JPEG?w=410&h=410 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 19444
expires: Tue, 14 Feb 2023 12:39:47 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: af5a409edb2a104a6bfa09d94184e470
age: 4580
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 12:39:47 GMT
ohc-cache-hit: hrb4ct76 [4], xaix76 [2]
ohc-file-size: 19444
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1838257260,3150999738&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1422
113.219.142.35200 OK 94 kB URL HTTP/2 img0.baidu.com/it/u=1838257260,3150999738&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1422
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1422, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11bcb53531ca8d4f4e01b74408914190
e79aa2d657a5642d09531107897d44c4ee8a81b7
e82b314eb92093e3c3294d37dadde9edc5712fc14485a04e6fc9481bef9e01d7
GET /it/u=1838257260,3150999738&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1422 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 93736
expires: Wed, 22 Feb 2023 12:47:59 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 11bcb53531ca8d4f4e01b74408914190
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 12:47:59 GMT
ohc-cache-hit: chenzct58 [1], qdix103 [2]
ohc-file-size: 93736
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=927344494,1003611236&fm=253&fmt=auto&app=138&f=JPEG?w=891&h=500
113.219.142.35200 OK 56 kB URL HTTP/2 img0.baidu.com/it/u=927344494,1003611236&fm=253&fmt=auto&app=138&f=JPEG?w=891&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 891x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 09a0e4e41f951f15a6028a6b8786bfae
53fa883c15eba32fc17f9d261c0ceb71bb894eb1
10b05ac8596d18c7b63804264c198ea5c30da03323088ee01321383480164e13
GET /it/u=927344494,1003611236&fm=253&fmt=auto&app=138&f=JPEG?w=891&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 55910
expires: Sun, 19 Feb 2023 01:45:40 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 09a0e4e41f951f15a6028a6b8786bfae
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 01:45:40 GMT
ohc-cache-hit: chenzct87 [1], bdix141 [4]
ohc-file-size: 55910
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1121689686,3778806586&fm=253&fmt=auto&app=138&f=JPEG?w=566&h=500
113.219.142.35200 OK 27 kB URL HTTP/2 img0.baidu.com/it/u=1121689686,3778806586&fm=253&fmt=auto&app=138&f=JPEG?w=566&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 566x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f1e570a8f7a4090e27fd21fd599f33f0
b40818689e82508241fab9be9a4d3acab2bdc928
63e62a0f924eb4b40a2363b58a4c7b03836cbdd4d68b0137b635b8d49d6a19c2
GET /it/u=1121689686,3778806586&fm=253&fmt=auto&app=138&f=JPEG?w=566&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 26768
expires: Fri, 10 Feb 2023 03:41:51 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: f1e570a8f7a4090e27fd21fd599f33f0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 03:41:51 GMT
ohc-cache-hit: chenzct72 [1], suzix202 [4]
ohc-file-size: 26768
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2721007798,1536758920&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=240
113.219.142.35200 OK 3.7 kB URL HTTP/2 img0.baidu.com/it/u=2721007798,1536758920&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=240
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 310x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 21db629d6c91488c6ebf82ea86310d2c
d6aaf745680218fbabb210151708c76b2e08fe34
c1c1f0047dee6bf6e414a39a561995a8f87660e71f06260e8fe35c64aaccd56a
GET /it/u=2721007798,1536758920&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=240 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 3700
expires: Tue, 28 Feb 2023 03:37:20 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 21db629d6c91488c6ebf82ea86310d2c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 03:37:20 GMT
ohc-cache-hit: chenzct84 [1], xiangyix105 [4]
ohc-file-size: 3700
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=580850201,2848496032&fm=253&fmt=auto&app=120&f=JPEG?w=634&h=441
113.219.142.35200 OK 32 kB URL HTTP/2 img0.baidu.com/it/u=580850201,2848496032&fm=253&fmt=auto&app=120&f=JPEG?w=634&h=441
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 634x441, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b3a41d049344ad6e8781f4994996c80
2ae64c92c984fd5e5a6d71437ee0a7a28fa22562
77e8884b7e8a87b9c0c2d0b1edb9b9edc37ad829031def464d0b0a1fc735b857
GET /it/u=580850201,2848496032&fm=253&fmt=auto&app=120&f=JPEG?w=634&h=441 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21426.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:09:59 GMT
content-type: image/webp
content-length: 31776
expires: Sat, 04 Mar 2023 04:59:06 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 3b3a41d049344ad6e8781f4994996c80
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 04:59:06 GMT
ohc-cache-hit: chenzct74 [1], csix95 [4]
ohc-file-size: 31776
x-cache-status: MISS
X-Firefox-Spdy: h2
21426.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 21426.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 21426.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21426.url.tudown.com/xiaz/%E4%B8%87%E8%83%BD%E7%BD%91%E5%8D%A1%E9%A9%B1%E5%8A%A8forwin1064bitv2018.01.24.1733@719_271513.exe
Cookie: __bid_n=1861b0d2b4fd529a314207; FPTOKEN=2gxwhywYpagzS70THD1juL5BZ/Prda/jlWsgLsuFz0lSaE/h2D5O7Wc7XXA7WncqBTFSf1wE0vrKbIjXqrYdksFx2seU5ow4/UM6KkLmXUDfWtg0Lsf77LZKdItTpLbOfz/2U8ac2H8MGS1wYNcDfS2EQbfS7YYf1hSwjLxV7IdRvPIFqALegVQlGKJyD5TMmnC4P9rFVJchXQj2u2AN4tkwcpQmtdLULHBJEWMkXN4cklY05QrW/7ZXSkWN8s/QyXnq1jxr1uFhqosUjTobaJmkXQGiyj01z54qOziFJqionDm1XZqoVRR0zOiOfYTMbs+A6cmxF98N2Si392y4Dsqgl9yUVaIK8/5hycQuWIYMuvugH/lgDzbZAKT+UOcjA0dmdmn46fZc8xNYBZfpnA==|HCKaeXLJGm4eNctoS9FkF+w86rBLgkL0dtnTGSNQnXE=|10|f523c139bcf75d372ff3585f24535ff0; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675498233; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675498233; Hm_lvt_71b36f22c21839fd7a38e40d68b92934=1675498233; Hm_lpvt_71b36f22c21839fd7a38e40d68b92934=1675498233
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:10:00 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes