r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13021
Expires: Mon, 23 Jan 2023 06:51:32 GMT
Date: Mon, 23 Jan 2023 03:14:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4414
Expires: Mon, 23 Jan 2023 04:28:05 GMT
Date: Mon, 23 Jan 2023 03:14:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 02:34:55 GMT
content-type: application/json
age: 2376
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2285
Expires: Mon, 23 Jan 2023 03:52:36 GMT
Date: Mon, 23 Jan 2023 03:14:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HO6IMc4/YPd7oqHM0OSJYr1ubvWj9YyJQt9KrjUGaBG56wU4TQbvBSVF8tgKpCFXNHzu2jvmaLgK818SC8BZag==
x-amz-request-id: 7K3MHBTY5WHF3NDB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 02:18:40 GMT
age: 3351
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 03:14:31 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 02:17:30 GMT
age: 3421
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1776
Cache-Control: max-age=109311
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 03:14:31 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 09:36:22 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
154.218.151.71200 OK 17 kB URL HTTP/1.1 4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (362)
Hash 26da68b8779022fb53cfdc2a0575c1fe
c2ffb31a938d2eba7c10810456f8aaf6c7153f4b
63b5fc0ba89b4fb6dba98231e9e42f42e1681e2ad3ce00257bc5ddbf701fd3e5
GET /down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:31 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.202.152.202101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.152.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HEulMY6q3vag68yN/5WzQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qGQx/z8cvSJXELzcMXDalTmFpiU=
4271.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 4271.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/css/soft.css
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 952b2841668e8303c2ee8bc817394790
1e7d159d8d75df0112f06eedab3ecd62b7075a52
51c463da96c71adce2a234968d1e46949fa82804f680861cb6562da84239e209
GET /template/company/duote-xiazai/css/soft.css HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6e-a090"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/css/news.css
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/css/news.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 4d5f155ee78bab18dd989f8fedda8ebc
d3e3353e7a3da786e2a1342ca13407fd432e3398
6754cc7b30008e41d53b0ebfb6b52a0c59712348880d235a77a07c3af02d9886
GET /template/company/duote-xiazai/css/news.css HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-16fd"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/css/message.css
154.218.151.71200 OK 1.6 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/css/message.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 90d699f8127fe2e7210c0f31f0b90bb0
245191b7026614b76c7234e8e82724d463d4adf1
50d4eaf1d089edb739f43068f78330d22700b47f9ea8acb14fa5606637aeaf23
GET /template/company/duote-xiazai/css/message.css HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-17a8"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
154.218.151.71200 OK 353 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 6fc35ccb15b461bc6b549a85ea398894
21581ad4fc3db4acc99bb2fb4ed2fde1dfa50049
8d88f6d1d76a2cf300e9378742dc29f48060c9747cfdeb6b05050cf25cc5ebfb
GET /template/company/duote-xiazai/css/scrollbar.css HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: text/css
Content-Length: 353
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Connection: keep-alive
ETag: "63676e6e-161"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
4271.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
154.218.151.71404 Not Found 146 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/company/duote-xiazai/css/scrollStyle.css HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
4271.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
154.218.151.71200 OK 37 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d4e282e0e1e69d378568eac0d45bfd24
8b62528373788e473676aa025a72aae45ec17d01
b5bbdf5ae69bfc2b39919ac018f41b27efac22f98ab92848db65022eb03dfd12
GET /template/company/duote-xiazai/js/jquery.min.js HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-16f44"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
154.218.151.71200 OK 8.9 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (29165), with CRLF line terminators
Hash fd0bdc561b4f37fa8e4539d86c5fd0e4
663b932af8ef82dff4cfeb56351bd32853e54804
98161b22bc6e6613ecf1c230ff9664ba032c3abfe8d6a4079263f9daeb1829db
GET /template/company/duote-xiazai/css/jquery-ui.min.css HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-7d6e"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
154.218.151.71200 OK 799 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash ac93d373f5090fbc3e8a7152aab7170d
160c0bc3072bccced250979b7999ae060941eb06
e15e1cefcdcd40db68eecbd7a02af32a8a97e5749791b07b434f8454408c1570
GET /template/company/duote-xiazai/js/duotecommon_top.js HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-a0b"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/css/global.css
154.218.151.71200 OK 7.6 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/css/global.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (710)
Hash b2502d4c36bc519e47bce519ffb3a295
d252dd5c34dbd231f5c120d8f45ded16e0aa3f4c
10bec4c97bde3cac4a43e4d86604e1ff2c54926ec350419e404435f0616d1a1a
GET /template/company/duote-xiazai/css/global.css HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6b-935f"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/css/index.css
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/css/index.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash fbfd831dee308c5094076e0b4022a222
fa69c04bf3f0c911d2b1697717e05706362f0c57
ab5a9d33745256917eb22abecd3d8ed4790e612720f2a743206d00b85aa5ff4f
GET /template/company/duote-xiazai/css/index.css HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6c-42b3"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/css/teach.css
154.218.151.71200 OK 4.1 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/css/teach.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (499)
Hash 16ca38b11b525a142c6086c2c2802545
88ed9d1c7088344b24f18132ad025ed63623bb7e
c7d5eef240fb383c039b0141854336a78a07597b0bff022ae71514e913351d7a
GET /template/company/duote-xiazai/css/teach.css HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e70-503f"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
151.101.194.133200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 151.101.194.133:0
Hash 5fa18e31970ec77ceb15344c2b76b6eb
755887ce9c3b0e7e0cbe6b182444b5071e2d5a53
d8e31e6eaff20039ac899c3d9ce9b89dee92db45b470ea5a3243ff2a9f4f5bcc
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Fri, 27 Jan 2023 01:45:57 GMT
ETag: "755887ce9c3b0e7e0cbe6b182444b5071e2d5a53"
Last-Modified: Mon, 23 Jan 2023 01:45:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 23 Jan 2023 03:14:32 GMT
Age: 1680
X-Served-By: cache-qpg1252-QPG, cache-bma1630-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 9, 1
X-Timer: S1674443673.742953,VS0,VE1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf2a2996f924432926abc984b4eb9ecc
9e76a3e44ec16e73be3f92e56910aeb4e7310f87
f301e297cf742b47279e1bf67f833cdb4f9032b4fcf9fbc93f9d3a3e3b865de5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F301E297CF742B47279E1BF67F833CDB4F9032B4FCF9FBC93F9D3A3E3B865DE5"
Last-Modified: Sat, 21 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14725
Expires: Mon, 23 Jan 2023 07:19:57 GMT
Date: Mon, 23 Jan 2023 03:14:32 GMT
Connection: keep-alive
4271.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
154.218.151.71200 OK 741 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1844)
Hash 64d8d6bbbe2129e883c5af163b76600d
5c0f7df223f7f0ca25cc5c8247ae8b8f0cae4805
66f01728ee43d433d4fd4c0409354667cc543ae51cd362376d3f053da321369b
GET /template/company/duote-xiazai/js/super_slider.js HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-763"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/js/index.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/js/index.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (8638)
Hash a1f3815ea981db7480ca3c4d5d54aac6
f3961cccb17dc2190e2a8c249d936d0b1185fd7e
7adb4d2ea2856125d829deeabfc70e92f87a5e50f84187ed8d570b810c807d6f
GET /template/company/duote-xiazai/js/index.js HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e97-223b"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 33db5499343abb12f6c7d980cfdf5af0
ca9f7d2be1dd0f229f709b2effd22d57413fc7d4
3ca1208b56597372cccafd9817375f08e7e85ab84b310cb882ff8a76bac1c388
GET /template/company/duote-xiazai/js/soft_comment.js HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-f1c"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/js/new_global.js
154.218.151.71200 OK 592 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/js/new_global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 232fd4a41f68cb95c02a365b6aca84e9
4d17747184f32abc1b922759c510bdbab4eccedd
0d50c1f4db8f330ef99775e40dadb29b531eb33314540560567b1f2623d4885e
GET /template/company/duote-xiazai/js/new_global.js HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9d-685"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
154.218.151.71200 OK 577 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d2fd0ff89c3e773f8cfb6e5e57ae2909
537114b9b969f30770ba619a17d217bb69efb759
9665a3c5c2aa7e032819815b24dccc0dd5fbfbbef8876d7d42dfe2751e06d8f7
GET /template/company/duote-xiazai/js/clickdown_stat_ajax.js HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-57a"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/images/stars.png
154.218.151.71200 OK 409 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/images/stars.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/stars.png HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:35 GMT
Connection: keep-alive
ETag: "63676e8f-199"
Accept-Ranges: bytes
bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5139), with no line terminators
Hash 7696f76fa3f1b0d1eab1ec551481b175
5bae30eb55a668cb791ae29bc81234392cb7f6cc
c70ab680170e1c73ee6ee5cd1397820b4f21d704148935cff59fab20d8628a7d
Analyzer Verdict Alert fortinet Malware
GET /common/xsoa-r/openjs/pu/ao.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2140
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Mon, 23 Jan 2023 04:14:32 GMT
Last-Modified: Wed, 11 Jan 2023 16:31:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c1622cf8045037e4-143
Server: yunjiasu
bdcode.2345.com/source/g/common/by/ht_jy_qx.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/source/g/common/by/ht_jy_qx.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5138), with no line terminators
Hash c83c63e3d1df592bff50dc9f4b5a558b
b28eed29218178ac4ec5153351620e709c0eaf11
b96da314525ccb46b9dd902abce4d83d4946fbe2a0b234eea7924afa226d3e8d
Analyzer Verdict Alert fortinet Malware
GET /source/g/common/by/ht_jy_qx.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2142
Connection: keep-alive
Cache-Control: max-age=14400
Content-Encoding: gzip
Expires: Mon, 23 Jan 2023 07:14:33 GMT
Last-Modified: Wed, 11 Jan 2023 16:31:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c1622cfaf8a937df-143
Server: yunjiasu
s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
180.97.251.250200 OK 20 B URL HTTP/2 s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
IP 180.97.251.250:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1277770517&web_id=1277770517 HTTP/1.1
Host: s5.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Mon, 23 Jan 2023 03:02:51 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Mon, 23 Jan 2023 03:02:51 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1674442971
via: cache20.l2cn1836[0,0,200-0,H], cache62.l2cn1836[0,0], cache9.cn2205[0,0,200-0,H], cache17.cn2205[1,0]
age: 702
x-cache: HIT TCP_MEM_HIT dirn:12:26766287
x-swift-savetime: Mon, 23 Jan 2023 03:02:54 GMT
x-swift-cachetime: 3597
timing-allow-origin: *
eagleid: b461fb2d16744436731586977e
X-Firefox-Spdy: h2
4271.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
154.218.151.71200 OK 738 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1755)
Hash 941e223b206b2f389ba88e5c62146e05
1ea47333441413a3afd2fbc6e335810513cd3b5f
c0034343dbd842fc5ba9dfae6be7145ec000eb017fc0ca9a7fd6e245811df660
GET /template/company/duote-xiazai/js/scrollbar.js HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9e-707"
Expires: Mon, 23 Jan 2023 15:14:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
154.218.151.71200 OK 80 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32074), with CRLF line terminators
Hash e81ec1034a64ade1aa8b290326108e91
67aa74b0a4d0039f59acacca2ee6eee5ebaa312e
825cd708c0562c4b038d007351af36e0c4b34a32c0a1e8fd5852206417cbf94e
GET /template/company/duote-xiazai/js/jquery-ui.min.js HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:32 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-3def1"
Expires: Mon, 23 Jan 2023 15:14:32 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
4271.url.tudown.com/uploads/images/logo.png?n=5c2ll2mywps3raxguoaonnml42fibzu4v7tjzcpjtgiolbnm4wh3q&w=250
154.218.151.71200 OK 2.6 kB URL HTTP/1.1 4271.url.tudown.com/uploads/images/logo.png?n=5c2ll2mywps3raxguoaonnml42fibzu4v7tjzcpjtgiolbnm4wh3q&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 78460d6c2c4a8cac7d72e7c803391080
a03b4b93f59faffd8c9a0cd4711b6788280e6b57
6026a7ce9f07e78562eaabd356a5bb077d974db563a4a7d17d8dc3a626f9fa2c
GET /uploads/images/logo.png?n=5c2ll2mywps3raxguoaonnml42fibzu4v7tjzcpjtgiolbnm4wh3q&w=250 HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
4271.url.tudown.com/uploads/images/337776.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/337776.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/337776.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=660271604,1944090033&fm=224&app=112&f=JPEG?w=500&h=500
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 415558e4daea542acd1dc5046c834f25
3d1a13af98eafdbaf4f084adab56fe07e3c4a32d
2e909f4bc6ac189762f8562eef321e136c0ed93b2613a980b28216d1d03708e5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Mon, 23 Jan 2023 03:06:19 GMT
last-modified: Sat, 21 Jan 2023 04:54:57 GMT
expires: Sat, 28 Jan 2023 04:54:56 GMT
etag: "3d1a13af98eafdbaf4f084adab56fe07e3c4a32d"
cache-control: max-age=591709,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78dd500e7a1e9211-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1674443179
via: cache2.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache7.se1[87,86,200-0,C], cache7.se1[88,0], cache2.se1[91,0]
age: 494
x-cache: HIT TCP_MEM_HIT dirn:7:319333264
x-swift-savetime: Mon, 23 Jan 2023 03:14:33 GMT
x-swift-cachetime: 1306
timing-allow-origin: *, *
eagleid: 2ff62c9616744436733297379e, 2ff62c9616744436733297379e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 415558e4daea542acd1dc5046c834f25
3d1a13af98eafdbaf4f084adab56fe07e3c4a32d
2e909f4bc6ac189762f8562eef321e136c0ed93b2613a980b28216d1d03708e5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Mon, 23 Jan 2023 03:06:19 GMT
last-modified: Sat, 21 Jan 2023 04:54:57 GMT
expires: Sat, 28 Jan 2023 04:54:56 GMT
etag: "3d1a13af98eafdbaf4f084adab56fe07e3c4a32d"
cache-control: max-age=591709,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78dd500e7a1e9211-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1674443179
via: cache2.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache7.se1[87,87,200-0,C], cache7.se1[88,0], cache7.se1[91,0]
age: 494
x-cache: HIT TCP_MEM_HIT dirn:7:319333264
x-swift-savetime: Mon, 23 Jan 2023 03:14:33 GMT
x-swift-cachetime: 1306
timing-allow-origin: *, *
eagleid: 2ff62c9b16744436733304952e, 2ff62c9b16744436733304952e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 415558e4daea542acd1dc5046c834f25
3d1a13af98eafdbaf4f084adab56fe07e3c4a32d
2e909f4bc6ac189762f8562eef321e136c0ed93b2613a980b28216d1d03708e5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Mon, 23 Jan 2023 03:06:19 GMT
last-modified: Sat, 21 Jan 2023 04:54:57 GMT
expires: Sat, 28 Jan 2023 04:54:56 GMT
etag: "3d1a13af98eafdbaf4f084adab56fe07e3c4a32d"
cache-control: max-age=591709,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78dd500e7a1e9211-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1674443179
via: cache2.l2de2[0,0,304-0,H], cache5.l2de2[1,0], cache7.se1[87,87,200-0,H], cache7.se1[89,0], cache8.se1[91,0]
age: 494
x-cache: HIT TCP_REFRESH_HIT dirn:7:319333264
x-swift-savetime: Mon, 23 Jan 2023 03:14:33 GMT
x-swift-cachetime: 1306
timing-allow-origin: *, *
eagleid: 2ff62c9c16744436733291723e, 2ff62c9c16744436733291723e
t13.baidu.com/it/u=660271604,1944090033&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 55 kB URL HTTP/1.1 t13.baidu.com/it/u=660271604,1944090033&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d66b9da71d451b8cf4cfe1c91d8994c7
23a30f1a79f3e6cbfaaab97afde01475a20823c4
e2d68f5ca5ce61e4dc1e2e1512cb1488cf0cadd057c5b8a93cf3f332083d9f7f
GET /it/u=660271604,1944090033&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpeg
Content-Length: 55319
Connection: keep-alive
Expires: Tue, 31 Jan 2023 03:22:36 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: d66b9da71d451b8cf4cfe1c91d8994c7
Age: 1727967
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 03:22:36 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache56 [1], xiangyix70 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 55319
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/60715.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/60715.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/60715.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=955483774,992323882&fm=224&app=112&f=JPEG?w=500&h=281
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.208301 Moved Permanently 262 B URL HTTP/1.1 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.208:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://www.2345.com/js/index/activity/20171111/widget.min.js
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Via: cache8.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9c16744436735381837e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6280b593b4342f8debc35bcc1e3489b0
512f417fa7443a6b1f074c8fc280a9c2c281a19f
7dd3487472e52939b458a11680f678996055457816bea41879b65275b8607519
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 23 Jan 2023 03:14:33 GMT
Ali-Swift-Global-Savetime: 1674443673
Via: cache23.l2de2[4,3,200-0,M], cache23.l2de2[5,0], cache7.se1[131,130,200-0,M], cache7.se1[133,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 03:14:33 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16744436734284999e
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5386
Expires: Mon, 23 Jan 2023 04:44:19 GMT
Date: Mon, 23 Jan 2023 03:14:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa8ea3b-13bb-49a3-a61a-2cecc5ae20aa.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa8ea3b-13bb-49a3-a61a-2cecc5ae20aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2146bf738fb2120d9f167533c7ec2ab
ce546aa88e2ab0958a99c5a8240fcd95500ef1ea
54405cd0508b2dcf343c3b8563ad8bb484f01866e58b29a034aa650a415925d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2aa8ea3b-13bb-49a3-a61a-2cecc5ae20aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5250
x-amzn-requestid: 364176ba-8f3f-4e2f-8d52-8c03d91b5f02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fnEHMsoAMFysQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c612f9-33117b2d2175e2d55cedfa1f;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: M8HkrBuE_Syoj3hPAzEf6bgCTW1LqXG8hYYbg02QKreMYETbZkn_vA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:55:33 GMT
age: 19140
etag: "ce546aa88e2ab0958a99c5a8240fcd95500ef1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K73B093GBbsf85ny_o8fc9oE417nJBFlH0eEdhiifeQk3KG5Q-HHdg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 08:48:14 GMT
age: 66379
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95b95060778eca8d5323002d4afe406f
d91109d98c607bd3a0eb56784ed91fbcfc89bd5f
d549664c9a2abc859b3fe4f0144b18095d8c4b63552385224ff9d77f8b57b297
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12886
x-amzn-requestid: 60d7f7b0-742a-4485-9db9-8457791b59e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbSWEAfoAMFVow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a5a8-528cc2b371f663ce2e11b779;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:05:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fgRIVO_dWCOoXcMQf4n2c9FUDKj7V5cYeBWr_GwNaQp5MHOGus_7KA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:28:10 GMT
age: 78383
etag: "d91109d98c607bd3a0eb56784ed91fbcfc89bd5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5401628b3bdd03eeee51f68177ac4d41
bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29
3e231ba2e44699d88ed1e28510dad0762a57e0854a11d40f752421bd41738944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10052
x-amzn-requestid: f7029218-f8dc-4b4e-bd14-fe461d09e75b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fGMBzECMoAMFR3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cbf3a4-38b6facb48574e8e380f750c;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 14:16:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 00vbOrBo8vZyWJmWzU8HcFbY9EWRYYEv0tC6DswWboh5gPgYxztWmg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 07:11:09 GMT
etag: "bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29"
content-type: image/jpeg
age: 72204
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a92d48898835ae8afbff3e369127fe13
90491b32adf6a6b7076ac63da4f2ab571f08920c
9060b3c090adc527e575c1d95d836db00a2136eeda09cdbb11e72ee8b4fa6216
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fed503b-e1a4-456e-b9a4-57ddbb0e7ed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 9b314377-5aab-4d4f-9ff8-cf0dd5b0c516
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqthESYoAMF4YA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57ef-163727d625b0751f61eca87d;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -IMqbZk5KhD9YfWwmqxfjDJEeU1LNMqmS9Z2UWQFcJl3uLHi8T4Zmg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 03:42:41 GMT
age: 84712
etag: "90491b32adf6a6b7076ac63da4f2ab571f08920c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0BgrMQG0-OHmZipKTgnHTs3HxYGBqKowIS37tg_QooT4JPlqHBPFvw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:46 GMT
age: 19607
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/768038.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/768038.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/768038.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337
4271.url.tudown.com/uploads/images/886086.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/886086.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/886086.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3308558761,1665840672&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=600
union2.50bang.org/js/duoteall
180.101.190.124200 OK 370 B URL HTTP/1.1 union2.50bang.org/js/duoteall
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
File type ASCII text, with very long lines (370), with no line terminators
Hash 4d5ed5c33d80f93e08ef5fac23016529
42307b9c08142bb994fe7ca36e181e7bb8dde146
a46e6b7833bda8b278bcec99ce57ea062b8aa559483dc7c6514f1b3edbb3962f
GET /js/duoteall HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Length: 370
4271.url.tudown.com/uploads/images/651245.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/651245.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/651245.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2804550885,1820717915&fm=253&fmt=auto&app=138&f=GIF?w=700&h=393
4271.url.tudown.com/uploads/images/74222.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/74222.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/74222.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2288891777,4256909821&fm=253&fmt=auto&app=138&f=JPEG?w=387&h=388
t15.baidu.com/it/u=955483774,992323882&fm=224&app=112&f=JPEG?w=500&h=281
185.10.104.124200 OK 18 kB URL HTTP/1.1 t15.baidu.com/it/u=955483774,992323882&fm=224&app=112&f=JPEG?w=500&h=281
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 500x281, components 3\012- data
Hash b4e14dde33f88a42280b42d8dfd8a75f
f54d11650f39b0cbc52ea014246379b59d485e98
3fbc9649f21e52d454ac649382f6995a6996b5ccabfb9aed21ffd672d26e5ef9
GET /it/u=955483774,992323882&fm=224&app=112&f=JPEG?w=500&h=281 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpeg
Content-Length: 17869
Connection: keep-alive
Expires: Thu, 02 Feb 2023 04:17:52 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: b4e14dde33f88a42280b42d8dfd8a75f
Age: 971732
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 04:17:52 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache51 [4], bdix233 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 17869
X-Cache-Status: HIT
Timing-Allow-Origin: *
img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
180.101.198.248200 OK 361 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
IP 180.101.198.248:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type HTML document text\012- HTML document, ASCII text, with very long lines (361), with no line terminators
Hash d7877f2308efe72c7913b65816859daa
755606b601ae85ebcbf0dd47660fb028d1bf30d7
3af5e226f01cd0faf44433ba44517cc6b0fe9596de061a613c8d719227cc2c1a
GET /duoteimg/dtnew_recom_img/duoteself/softdown_1.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 361
date: Wed, 04 Jan 2023 10:48:37 GMT
x-oss-request-id: 63B55985341EC4383238B58D
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D7877F2308EFE72C7913B65816859DAA"
last-modified: Wed, 04 Jan 2023 09:53:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13587884656729146177
x-oss-storage-class: Standard
x-oss-meta-mtime: 1672826010
x-oss-expiration: expiry-date="Thu, 05 Jan 2023 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVxiBgMCnu.bwqxgiIGMwYmRlOGE3NDQ3MjQxYmY4Y2NiYWYyOWExMzU2Zjdi
content-md5: 14d/Iwjv5yx5E7ZYFoWdqg==
x-oss-server-time: 26
ali-swift-global-savetime: 1672829317
via: cache42.l2cn3037[0,0,200-0,H], cache69.l2cn3037[1,0], vcache9.cn4732[0,0,200-0,H], vcache5.cn4732[2,0]
age: 1614356
x-cache: HIT TCP_MEM_HIT dirn:9:144039952
x-swift-savetime: Wed, 04 Jan 2023 12:33:07 GMT
x-swift-cachetime: 15545730
timing-allow-origin: *
eagleid: b465c61916744436737155618e
X-Firefox-Spdy: h2
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
222.186.17.198404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 222.186.17.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Mon, 23 Jan 2023 03:14:33 GMT
ali-swift-global-savetime: 1674443673
via: cache78.l2cn3037[27,26,404-1280,M], cache41.l2cn3037[27,0], cache41.l2cn3037[28,0], ens-vcache18.cn5274[91,91,404-1280,M], ens-vcache4.cn5274[93,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Mon, 23 Jan 2023 03:14:33 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: deba119716744436736105823e
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/767906.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/767906.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/767906.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1611550803,142768128&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=530
img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
222.186.17.200200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
IP 222.186.17.200:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 52c2ef213baaff54c731557b999a0bf7
804e7ac80e4255b27247350265bbc92ce8d075bb
6bc6cc4739fbf0b9257b84549097c06651f82bcb2edef386710f4bb88e5b1676
GET /duoteimg/zhuanti/comment/images/9.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1733
date: Fri, 09 Dec 2022 13:25:13 GMT
x-oss-request-id: 63933739960DF237391E4EA8
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "52C2EF213BAAFF54C731557B999A0BF7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7207152638915174298
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: UsLvITuq/1THMVV7mZoL9w==
x-oss-server-time: 46
ali-swift-global-savetime: 1670592313
via: cache35.l2cn3037[0,0,200-0,H], cache42.l2cn3037[0,0], ens-vcache10.cn5274[0,0,200-0,H], ens-vcache6.cn5274[1,0]
age: 3851360
x-cache: HIT TCP_MEM_HIT dirn:11:173337436
x-swift-savetime: Wed, 11 Jan 2023 22:16:34 GMT
x-swift-cachetime: 12668919
timing-allow-origin: *
eagleid: deba119916744436737532982e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
222.186.17.200200 OK 3.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
IP 222.186.17.200:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash eb575dd556470ae55acfa8350f63f3ab
5ded8852598c3cb4ff9130d24b1b7b03c558d14e
0be355d4a20f70a41fef403a817d2d27a1c5122fa1b58ef04dc884fb9a12ed7a
GET /duoteimg/zhuanti/comment/images/6.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3468
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E144616F52933834F154DF
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "EB575DD556470AE55ACFA8350F63F3AB"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17858666986198953545
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 61dd1VZHCuVaz6g1D2Pzqw==
x-oss-server-time: 86
ali-swift-global-savetime: 1658930273
via: cache39.l2cn3037[0,0,200-0,H], cache50.l2cn3037[1,0], ens-vcache13.cn5274[0,0,200-0,H], ens-vcache6.cn5274[1,0]
age: 15513400
x-cache: HIT TCP_MEM_HIT dirn:9:39089398
x-swift-savetime: Mon, 02 Jan 2023 06:11:37 GMT
x-swift-cachetime: 1842376
timing-allow-origin: *
eagleid: deba119916744436737552984e
X-Firefox-Spdy: h2
4271.url.tudown.com/common/ipnotice/
154.218.151.71200 OK 17 kB URL HTTP/1.1 4271.url.tudown.com/common/ipnotice/
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash ab39931b9a4cf10ebce3131883f396e6
f32ca7959544268d9b6ff330091d92b9e9d4d008
70b7bbc32d5f94a5c9451a46f212744752cf862c975151a11b3471a75964a028
GET /common/ipnotice/ HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6280b593b4342f8debc35bcc1e3489b0
512f417fa7443a6b1f074c8fc280a9c2c281a19f
7dd3487472e52939b458a11680f678996055457816bea41879b65275b8607519
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 23 Jan 2023 03:14:33 GMT
Last-Modified: Sun, 22 Jan 2023 07:12:33 GMT
ETag: "63cce1e1-1d7"
Expires: Tue, 24 Jan 2023 07:12:33 GMT
Cache-Control: max-age=100680
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674443673
Via: cache3.l2de2[468,468,200-0,M], cache3.l2de2[469,0], cache3.se1[492,491,200-0,M], cache3.se1[493,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 03:14:33 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716744436734502322e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6280b593b4342f8debc35bcc1e3489b0
512f417fa7443a6b1f074c8fc280a9c2c281a19f
7dd3487472e52939b458a11680f678996055457816bea41879b65275b8607519
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 23 Jan 2023 03:14:33 GMT
Ali-Swift-Global-Savetime: 1674443673
Via: cache2.l2de2[478,478,200-0,M], cache2.l2de2[479,0], cache5.se1[500,499,200-0,M], cache5.se1[500,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 03:14:33 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916744436734512238e
4271.url.tudown.com/uploads/images/61781.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/61781.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/61781.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2813421157,3352110648&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
4271.url.tudown.com/uploads/images/495391.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/495391.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/495391.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2201992113,611062401&fm=224&app=112&f=JPEG?w=500&h=500
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6280b593b4342f8debc35bcc1e3489b0
512f417fa7443a6b1f074c8fc280a9c2c281a19f
7dd3487472e52939b458a11680f678996055457816bea41879b65275b8607519
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 23 Jan 2023 03:14:33 GMT
Last-Modified: Sun, 22 Jan 2023 07:12:33 GMT
ETag: "63cce1e1-1d7"
Expires: Tue, 24 Jan 2023 07:12:33 GMT
Cache-Control: max-age=100680
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674443673
Via: cache8.l2de2[513,512,200-0,M], cache8.l2de2[515,0], cache1.se1[544,543,200-0,M], cache1.se1[545,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 03:14:33 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516744436734264433e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 6280b593b4342f8debc35bcc1e3489b0
512f417fa7443a6b1f074c8fc280a9c2c281a19f
7dd3487472e52939b458a11680f678996055457816bea41879b65275b8607519
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 23 Jan 2023 03:14:33 GMT
Last-Modified: Sun, 22 Jan 2023 07:12:33 GMT
ETag: "63cce1e1-1d7"
Expires: Tue, 24 Jan 2023 07:12:33 GMT
Cache-Control: max-age=100680
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674443673
Via: cache14.l2de2[504,503,200-0,M], cache14.l2de2[504,0], cache7.se1[526,526,200-0,M], cache7.se1[528,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 03:14:33 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16744436734505010e
t13.baidu.com/it/u=2201992113,611062401&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t13.baidu.com/it/u=2201992113,611062401&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d00a16a8480bcb0cf186f299e6a9f0c3
4868b8564f01441aeea2f93653241ea1d8392216
3d58a0763ff00d8b2c60c149aa32d7727e7b917021d299791e0adeb371eb9444
GET /it/u=2201992113,611062401&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpeg
Content-Length: 40111
Connection: keep-alive
Expires: Wed, 08 Feb 2023 07:49:19 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: d00a16a8480bcb0cf186f299e6a9f0c3
Age: 969121
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 07:49:19 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache51 [4], czix51 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 40111
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/650873.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/650873.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/650873.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4094714741,3265251617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1043
4271.url.tudown.com/uploads/images/235753.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/235753.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/235753.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=900478332,388243367&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708
img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
222.186.17.200200 OK 3.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
IP 222.186.17.200:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 2ea694cf637a163c094f4e88ae235ec7
8c80f708bc2b9ade2838743d1ec2f779662054e4
8824766f185db8f093dabd01f47636740f26f1a0340b8ed170e4268f36488a44
GET /duoteimg/zhuanti/comment/images/3.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3011
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E14461A70130303428621A
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "2EA694CF637A163C094F4E88AE235EC7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8455495457239003797
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: LqaUz2N6FjwJT06IriNexw==
x-oss-server-time: 40
ali-swift-global-savetime: 1658930273
via: cache74.l2cn3037[0,0,200-0,H], cache22.l2cn3037[0,0], ens-vcache29.cn5274[0,0,200-0,H], ens-vcache6.cn5274[2,0]
age: 15513400
x-cache: HIT TCP_MEM_HIT dirn:9:35633377
x-swift-savetime: Mon, 02 Jan 2023 09:16:04 GMT
x-swift-cachetime: 1831309
timing-allow-origin: *
eagleid: deba119916744436737552985e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
222.186.17.200200 OK 2.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
IP 222.186.17.200:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash a7bff4f63a973a68e2d98ee780d9e29e
4c87d92faf82347bb122c2ad0e74e166aec5c567
18e82892f579e1f63d003f7e8404754b775542d72ea2d677f61d8ed3c7dfd21c
GET /duoteimg/zhuanti/comment/images/5.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2768
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E14461DC81703736A9B209
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "A7BFF4F63A973A68E2D98EE780D9E29E"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11302870927342222426
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: p7/09jqXOmji2Y7ngNning==
x-oss-server-time: 33
ali-swift-global-savetime: 1658930273
via: cache19.l2cn3037[0,0,200-0,H], cache50.l2cn3037[1,0], ens-vcache22.cn5274[0,0,200-0,H], ens-vcache6.cn5274[1,0]
age: 15513400
x-cache: HIT TCP_MEM_HIT dirn:9:410443890
x-swift-savetime: Mon, 02 Jan 2023 06:11:39 GMT
x-swift-cachetime: 1842374
timing-allow-origin: *
eagleid: deba119916744436737562987e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
222.186.17.200200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
IP 222.186.17.200:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 9429cb260cbf87e528d14cf6baaf2b5b
eb067540c3b93c515efbc46b5a1cb4c7bcb16ff7
4cce9443159a3c082fbf59610efbf5ef9b92d5422bce4bbe8ef43d1bcc8d0475
GET /duoteimg/zhuanti/comment/images/4.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1706
date: Tue, 18 Oct 2022 08:31:25 GMT
x-oss-request-id: 634E645DC8A4583832C601BC
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "9429CB260CBF87E528D14CF6BAAF2B5B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 875222251737355829
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: lCnLJgy/h+Uo0Uz2uq8rWw==
x-oss-server-time: 142
ali-swift-global-savetime: 1666081885
via: cache78.l2cn3037[0,0,200-0,H], cache63.l2cn3037[1,0], ens-vcache26.cn5274[0,0,200-0,H], ens-vcache6.cn5274[2,0]
age: 8361788
x-cache: HIT TCP_MEM_HIT dirn:12:200734744
x-swift-savetime: Mon, 02 Jan 2023 06:11:46 GMT
x-swift-cachetime: 8993979
timing-allow-origin: *
eagleid: deba119916744436737552986e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
222.186.17.200200 OK 2.6 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
IP 222.186.17.200:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 74dc1aa4f1e4f7219da7ad597c91b8e7
bfda85aaa1fd81b79b792ee83cd448cd2cde5005
733f3dc6aa38aaad278d72cbef942326c77b0f872727e5971cc8fb9b3b683efe
GET /duoteimg/zhuanti/comment/images/12.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2575
date: Sat, 10 Dec 2022 02:48:42 GMT
x-oss-request-id: 6393F38A28E01236303D13AE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "74DC1AA4F1E4F7219DA7AD597C91B8E7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17001896356624891276
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: dNwapPHk9yGdp61ZfJG45w==
x-oss-server-time: 48
ali-swift-global-savetime: 1670640522
via: cache34.l2cn3037[0,0,200-0,H], cache78.l2cn3037[1,0], ens-vcache18.cn5274[0,0,200-0,H], ens-vcache6.cn5274[0,0]
age: 3803151
x-cache: HIT TCP_MEM_HIT dirn:12:335291359
x-swift-savetime: Mon, 02 Jan 2023 06:11:40 GMT
x-swift-cachetime: 13552622
timing-allow-origin: *
eagleid: deba119916744436737612988e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
222.186.17.200200 OK 7.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
IP 222.186.17.200:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 0dfec8a688ee97162d852f42a0fa2a23
a6bc13493b4f2471b72b9d9e8474a9889ad2f4cb
bfef5124ff15cc50ba2eb8e6c605541b642bb5c8c18a4c618ed248522f8d44e0
GET /duoteimg/zhuanti/comment/images/11.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 6979
date: Tue, 06 Dec 2022 22:52:39 GMT
x-oss-request-id: 638FC7B7AEF36B30351D8998
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0DFEC8A688EE97162D852F42A0FA2A23"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5501157311881781066
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Df7IpojulxYthS9CoPoqIw==
x-oss-server-time: 112
ali-swift-global-savetime: 1670367159
via: cache80.l2cn3037[0,0,200-0,H], cache74.l2cn3037[1,0], ens-vcache9.cn5274[0,0,200-0,H], ens-vcache6.cn5274[0,0]
age: 4076514
x-cache: HIT TCP_MEM_HIT dirn:12:200009767
x-swift-savetime: Mon, 02 Jan 2023 06:11:41 GMT
x-swift-cachetime: 13279258
timing-allow-origin: *
eagleid: deba119916744436737622989e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
222.186.17.200200 OK 2.1 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
IP 222.186.17.200:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 8535863eee1ae5dfffa4f25a79cffa10
ae60588f804b611794c725429927f1a37c31a6e5
13fd5ae010e7d97dc637a2ec0537a28a8d74dac1f1480fa87279ae226e13e535
GET /duoteimg/zhuanti/comment/images/10.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2105
date: Wed, 07 Dec 2022 22:38:17 GMT
x-oss-request-id: 639115D9EBE1D337378BAB5F
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "8535863EEE1AE5DFFFA4F25A79CFFA10"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 720901678692586227
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: hTWGPu4a5d//pPJaec/6EA==
x-oss-server-time: 93
ali-swift-global-savetime: 1670452697
via: cache6.l2cn3037[0,0,200-0,H], cache62.l2cn3037[2,0], ens-vcache18.cn5274[0,0,200-0,H], ens-vcache6.cn5274[1,0]
age: 3990976
x-cache: HIT TCP_MEM_HIT dirn:12:223376296
x-swift-savetime: Mon, 02 Jan 2023 06:11:38 GMT
x-swift-cachetime: 13364799
timing-allow-origin: *
eagleid: deba119916744436737642991e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
222.186.17.200200 OK 1.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
IP 222.186.17.200:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 56bd697fdac1de3dbe8d4dd53e309a9b
215d4fead2dbf7bf6aeea1136749675cc5034f9e
7acdc1e69fd8d2c578ccf122054b7dab5a58a59caa255cd5585d45956136f4a3
GET /duoteimg/zhuanti/comment/images/7.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1495
date: Wed, 27 Jul 2022 14:00:56 GMT
x-oss-request-id: 62E1451844A24C3331B8E6EA
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "56BD697FDAC1DE3DBE8D4DD53E309A9B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6398064933782332215
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Vr1pf9rB3j2+jU3VPjCamw==
x-oss-server-time: 53
ali-swift-global-savetime: 1658930456
via: cache67.l2cn3037[0,0,200-0,H], cache58.l2cn3037[1,0], ens-vcache5.cn5274[0,0,200-0,H], ens-vcache6.cn5274[1,0]
age: 15513218
x-cache: HIT TCP_MEM_HIT dirn:11:266205845
x-swift-savetime: Mon, 02 Jan 2023 06:11:43 GMT
x-swift-cachetime: 1842553
timing-allow-origin: *
eagleid: deba119916744436740203031e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
222.186.17.200200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
IP 222.186.17.200:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 15c10a442a7bd8384cd17ed420cf21e9
477ba29d0b04ec0a2950d715b58abe2db4d68cdd
153b9c74c5a92e7ec480365537cd43c9973840f3b6c72dad3032f5aeb0a4d30e
GET /duoteimg/zhuanti/comment/images/8.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1788
date: Tue, 18 Oct 2022 05:04:16 GMT
x-oss-request-id: 634E33D0BA82AD3033A4E1BB
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "15C10A442A7BD8384CD17ED420CF21E9"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10105978504471775518
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: FcEKRCp72DhM0X7UIM8h6Q==
x-oss-server-time: 139
ali-swift-global-savetime: 1666069456
via: cache70.l2cn3037[0,0,200-0,H], cache74.l2cn3037[1,0], ens-vcache23.cn5274[0,0,200-0,H], ens-vcache6.cn5274[1,0]
age: 8374218
x-cache: HIT TCP_MEM_HIT dirn:11:200367410
x-swift-savetime: Wed, 11 Jan 2023 22:18:28 GMT
x-swift-cachetime: 8145948
timing-allow-origin: *
eagleid: deba119916744436740203033e
X-Firefox-Spdy: h2
static.mediav.com/js/mvf_pm_slider.js
101.198.192.8200 OK 40 kB URL HTTP/1.1 static.mediav.com/js/mvf_pm_slider.js
IP 101.198.192.8:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (65536), with no line terminators, with escape sequences
Hash b23b60a7adefb62f50583079ed66f03b
965ea6506ea6c004b1135f23c10c67484fc0d238
987d03cb317bd411589ab916be6ea0e5aaabf8de0e94a2de7712beff577a62f8
GET /js/mvf_pm_slider.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 03:14:33 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:42 GMT
Vary: Accept-Encoding
Expires: Mon, 23 Jan 2023 08:14:33 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.hkht;HIT from w-sc01.bjyt
4271.url.tudown.com/uploads/images/47490.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/47490.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/47490.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489
ocsp.globalsign.com/gsrsaovsslca2018
151.101.130.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.130.133:0
Hash 4edf5ed27a56bafd542c7ff2ba941097
0c33b7fa9d707f23e941a6c2955a4ac5529b75ef
46170a667785bd4c952c1ecae5840bf59706a55e0bc22eb0f2beb6de08a395d6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Fri, 27 Jan 2023 01:08:48 GMT
ETag: "0c33b7fa9d707f23e941a6c2955a4ac5529b75ef"
Last-Modified: Mon, 23 Jan 2023 01:08:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 23 Jan 2023 03:14:34 GMT
Age: 1580
X-Served-By: cache-qpg1274-QPG, cache-bma1621-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 17, 5
X-Timer: S1674443674.234150,VS0,VE0
img4.duote.com/duoteimg/js/front_ad.js
180.101.198.248200 OK 0 B URL HTTP/2 img4.duote.com/duoteimg/js/front_ad.js
IP 180.101.198.248:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /duoteimg/js/front_ad.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 0
date: Sat, 21 Jan 2023 03:02:46 GMT
x-oss-request-id: 63CB55D6960DF2343850A2E2
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D41D8CD98F00B204E9800998ECF8427E"
last-modified: Wed, 02 Sep 2020 01:55:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 0
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 1B2M2Y8AsgTpgAmY7PhCfg==
ali-swift-global-savetime: 1674270166
via: cache8.l2cn3037[0,0,200-0,H], cache74.l2cn3037[1,0], vcache4.cn4732[0,0,200-0,H], vcache5.cn4732[1,0]
age: 173508
x-cache: HIT TCP_MEM_HIT dirn:10:55392809
x-swift-savetime: Sun, 22 Jan 2023 02:16:12 GMT
x-swift-cachetime: 15468394
timing-allow-origin: *
eagleid: b465c61916744436741005835e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
180.101.198.248200 OK 895 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
IP 180.101.198.248:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash f8f676d38231dad63dfc1144b4739051
978c21f9675780eb755412efc1ddc8fe098c5d7f
2ab62b8459e616fbc36456facba7af14984e90a3a5522a317d46cdb6f133f871
GET /duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 895
date: Thu, 08 Dec 2022 07:22:14 GMT
vary: Accept-Encoding
x-oss-request-id: 639190A6D23681373642E5DF
x-oss-cdn-auth: success
last-modified: Thu, 10 Sep 2020 02:00:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13670043018340852857
x-oss-storage-class: Standard
x-oss-meta-mode: 33188
x-oss-meta-mtime: 1599017058
x-oss-expiration: expiry-date="Fri, 11 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: TH9G/2LTeyzHRW+PnrlmEQ==
x-oss-server-time: 55
ali-swift-global-savetime: 1670484134
via: cache3.l2cn2641[137,137,304-0,M], cache14.l2cn2641[138,0], vcache12.cn4732[0,0,200-0,H], vcache5.cn4732[1,0]
content-encoding: gzip
age: 3959540
x-cache: HIT TCP_MEM_HIT dirn:9:265615636
x-swift-savetime: Thu, 08 Dec 2022 07:22:14 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c61916744436741045838e
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/458875.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/458875.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/458875.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2976845088,2905344631&fm=224&app=112&f=JPEG?w=375&h=500
img4.duote.com/duoteimg/js/baidu_js_push.js
180.101.198.248200 OK 359 B URL HTTP/2 img4.duote.com/duoteimg/js/baidu_js_push.js
IP 180.101.198.248:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type ASCII text, with CRLF line terminators
Hash f63ef5e096ef52af0cb95b8d2f3fda32
8d6dcc307c816618f7b26e1482d16d447f382e51
e0679eaf3f94f9353f167a1ebe1a8424c61631cc9be2d5a5445ba35e77f58932
GET /duoteimg/js/baidu_js_push.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 359
date: Mon, 19 Dec 2022 17:16:09 GMT
x-oss-request-id: 63A09C59AFFD70313763EF54
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "F63EF5E096EF52AF0CB95B8D2F3FDA32"
last-modified: Tue, 21 Jun 2022 08:41:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2603761381065918884
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Wed, 22 Jun 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQUxiBgID4uNiVjBgiIDdjODgyMTExYzA2OTQ5NmU4NjMxZTI4MDZmMTc2NGEx
content-md5: 9j714JbvUq8MuVuNLz/aMg==
x-oss-server-time: 5
ali-swift-global-savetime: 1671470169
via: cache17.l2cn3037[0,0,304-0,H], cache18.l2cn3037[1,0], vcache9.cn4732[0,0,200-0,H], vcache5.cn4732[1,0]
age: 2973505
x-cache: HIT TCP_MEM_HIT dirn:9:27499155
x-swift-savetime: Mon, 19 Dec 2022 19:14:22 GMT
x-swift-cachetime: 15544907
timing-allow-origin: *
eagleid: b465c61916744436741325863e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
180.101.198.248200 OK 1.0 kB URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
IP 180.101.198.248:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
Hash 8c6a6de562181b71d2867e2711f31df9
6e3aed7b36431b15293f6a3a1c66567a6fec5334
f65233dc7f87033f78a736238467c78ce1973af259b67f932c285a0f180174ee
GET /duoteimg/dtnew_assets/pc/js/soft/auto_complete.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 1015
date: Wed, 19 Oct 2022 03:08:25 GMT
vary: Accept-Encoding
x-oss-request-id: 634F6A297AA92E33352FF6B9
x-oss-cdn-auth: success
last-modified: Wed, 19 Oct 2022 02:15:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3181168464323094172
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVRiBgICaq4y4nxgiIDJjNjljMDkwMWY0MjQ4N2JhZTA2NmEwOWJkZmNhMWYx
content-md5: 5qfmF/GrELbus726BAkyLQ==
x-oss-server-time: 29
content-encoding: gzip
ali-swift-global-savetime: 1666148905
via: cache25.l2cn3047[0,0,200-0,H], cache49.l2cn3047[1,0], vcache10.cn4732[0,0,200-0,H], vcache5.cn4732[1,0]
age: 8294769
x-cache: HIT TCP_MEM_HIT dirn:9:174322389
x-swift-savetime: Wed, 19 Oct 2022 04:31:53 GMT
x-swift-cachetime: 15546992
timing-allow-origin: *
eagleid: b465c61916744436741345864e
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/988782.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/988782.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/988782.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2880109299,875983624&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=94
4271.url.tudown.com/uploads/images/438253.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/438253.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/438253.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3871817635,3843743069&fm=224&app=112&f=JPEG?w=499&h=500
4271.url.tudown.com/uploads/images/797602.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/797602.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/797602.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=4262032802,132773364&fm=224&app=112&f=JPEG?w=500&h=500
4271.url.tudown.com/uploads/images/527530.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/527530.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/527530.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=939708387,2643224094&fm=253&fmt=auto&app=138&f=JPEG?w=307&h=440
t13.baidu.com/it/u=4262032802,132773364&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 81 kB URL HTTP/1.1 t13.baidu.com/it/u=4262032802,132773364&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a9ba6be5436e6d5aeeae3dea681de3db
3e4f8276228f40f9bb5659860e00f5a5bb8236ac
2e7848464119c6dc364efd66c3a9235d5f4541d8b12f9883e57c98c83d102c42
GET /it/u=4262032802,132773364&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpeg
Content-Length: 80752
Connection: keep-alive
Expires: Sun, 19 Feb 2023 07:39:23 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: a9ba6be5436e6d5aeeae3dea681de3db
Age: 179788
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 20 Jan 2023 07:39:23 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], jnuncache93 [4], suzix137 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 80752
X-Cache-Status: HIT
Timing-Allow-Origin: *
static.mediav.com/js/mvf_g2.js
101.198.192.8200 OK 9.0 kB URL HTTP/1.1 static.mediav.com/js/mvf_g2.js
IP 101.198.192.8:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (25539), with no line terminators
Hash 1baf9fc7116527b1a41307a6653030ca
f854953834e70e842d0d3fe6c8966ffb38e16744
d601207a5fa9a6b11008bc0a5a295c46ed62707d4a4b7b04a276eef33c3dcbd3
GET /js/mvf_g2.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:41 GMT
Vary: Accept-Encoding
Expires: Mon, 23 Jan 2023 08:14:34 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.hkht;HIT from w-sc01.bjyt
t14.baidu.com/it/u=2976845088,2905344631&fm=224&app=112&f=JPEG?w=375&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t14.baidu.com/it/u=2976845088,2905344631&fm=224&app=112&f=JPEG?w=375&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x500, components 3\012- data
Hash cdde4ab27c55b069fcc96953dbcaf6a9
fd87d3475cc33403d2acdc14ed10c3bdd8f59f23
770db03bc819482babea948618c02fced71de9c0911b369776b8e581bc3e6198
GET /it/u=2976845088,2905344631&fm=224&app=112&f=JPEG?w=375&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpeg
Content-Length: 39621
Connection: keep-alive
Expires: Fri, 27 Jan 2023 09:48:58 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: cdde4ab27c55b069fcc96953dbcaf6a9
Age: 1555384
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 09:48:57 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache54 [1], xiangyix207 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39621
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337
182.106.158.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x337, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2efc2110541ccf212976248eacfc744a
6dd4db7ec40fac2ebe7fa6297ccb2acd29f40cca
12ac2bb2332ba32de68b287f7d6c305888467627ce5d927072b237384cffc2e5
GET /it/u=1039606715,3013122277&fm=253&fmt=auto?w=640&h=337 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 17112
expires: Sun, 05 Feb 2023 04:46:20 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 2efc2110541ccf212976248eacfc744a
age: 683093
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 04:46:20 GMT
ohc-cache-hit: jjct68 [4], suzix185 [4]
ohc-file-size: 17112
x-cache-status: HIT
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/965686.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/965686.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/965686.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=4022668850,1745216210&fm=253&app=120&f=JPEG?w=1280&h=800
4271.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
154.218.151.71200 OK 409 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/soft-down.png HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:32 GMT
Connection: keep-alive
ETag: "63676e8c-199"
Accept-Ranges: bytes
t15.baidu.com/it/u=3871817635,3843743069&fm=224&app=112&f=JPEG?w=499&h=500
185.10.104.124200 OK 38 kB URL HTTP/1.1 t15.baidu.com/it/u=3871817635,3843743069&fm=224&app=112&f=JPEG?w=499&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 499x500, components 3\012- data
Hash 205ac7ebbbacf0824cdc852650d974a4
62aebb5ceaa6d5cead66ddbe80eeb872f0a08273
a667912464ea471621105e8b9af0759f4b642291de5d9b115a463a36afb12a32
GET /it/u=3871817635,3843743069&fm=224&app=112&f=JPEG?w=499&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpeg
Content-Length: 37548
Connection: keep-alive
Expires: Sat, 11 Feb 2023 05:01:19 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 205ac7ebbbacf0824cdc852650d974a4
Age: 808537
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 05:01:19 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache62 [1], wzix82 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 37548
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
154.218.151.71200 OK 409 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/softfastdownbtn.png HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:33 GMT
Connection: keep-alive
ETag: "63676e8d-199"
Accept-Ranges: bytes
4271.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cc3e19fad8a144bf1e7bf400678f99cb
6ac3ec9a26fdec416640a98d24564ddee9886999
1725f9122ad4ec5075cd0967aef3ef5aff312d90e17a33b854d71434f7cbba4c
GET /template/company/duote-xiazai/images/icon-sprites.png HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/png
Content-Length: 1160
Last-Modified: Sun, 06 Nov 2022 08:21:18 GMT
Connection: keep-alive
ETag: "63676e7e-488"
Accept-Ranges: bytes
4271.url.tudown.com/uploads/images/369742.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/369742.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/369742.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=599645573,598984044&fm=224&app=112&f=JPEG?w=500&h=500
4271.url.tudown.com/uploads/images/794830.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/794830.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/794830.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1940444868,1149715062&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
t15.baidu.com/it/u=599645573,598984044&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 37 kB URL HTTP/1.1 t15.baidu.com/it/u=599645573,598984044&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0f506ae4b9d5843ca006e3c1591a3742
80c9b1a1015baecbd327e949d65b67d1c9ebc01f
6612daa22a72e1053bb0355912c66e814dba6ecb5efea3f9b42c05c75e016a51
GET /it/u=599645573,598984044&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpeg
Content-Length: 36719
Connection: keep-alive
Expires: Tue, 14 Feb 2023 02:30:51 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 0f506ae4b9d5843ca006e3c1591a3742
Age: 693823
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 02:30:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache58 [1], xiangyix58 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 36719
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
222.186.17.198404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 222.186.17.198:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Mon, 23 Jan 2023 03:14:34 GMT
ali-swift-global-savetime: 1674443674
via: cache78.l2cn3037[21,21,404-1280,M], cache42.l2cn3037[23,0], cache42.l2cn3037[23,0], ens-vcache18.cn5274[31,31,404-1280,M], ens-vcache4.cn5274[33,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Mon, 23 Jan 2023 03:14:34 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: deba119716744436745785997e
X-Firefox-Spdy: h2
4271.url.tudown.com/template/company/duote-xiazai/images/like.png
154.218.151.71200 OK 409 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/images/like.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/like.png HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:22 GMT
Connection: keep-alive
ETag: "63676e82-199"
Accept-Ranges: bytes
img1.baidu.com/it/u=3308558761,1665840672&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=600
220.169.152.35200 OK 34 kB URL HTTP/2 img1.baidu.com/it/u=3308558761,1665840672&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=600
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 448x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea2eb4c7b4653d09402ff320b182da1b
10fde3f03dd435c418ce81b5b27eba3d89197730
49d23c4a1ea0357e5a27196206cf2b46e83a6c06c15107ebbf9c1f30afedee21
GET /it/u=3308558761,1665840672&fm=253&fmt=auto&app=138&f=JPEG?w=448&h=600 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 33812
expires: Thu, 26 Jan 2023 19:55:54 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: ea2eb4c7b4653d09402ff320b182da1b
age: 697779
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 19:55:54 GMT
ohc-cache-hit: yy2ct78 [4], wzix78 [4]
ohc-file-size: 33812
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2813421157,3352110648&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
220.169.152.35200 OK 45 kB URL HTTP/2 img1.baidu.com/it/u=2813421157,3352110648&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 953911aabbc1de3373137fedbb27f73e
1e66b89750c92fdb44c050ca2404ba71289aa3f5
d9ecf2a3e956af2575d10ac778e3613af58ab84aebd780351ed1802accc626e7
GET /it/u=2813421157,3352110648&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 44746
expires: Fri, 10 Feb 2023 21:05:28 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 953911aabbc1de3373137fedbb27f73e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:05:28 GMT
ohc-cache-hit: yy2ct68 [1], xiangyix87 [2]
ohc-file-size: 44746
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/template/company/duote-xiazai/images/dislike.png
154.218.151.71200 OK 295 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/images/dislike.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 16 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash a23e4dc6044953a149d0eb87aa9df5a4
48ab906d07b8d3265c0de7255d41d5352df29b9d
0342c264fcaac6c9fb4c0ea801d56145043dcd37613bddc633a6333c783eb2b9
GET /template/company/duote-xiazai/images/dislike.png HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/png
Content-Length: 295
Last-Modified: Sun, 06 Nov 2022 08:21:09 GMT
Connection: keep-alive
ETag: "63676e75-127"
Accept-Ranges: bytes
4271.url.tudown.com/template/company/duote-xiazai/images/right.png
154.218.151.71200 OK 409 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/images/right.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/right.png HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:30 GMT
Connection: keep-alive
ETag: "63676e8a-199"
Accept-Ranges: bytes
4271.url.tudown.com/template/company/duote-xiazai/images/left.png
154.218.151.71200 OK 409 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/images/left.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/left.png HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/template/company/duote-xiazai/css/soft.css
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:20 GMT
Connection: keep-alive
ETag: "63676e80-199"
Accept-Ranges: bytes
e2.2345.com/news/module2/js/newsModule-v2.js
180.101.199.248200 OK 13 kB URL HTTP/2 e2.2345.com/news/module2/js/newsModule-v2.js
IP 180.101.199.248:0
Hash f7a76ecf3c424c690da41a190389ee69
d9ffc54ddb9ced0da0c15bdd06e35f50943f2ea0
cb0bd9c2a4994bdec8589bc29f669365614159ce2ed3266d4e120e725b656768
GET /news/module2/js/newsModule-v2.js HTTP/1.1
Host: e2.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Mon, 23 Jan 2023 02:45:13 GMT
etag: W/"5f35e38f-cacf"
last-modified: Fri, 14 Aug 2020 01:06:23 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
ali-swift-global-savetime: 1674441913
via: cache59.l2cn3037[0,0,304-0,H], cache58.l2cn3037[1,0], cache58.l2cn3037[1,0], vcache23.cn4733[0,0,200-0,H], vcache22.cn4733[1,0]
age: 1760
x-cache: HIT TCP_MEM_HIT dirn:11:24947898
x-swift-savetime: Mon, 23 Jan 2023 02:47:45 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b465c72a16744436735331039e
content-encoding: gzip
X-Firefox-Spdy: h2
bdcode.2345.com/xtvzuvo.js
42.81.8.130200 OK 38 kB URL HTTP/1.1 bdcode.2345.com/xtvzuvo.js
IP 42.81.8.130:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash ce38d2b5c83cae8301782a83b240927e
16df7d9834814abfc742a741f2d691694eeeee8e
0afb23848a758db307769b0f6e1cc4d56e895fde0c9570ff0ee412ac6427775c
Analyzer Verdict Alert fortinet Malware
GET /xtvzuvo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 38081
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Mon, 23 Jan 2023 04:14:34 GMT
Last-Modified: Wed, 21 Dec 2022 05:54:50 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c1622d08f8ab37df-143
Server: yunjiasu
img0.baidu.com/it/u=4094714741,3265251617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1043
182.106.158.35200 OK 35 kB URL HTTP/2 img0.baidu.com/it/u=4094714741,3265251617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1043
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1043, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ef53c31f308d26ad1fcea172c307656f
7d7025c80150fbf746962acf47ef1b8d91cb4ad9
a9cb2b43863dd6ab4d6684de2478d4e1deca37a1795451b886ab9400d85abab2
GET /it/u=4094714741,3265251617&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1043 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 34684
expires: Sun, 19 Feb 2023 13:29:16 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ef53c31f308d26ad1fcea172c307656f
age: 172611
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 13:29:16 GMT
ohc-cache-hit: jjct64 [4], suzix95 [2]
ohc-file-size: 34684
x-cache-status: HIT
X-Firefox-Spdy: h2
4271.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
154.218.151.71200 OK 409 B URL HTTP/1.1 4271.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/biaoq-icon.png HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:07 GMT
Connection: keep-alive
ETag: "63676e73-199"
Accept-Ranges: bytes
union2.50bang.org/web/duoteall?uId2=PUTRSPSQUR&r=&fBL=1280*1024
180.101.190.124200 OK 0 B URL HTTP/1.1 union2.50bang.org/web/duoteall?uId2=PUTRSPSQUR&r=&fBL=1280*1024
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web/duoteall?uId2=PUTRSPSQUR&r=&fBL=1280*1024 HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: uidFlag=1; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uUid=30A063CDFB9A000D7ADE07050006; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTL=1; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTT=1674443674; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Length: 0
4271.url.tudown.com/uploads/images/442408.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/442408.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/442408.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:34 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3631299687,1337131807&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=120
img1.baidu.com/it/u=2288891777,4256909821&fm=253&fmt=auto&app=138&f=JPEG?w=387&h=388
220.169.152.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=2288891777,4256909821&fm=253&fmt=auto&app=138&f=JPEG?w=387&h=388
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 387x388, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57377fe08fe389c118304ace440408bd
7024873bbe607ccb8c548fe49024ff367022e0b2
5d607bb73a5a289b98de0038ce5a1da60e190f0492426a2c49c1c1346689232a
GET /it/u=2288891777,4256909821&fm=253&fmt=auto&app=138&f=JPEG?w=387&h=388 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 15108
expires: Mon, 23 Jan 2023 03:45:11 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 57377fe08fe389c118304ace440408bd
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 03:45:11 GMT
ohc-cache-hit: yy2ct68 [1], czix175 [4]
ohc-file-size: 15108
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/902189.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/902189.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/902189.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1579681237,2465390635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702
4271.url.tudown.com/uploads/images/245714.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/245714.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/245714.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2236432464,3715600255&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709
push.zhanzhang.baidu.com/push.js
112.34.113.148200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 23 Jan 2023 03:14:35 GMT
Etag: "4078521116"
Expires: Tue, 23 Jan 2024 03:14:35 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=B75C7B89770191A6FDE918FFDEDBE23A:FG=1; max-age=31536000; expires=Tue, 23-Jan-24 03:14:35 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
4271.url.tudown.com/uploads/images/808673.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/808673.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/808673.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2202984533,1114548704&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
4271.url.tudown.com/uploads/images/532399.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/532399.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/532399.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1536434626,2690735139&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
img1.baidu.com/it/u=2804550885,1820717915&fm=253&fmt=auto&app=138&f=GIF?w=700&h=393
220.169.152.35200 OK 96 kB URL HTTP/2 img1.baidu.com/it/u=2804550885,1820717915&fm=253&fmt=auto&app=138&f=GIF?w=700&h=393
IP 220.169.152.35:0
File type GIF image data, version 89a, 700 x 393\012- data
Hash 5c2c4281724a89faf79fb8aaa42be86a
1d2c21f003ca90b0b91d4fba149ca8ef2bc442c4
053e7c3c3cbc50661dba1ea3ed8914fe2b93840fb84de3a5fc09bad6e1a40e06
GET /it/u=2804550885,1820717915&fm=253&fmt=auto&app=138&f=GIF?w=700&h=393 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/gif
content-length: 95644
expires: Thu, 26 Jan 2023 19:56:03 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 5c2c4281724a89faf79fb8aaa42be86a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 19:56:03 GMT
ohc-cache-hit: yy2ct67 [1], qdix87 [4]
ohc-file-size: 95644
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=900478332,388243367&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708
182.106.158.35200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=900478332,388243367&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x708, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be81e40dbe5210a4ffc7aeff13d87cff
6721fa5d4de9788c508a38187bb295be8d4dd737
a0531468c494f69cf95f766a9ad516a3bfc0473e2084406bbd09ff9743a0037a
GET /it/u=900478332,388243367&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 19756
expires: Mon, 20 Feb 2023 13:52:34 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: be81e40dbe5210a4ffc7aeff13d87cff
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 13:52:34 GMT
ohc-cache-hit: jjct60 [2], xaix60 [2]
ohc-file-size: 19756
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=939708387,2643224094&fm=253&fmt=auto&app=138&f=JPEG?w=307&h=440
182.106.158.35200 OK 33 kB URL HTTP/2 img2.baidu.com/it/u=939708387,2643224094&fm=253&fmt=auto&app=138&f=JPEG?w=307&h=440
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 307x440, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9440c6d856cbeb79aa94b51d6c8b0199
62319f215740d9f70bb8934a9d4c35708c009e0f
280256cbe50bc22a16cfb8c338ed66e8e8a9516225c2ddcf84bd8ecdaafef6f2
GET /it/u=939708387,2643224094&fm=253&fmt=auto&app=138&f=JPEG?w=307&h=440 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 32934
expires: Wed, 15 Feb 2023 10:21:50 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 9440c6d856cbeb79aa94b51d6c8b0199
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 10:21:50 GMT
ohc-cache-hit: jjct66 [1], qdix78 [2]
ohc-file-size: 32934
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489
182.106.158.35200 OK 14 kB URL HTTP/2 img0.baidu.com/it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x489, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa702f323f8834eac6cfebece1beccf8
b997043be231e731813715841cb00643b9fe4074
3743f1ab2ba6832312708a93c4683f6a48fe3458daa7268227448f63f8a8995b
GET /it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 13878
expires: Wed, 01 Feb 2023 23:29:16 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: fa702f323f8834eac6cfebece1beccf8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 23:29:16 GMT
ohc-cache-hit: jjct71 [1], bdix151 [2]
ohc-file-size: 13878
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/40816.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/40816.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/40816.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2450586424,825821370&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 5852d5089d4abcc108d275671a29c40c
3883c0c762e76511ee4cc8e8b3cececcf6db236c
6ee34b8a2d1cd69f498e065eee2471bc084257426b6433cb78a620de2c20d5c3
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Mon, 23 Jan 2023 02:47:46 GMT
last-modified: Sun, 22 Jan 2023 16:39:54 GMT
expires: Sun, 29 Jan 2023 16:39:53 GMT
etag: "3883c0c762e76511ee4cc8e8b3cececcf6db236c"
cache-control: max-age=587497,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 78dd34e37e265c92-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1674442066
via: cache9.l2de2[7,13,304-0,M], cache6.l2de2[15,0], cache8.se1[0,0,200-0,H], cache7.se1[1,0], cache2.se1[2,0]
age: 1609
x-cache: HIT TCP_MEM_HIT dirn:1:337267880
x-swift-savetime: Mon, 23 Jan 2023 02:47:46 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9616744436753668105e, 2ff62c9616744436753668105e
img1.baidu.com/it/u=1611550803,142768128&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=530
220.169.152.35200 OK 25 kB URL HTTP/2 img1.baidu.com/it/u=1611550803,142768128&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=530
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x530, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2877ad733d61d2ef7344897b8affc1b3
b1739735bb3f53e65870d79dca64f1cf75b3fb3b
0fa669c8adffa44c0f405eeb91403f10346a18651791d8f3611923e74bd48ffc
GET /it/u=1611550803,142768128&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=530 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 25118
expires: Mon, 30 Jan 2023 02:26:05 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 2877ad733d61d2ef7344897b8affc1b3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 31 Dec 2022 02:26:05 GMT
ohc-cache-hit: yy2ct52 [1], xiangyix94 [4]
ohc-file-size: 25118
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/449631.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/449631.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/449631.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3852046085,256603671&fm=253&fmt=auto?w=800&h=1280
img1.baidu.com/it/u=2236432464,3715600255&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709
220.169.152.35200 OK 25 kB URL HTTP/2 img1.baidu.com/it/u=2236432464,3715600255&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x709, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f8793bfa2048bf86a6d266ef085b473d
2000c9229d9411a7199adf5dc8a2654194625195
636145cbfc4909793c68b91ab9b6372833f8af6a2f14da0af9c10d4af1dec43f
GET /it/u=2236432464,3715600255&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=709 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:35 GMT
content-type: image/webp
content-length: 24992
expires: Wed, 08 Feb 2023 07:42:21 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: f8793bfa2048bf86a6d266ef085b473d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 07:42:21 GMT
ohc-cache-hit: yy2ct50 [1], csix105 [4]
ohc-file-size: 24992
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1940444868,1149715062&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
182.106.158.35200 OK 6.9 kB URL HTTP/2 img2.baidu.com/it/u=1940444868,1149715062&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c44adf97afe442785c96b66f67708fe
7bbbfe692b7744623862038e6658c0b9c4c13412
3bbefd5f125eaf73cc68ec0ac2add835adacafcd516bcfe14bc0bf3e10d578b6
GET /it/u=1940444868,1149715062&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 6934
expires: Thu, 02 Feb 2023 02:57:04 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 8c44adf97afe442785c96b66f67708fe
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 02:57:04 GMT
ohc-cache-hit: jjct72 [1], wzix76 [4]
ohc-file-size: 6934
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2880109299,875983624&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=94
182.106.158.35200 OK 2.6 kB URL HTTP/2 img2.baidu.com/it/u=2880109299,875983624&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=94
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x94, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c22a3710dae5f16030b0d32f88e90210
c45beb95d4def0c05b79a4ddd78161784896f88f
0a8b6d1449e1c7830f49ca77d010e2c4c8eed7b66fd6ffbd7285df0f845fabe0
GET /it/u=2880109299,875983624&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=94 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:34 GMT
content-type: image/webp
content-length: 2600
expires: Wed, 22 Feb 2023 02:56:59 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: c22a3710dae5f16030b0d32f88e90210
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:56:59 GMT
ohc-cache-hit: jjct55 [1], qdix121 [4]
ohc-file-size: 2600
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3631299687,1337131807&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=120
182.106.158.35200 OK 1.6 kB URL HTTP/2 img0.baidu.com/it/u=3631299687,1337131807&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=120
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 788077e0be82b7124a0eb4e67b3d44f3
1dbac363a159c0dde67f3e8cc636de1d29a8597a
8ca8008d933b4b1daafc86b769f12904b69427cf29eb242613922caeb2b0b548
GET /it/u=3631299687,1337131807&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=120 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:35 GMT
content-type: image/webp
content-length: 1632
expires: Mon, 06 Feb 2023 03:59:28 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 788077e0be82b7124a0eb4e67b3d44f3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 03:59:28 GMT
ohc-cache-hit: jjct50 [1], qdix136 [2]
ohc-file-size: 1632
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/778939.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/778939.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/778939.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2127033273,1269795560&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=275
4271.url.tudown.com/uploads/images/361178.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/361178.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/361178.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1103624836,2576831704&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
img0.baidu.com/it/u=1536434626,2690735139&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
182.106.158.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=1536434626,2690735139&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e16fa196a20463ddb8d852050f82f528
3d19122dd83e4b5c7bf2f62beccc736b11223768
740cf1e45b94726aec0c7cee734763919a52b32b1605fb38123d8b6a45e31411
GET /it/u=1536434626,2690735139&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:35 GMT
content-type: image/webp
content-length: 17954
expires: Fri, 17 Feb 2023 08:17:06 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: e16fa196a20463ddb8d852050f82f528
age: 340954
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 08:17:06 GMT
ohc-cache-hit: jjct67 [4], suzix95 [2]
ohc-file-size: 17954
x-cache-status: HIT
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/301998.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/301998.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/301998.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1766925865,3049437352&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=2202984533,1114548704&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
220.169.152.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=2202984533,1114548704&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x753, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7a4364ae189218131d2cc9e64e659e76
9668d9ca456642308a25f231d36a305f0ca0eafe
8b127e9bbd3ad51e4f37d6e647643e12904150ec08df806e4e84c47612bb07a1
GET /it/u=2202984533,1114548704&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=753 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:35 GMT
content-type: image/webp
content-length: 23260
expires: Mon, 20 Feb 2023 05:08:31 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 7a4364ae189218131d2cc9e64e659e76
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 05:08:31 GMT
ohc-cache-hit: yy2ct61 [1], xaix137 [2]
ohc-file-size: 23260
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/560357.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/560357.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/560357.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=437089299,1155026280&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=1766925865,3049437352&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 69 kB URL HTTP/1.1 t14.baidu.com/it/u=1766925865,3049437352&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e292d78a37c21000db864df6d6573166
e727899719ba8923c126d7c36a45f43df993e5b9
a29e5035cabd81d85b4b5915227fc3aee962d1d47e5e7355a57a6f8c95ac0f51
GET /it/u=1766925865,3049437352&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpeg
Content-Length: 68819
Connection: keep-alive
Expires: Fri, 10 Feb 2023 05:00:13 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: e292d78a37c21000db864df6d6573166
Age: 972275
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 05:00:13 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache52 [1], czix155 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 68819
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=437089299,1155026280&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 86 kB URL HTTP/1.1 t13.baidu.com/it/u=437089299,1155026280&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 7a7bcada2783be8d2188dec027ae14be
b27efb461f7432daf458ac99b141ca9acd425423
9c8c2e6c55cd5e8df09c05d7b9f7d833909dc254562722c8c0f2930609e793c1
GET /it/u=437089299,1155026280&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpeg
Content-Length: 85539
Connection: keep-alive
Expires: Thu, 02 Feb 2023 02:57:26 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 7a7bcada2783be8d2188dec027ae14be
Age: 1714238
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 02:57:26 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache64 [1], xaix242 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 85539
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/823696.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/823696.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/823696.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1567634593,1233232683&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=2450586424,825821370&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.106.158.35200 OK 15 kB URL HTTP/2 img0.baidu.com/it/u=2450586424,825821370&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d5b38f7f32cb78a8c1b39b6d7624e92a
295b78aa564977c450be8acf5e2a2494def9431b
5155e8d734bb2ea6e7cea990b6f6a44280b8a21dbff46716cf5e959337eb0ed6
GET /it/u=2450586424,825821370&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:35 GMT
content-type: image/webp
content-length: 14824
expires: Mon, 20 Feb 2023 11:57:56 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: d5b38f7f32cb78a8c1b39b6d7624e92a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 11:57:56 GMT
ohc-cache-hit: jjct58 [1], qdix169 [4]
ohc-file-size: 14824
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=1567634593,1233232683&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 46 kB URL HTTP/1.1 t13.baidu.com/it/u=1567634593,1233232683&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 92f31bfb7796d21d17e9159f9b38bdfe
71c4c44c276bdebc06bf341dfdb7a7d778c3f3cc
fec50e7ad78a06405697c1e8da58b12acc8f977d0ac88146eb004d6eff31c202
GET /it/u=1567634593,1233232683&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpeg
Content-Length: 45909
Connection: keep-alive
Expires: Mon, 06 Feb 2023 18:45:56 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 92f31bfb7796d21d17e9159f9b38bdfe
Age: 970612
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 18:45:56 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache58 [4], wzix91 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 45909
X-Cache-Status: HIT
Timing-Allow-Origin: *
api.share.baidu.com/s.gif?l=http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 23 Jan 2023 03:14:35 GMT
4271.url.tudown.com/uploads/images/863933.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/863933.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/863933.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3479494296,1914057631&fm=224&app=112&f=JPEG?w=284&h=284
img0.baidu.com/it/u=3852046085,256603671&fm=253&fmt=auto?w=800&h=1280
182.106.158.35200 OK 97 kB URL HTTP/2 img0.baidu.com/it/u=3852046085,256603671&fm=253&fmt=auto?w=800&h=1280
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8894ae7a0c5e81788c5b078ad6919f32
cac1f0ff7982618b14df3d78fc15ee14417127a5
e7668d06fba4d0bb7c3904090911566375a569ceb4314b81907fcd11e692b77f
GET /it/u=3852046085,256603671&fm=253&fmt=auto?w=800&h=1280 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:35 GMT
content-type: image/webp
content-length: 97362
expires: Tue, 31 Jan 2023 11:49:17 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 8894ae7a0c5e81788c5b078ad6919f32
age: 338636
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 11:49:17 GMT
ohc-cache-hit: jjct74 [4], csix97 [4]
ohc-file-size: 97362
x-cache-status: HIT
X-Firefox-Spdy: h2
t13.baidu.com/it/u=3479494296,1914057631&fm=224&app=112&f=JPEG?w=284&h=284
185.10.104.124200 OK 14 kB URL HTTP/1.1 t13.baidu.com/it/u=3479494296,1914057631&fm=224&app=112&f=JPEG?w=284&h=284
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 284x284, components 3\012- data
Hash 812b66d9f6d5c5f5b0cb68980ecd6dd2
f5086217f0289ee8e39d779ef9b86b6ad2a07e1f
3ed49a713c9d903f18ec1ad3deb803f79115e9d46fdcf2aefc904bef98f7b09f
GET /it/u=3479494296,1914057631&fm=224&app=112&f=JPEG?w=284&h=284 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpeg
Content-Length: 14465
Connection: keep-alive
Expires: Wed, 15 Feb 2023 08:15:12 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 812b66d9f6d5c5f5b0cb68980ecd6dd2
Age: 517130
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 08:15:12 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache64 [1], wzix100 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 14465
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=2127033273,1269795560&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=275
220.169.152.35200 OK 12 kB URL HTTP/2 img1.baidu.com/it/u=2127033273,1269795560&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=275
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 253x275, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b9cc1bd02458e669323c2418e4d3bc1a
454f2ab6b8abda5f5a76aa90385fee4648f87ed9
790acce82344d2227bb49bb3471675288f7025e559a21030bc3573438033c416
GET /it/u=2127033273,1269795560&fm=253&fmt=auto&app=138&f=JPEG?w=253&h=275 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:35 GMT
content-type: image/webp
content-length: 12532
expires: Tue, 21 Feb 2023 02:21:47 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b9cc1bd02458e669323c2418e4d3bc1a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:21:47 GMT
ohc-cache-hit: yy2ct78 [2], czix197 [4]
ohc-file-size: 12532
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/330505.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/330505.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/330505.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500
4271.url.tudown.com/uploads/images/934541.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/934541.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/934541.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3948369345,603340471&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img1.baidu.com/it/u=1103624836,2576831704&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
220.169.152.35200 OK 24 kB URL HTTP/2 img1.baidu.com/it/u=1103624836,2576831704&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2cb05ef14c75947381e5f507d957e1d
00b184a4959b3b0479902300871af89352174a6c
15d6a1a23340196b6e110c2c1d4aaee13bfed0ceab7a8d893e29bf368dfc5b3c
GET /it/u=1103624836,2576831704&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:35 GMT
content-type: image/webp
content-length: 24458
expires: Sat, 18 Feb 2023 12:57:22 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: d2cb05ef14c75947381e5f507d957e1d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 12:57:22 GMT
ohc-cache-hit: yy2ct70 [1], bdix151 [2]
ohc-file-size: 24458
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/214120.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/214120.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/214120.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3127594824,368810368&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 34 kB URL HTTP/1.1 t14.baidu.com/it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5239510c1c63f9a72c5d26015b121fec
d1e0c875c70db75834d1cd0b38ef37ba508cb5d1
811c688dd7e56bb63c60f5025bee0a9ea69a243e977d95d46174fee000d90d9f
GET /it/u=2607474715,1226083256&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpeg
Content-Length: 34049
Connection: keep-alive
Expires: Thu, 09 Feb 2023 02:14:55 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 5239510c1c63f9a72c5d26015b121fec
Age: 972369
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 02:14:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache64 [1], qdix214 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 34049
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/286579.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/286579.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/286579.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1894656948,1686600260&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
t14.baidu.com/it/u=3127594824,368810368&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 54 kB URL HTTP/1.1 t14.baidu.com/it/u=3127594824,368810368&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 883f856876a48db5db9d8e565fc15d83
7ddbf12bb04a549154628644f3f92181e7a2be3d
86f736c5c1adfe4ffbde55b107b7aaaf7a77407bb76ca050d26b2e7ef57b5187
GET /it/u=3127594824,368810368&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpeg
Content-Length: 53654
Connection: keep-alive
Expires: Sat, 04 Feb 2023 09:32:24 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 883f856876a48db5db9d8e565fc15d83
Age: 971798
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 09:32:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache64 [4], bdix157 [4]
Ohc-Response-Time: 1 0 0 0 0 2
Ohc-File-Size: 53654
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/496130.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/496130.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/496130.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2276253251,696465615&fm=224&app=112&f=JPEG?w=500&h=500
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 32d82e948824e0e64517bf4c2e00ffa2
7047d00a334d71f8e91d223d963001023b7ed572
d233c53c115ca145f3f7805f19b329af5af5c8971a86bd118ec484a2a15b38ba
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Mon, 23 Jan 2023 03:14:35 GMT
Etag: 359695ca352361536b001a3625380046
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A45CE894EB825F82; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img2.baidu.com/it/u=1579681237,2465390635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702
220.169.152.35200 OK 34 kB URL HTTP/1.1 img2.baidu.com/it/u=1579681237,2465390635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x702, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fca79e0a38ddde9e6f14bb8ab26a22db
a83d6c1baf9e030fa4fa5f32bbdc33d56af872c3
8755423eeed77de1f6a85a8d9ef88644ba929362dd6dc07d7819c3df7ec9ead5
GET /it/u=1579681237,2465390635&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=702 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/webp
Content-Length: 34528
Connection: keep-alive
Expires: Wed, 01 Feb 2023 12:34:08 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: fca79e0a38ddde9e6f14bb8ab26a22db
Age: 594135
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 12:34:07 GMT
Ohc-Cache-HIT: yy2ct59 [4], wzix59 [4]
Ohc-File-Size: 34528
X-Cache-Status: HIT
img1.baidu.com/it/u=4022668850,1745216210&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 171 kB URL HTTP/1.1 img1.baidu.com/it/u=4022668850,1745216210&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 171 kB (170966 bytes)
Hash ecd06a10370190cdb92f8d66bed5f60e
a615b24215362d30e3c8fea1efdfcef5df59cc5a
f1e6735a107857e0d0e2156004dc0fc8689634cab985451a0945dd5a535f224a
GET /it/u=4022668850,1745216210&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpeg
Content-Length: 170966
Connection: keep-alive
Expires: Sun, 05 Feb 2023 11:55:57 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: ecd06a10370190cdb92f8d66bed5f60e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 11:55:57 GMT
Ohc-Cache-HIT: yy2ct71 [2], xaix243 [4]
Ohc-File-Size: 170966
X-Cache-Status: MISS
t15.baidu.com/it/u=2276253251,696465615&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 38 kB URL HTTP/1.1 t15.baidu.com/it/u=2276253251,696465615&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 949041453e48044378f621e12ca34981
e644439fce2fc73ebe589a39b9e337dc37de0cdb
6d00372096c1efbe577aba94b0b2afad5d1fa697d37046f61730229e48f79ec5
GET /it/u=2276253251,696465615&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpeg
Content-Length: 38544
Connection: keep-alive
Expires: Fri, 03 Feb 2023 04:50:33 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 949041453e48044378f621e12ca34981
Age: 972599
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 04:50:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache53 [1], wzix99 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 38544
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/773256.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/773256.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/773256.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=587155027,776071806&fm=224&app=112&f=JPEG?w=500&h=500
img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
101.226.28.219200 OK 41 kB URL HTTP/1.1 img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
IP 101.226.28.219:0
ASN #4812 China Telecom Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 910x86, components 3\012- data
Hash f8f15f37c9961bc7463d1df83059d32c
7b4aa49eaed0106e8722fda960d4f397b78e7811
eb99269720c3ad25a285d1cae14a73f57a45ffe3e1f086f1e0a8351a83e62cc0
GET /duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg HTTP/1.1
Host: img4.runjiapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 41017
Connection: keep-alive
Date: Wed, 04 Jan 2023 09:53:50 GMT
x-oss-request-id: 63B54CAE8873C53939421D90
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "F8F15F37C9961BC7463D1DF83059D32C"
Last-Modified: Fri, 04 Sep 2020 08:59:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2768094505068467474
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Sat, 05 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
Content-MD5: +PFfN8mWG8dGPR34MFnTLA==
x-oss-server-time: 18
Ali-Swift-Global-Savetime: 1672826030
Via: cache45.l2cn1807[0,0,200-0,H], cache50.l2cn1807[0,0], vcache15.cn4757[0,0,200-0,H], vcache3.cn4757[1,0]
Age: 1617645
X-Cache: HIT TCP_MEM_HIT dirn:10:55937922
X-Swift-SaveTime: Wed, 04 Jan 2023 09:55:49 GMT
X-Swift-CacheTime: 15551881
Timing-Allow-Origin: *
EagleId: 65e21c9716744436757116474e
t14.baidu.com/it/u=587155027,776071806&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 59 kB URL HTTP/1.1 t14.baidu.com/it/u=587155027,776071806&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 74aa77088e6281f9b5f441c5c9e9f434
6c913475367014fb591e1701ccd1920bcb48c9ff
60e7c075be8ff4c557b40cd79a19d0972664c84b6f18298ef02f4195583b09d4
GET /it/u=587155027,776071806&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpeg
Content-Length: 58765
Connection: keep-alive
Expires: Thu, 26 Jan 2023 18:49:40 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 74aa77088e6281f9b5f441c5c9e9f434
Age: 972436
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 27 Dec 2022 18:49:40 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache60 [1], czix212 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 58765
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=3948369345,603340471&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
182.106.158.35200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=3948369345,603340471&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9165745b76d08ca2ac37098054c23128
9437b103945f75259a3579b3b14438eb076246cc
761e898459a1f48f7f92c68947eebe03b4a346a4832847adae78e21cf8351dd3
GET /it/u=3948369345,603340471&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:35 GMT
content-type: image/webp
content-length: 12808
expires: Tue, 31 Jan 2023 04:04:14 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 9165745b76d08ca2ac37098054c23128
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 04:04:14 GMT
ohc-cache-hit: jjct50 [1], xiangyix154 [4]
ohc-file-size: 12808
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1894656948,1686600260&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
182.106.158.35200 OK 7.6 kB URL HTTP/2 img2.baidu.com/it/u=1894656948,1686600260&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x185, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e7b58d127ab2a7115919838e7951eb25
0557b37a5fd6c9ed29bcd359b901c62ecec59f74
a985276be31e376d7e974a4f58e745d92ca867158442daeb295094e2af55ae84
GET /it/u=1894656948,1686600260&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 7632
expires: Wed, 01 Feb 2023 03:48:24 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: e7b58d127ab2a7115919838e7951eb25
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 03:48:24 GMT
ohc-cache-hit: jjct59 [1], csix59 [2]
ohc-file-size: 7632
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/404254.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/404254.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/404254.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1869367108,3051088590&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
4271.url.tudown.com/uploads/images/263396.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/263396.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/263396.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4182404571,4074591745&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
4271.url.tudown.com/uploads/images/62763.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/62763.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/62763.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1394127003,2167739577&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=330
4271.url.tudown.com/uploads/images/781108.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/781108.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/781108.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1181702781,829817883&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=113
sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
60.190.116.48200 OK 123 kB URL HTTP/1.1 sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
IP 60.190.116.48:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 123 kB (123037 bytes)
Hash c39ed7d28cee6240d44cc5b5c2bbd686
eab7220ff1195b14d9c1c21ae4fcad33315549b5
cd5d1c61337dd6b5a3ddffdc95ed7da921b125c9911aa22eaef8f054a2345459
GET /js/dfxaf3-635b4cd6.js HTTP/1.1
Host: sofire.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:35 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 25 Jan 2023 08:39:29 GMT
Last-Modified: Fri, 06 Jan 2023 03:24:00 GMT
ETag: "6c8af00e14f394b624a4b374d18b9b7a"
Content-Encoding: gzip
Age: 66906
Accept-Ranges: bytes
Content-MD5: bIrwDhTzlLYkpLN00Yubeg==
x-bce-content-crc32: 1362413814
x-bce-debug-id: ICLoXEJkzZvZmCft2ehLoRmswzs6B0FB6yI3vRkX/+k2LvlF58f/N6XslyX5jGyekjJcPYJPoeU2guZJYYjGDQ==
x-bce-request-id: 459f8903-1ead-4d78-8de1-9d47d09746a5
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 08:39:29 GMT
Ohc-Cache-HIT: wz2ct56 [2], nb2ctcache51 [2]
Ohc-Response-Time: 1 0 0 0 0 0
4271.url.tudown.com/uploads/images/843788.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/843788.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/843788.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1633468195,3323077014&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=167
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1944113022&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=24425&r=0&ww=1280&u=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&tt=%E7%9C%9F%E4%BA%BA%E7%BD%91%E7%AB%99-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1944113022&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=24425&r=0&ww=1280&u=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&tt=%E7%9C%9F%E4%BA%BA%E7%BD%91%E7%AB%99-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1944113022&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=24425&r=0&ww=1280&u=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&tt=%E7%9C%9F%E4%BA%BA%E7%BD%91%E7%AB%99-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 23 Jan 2023 03:14:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EA30689C71BA8323; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
4271.url.tudown.com/uploads/images/741462.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/741462.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/741462.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1195511623,932910324&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
4271.url.tudown.com/uploads/images/258357.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/258357.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/258357.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3700066340,2812271891&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=374
cpro.baidustatic.com/cpro/ui/pr.js
220.169.152.35200 OK 191 B URL HTTP/1.1 cpro.baidustatic.com/cpro/ui/pr.js
IP 220.169.152.35:0
File type ASCII text, with CRLF line terminators
Hash 48bbe750b892850b181762bf739e10dd
716574fe9afcde8faef513b16d6867cb07afe626
e538c894cae59538764a334e2cf2bc02e53fa6a9e4efebcd251bc5da82fa2158
GET /cpro/ui/pr.js HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 23 Jan 2023 04:10:44 GMT
Last-Modified: Tue, 30 Aug 2022 02:57:27 GMT
ETag: "630d7c97-ff"
Cache-Control: max-age=3600
Content-Encoding: gzip
Age: 232
Accept-Ranges: bytes
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 03:10:44 GMT
Ohc-Cache-HIT: yy2ct64 [2], wzix64 [1]
Ohc-File-Size: 191
X-Cache-Status: HIT
4271.url.tudown.com/uploads/images/845284.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/845284.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/845284.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3282810049,306122274&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=122
4271.url.tudown.com/uploads/images/612212.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/612212.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/612212.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=4105621178,1240953882&fm=224&app=112&f=JPEG?w=500&h=500
pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=805006638&s2=609865465<u=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&dc=3&ti=%E7%9C%9F%E4%BA%BA%E7%BD%91%E7%AB%99-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88&ps=2136x34&drs=3&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674443673&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674443674&dtm=HTML_POST&tpr=1674443673655&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=2896f9c54761e879&fpt=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81&dft=0&ft=1
182.61.200.109200 OK 15 kB URL HTTP/2 pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=805006638&s2=609865465<u=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&dc=3&ti=%E7%9C%9F%E4%BA%BA%E7%BD%91%E7%AB%99-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88&ps=2136x34&drs=3&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674443673&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674443674&dtm=HTML_POST&tpr=1674443673655&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=2896f9c54761e879&fpt=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42082)
Hash 2ec9e138ab0c7212016d063bf0a52494
863a9b2076adc8e50f2290ded37b9998d462d3d8
170fa176727cd0769b3ef922c74844a9d0cfb7b34898b60f94b1fdbe4f7a377d
GET /s?wid=890&hei=200&di=u5039524&s1=805006638&s2=609865465<u=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&dc=3&ti=%E7%9C%9F%E4%BA%BA%E7%BD%91%E7%AB%99-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88&ps=2136x34&drs=3&pcs=1268x939&pss=1268x2678&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674443673&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674443674&dtm=HTML_POST&tpr=1674443673655&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=2896f9c54761e879&fpt=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 23 Jan 2023 03:14:36 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon Jan 23 11:14:36 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=4A9CA83C98D3872A3EC0DF84A45971EA:FG=1; expires=Tue, 23-Jan-54 03:14:36 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 14984
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/678289.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/678289.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/678289.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=851152170,873345865&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
4271.url.tudown.com/uploads/images/960863.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/960863.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/960863.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2873043159,1307328718&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
img1.baidu.com/it/u=1633468195,3323077014&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=167
220.169.152.35200 OK 9.7 kB URL HTTP/2 img1.baidu.com/it/u=1633468195,3323077014&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=167
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x167, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fb40c8a647ebd73ce74cade182701005
0ad92d231ada5e7339b2e30a171b4a85b8590fe5
22610f45a0e05163179e6e0d4ee546a32b08e3bdce5f9bc35f7bf85c924e883e
GET /it/u=1633468195,3323077014&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=167 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 9694
expires: Sat, 28 Jan 2023 03:15:57 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: fb40c8a647ebd73ce74cade182701005
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 29 Dec 2022 03:15:57 GMT
ohc-cache-hit: yy2ct67 [1], xiangyix232 [2]
ohc-file-size: 9694
x-cache-status: MISS
X-Firefox-Spdy: h2
pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=3753526199&s2=2336611602<u=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&dc=3&ti=%E7%9C%9F%E4%BA%BA%E7%BD%91%E7%AB%99-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88&ps=1802x34&drs=3&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674443673&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674443674&dtm=HTML_POST&tpr=1674443673655&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=2896f9c54761e879&fpt=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81&dft=0&ft=1
182.61.200.109200 OK 13 kB URL HTTP/2 pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=3753526199&s2=2336611602<u=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&dc=3&ti=%E7%9C%9F%E4%BA%BA%E7%BD%91%E7%AB%99-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88&ps=1802x34&drs=3&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674443673&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674443674&dtm=HTML_POST&tpr=1674443673655&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=2896f9c54761e879&fpt=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8123)
Hash 007a8b5813bd405cffbd47071c736182
53c12729ced9412647f5a030c5c3e6893d2327eb
35b0a9cf3203e912741eaa72cd3a9cbf42127571996c51c7b11691780fd0337f
GET /s?wid=910&hei=120&di=u4965894&s1=3753526199&s2=2336611602<u=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&dc=3&ti=%E7%9C%9F%E4%BA%BA%E7%BD%91%E7%AB%99-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88&ps=1802x34&drs=3&pcs=1268x939&pss=1268x2558&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674443673&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674443674&dtm=HTML_POST&tpr=1674443673655&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=2896f9c54761e879&fpt=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 23 Jan 2023 03:14:36 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon Jan 23 11:14:36 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=4A9CA83C98D3872A51AD3AA3DAAC8172:FG=1; expires=Tue, 23-Jan-54 03:14:36 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 13417
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4182404571,4074591745&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
220.169.152.35200 OK 39 kB URL HTTP/2 img1.baidu.com/it/u=4182404571,4074591745&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 18bfa20d1ed75cfe14dfa4d5185a7392
901e808514c1b1f3a6d45674f0b709765eeb9ae0
6334dad1a09188b7b9b9aaead94ead857a0bf2ec7385772c01c04fc515ff4cc1
GET /it/u=4182404571,4074591745&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 38572
expires: Tue, 21 Feb 2023 03:08:16 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 18bfa20d1ed75cfe14dfa4d5185a7392
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:08:16 GMT
ohc-cache-hit: yy2ct65 [1], bdix169 [2]
ohc-file-size: 38572
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=4105621178,1240953882&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 31 kB URL HTTP/1.1 t14.baidu.com/it/u=4105621178,1240953882&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 244a48db5157ac70a46cc8e8cc109bdf
08f8409fa94c357871900e088a0939c6f0c0093f
5fafd7d326cacae1161aaa93bab11c98becec114364c2dd249b5628961733889
GET /it/u=4105621178,1240953882&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpeg
Content-Length: 30893
Connection: keep-alive
Expires: Fri, 10 Feb 2023 03:34:38 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 244a48db5157ac70a46cc8e8cc109bdf
Age: 972276
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 03:34:38 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache50 [4], wzix83 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 30893
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/910491.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/910491.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/910491.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1407745396,4157898093&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=1181702781,829817883&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=113
182.106.158.35200 OK 3.8 kB URL HTTP/2 img2.baidu.com/it/u=1181702781,829817883&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=113
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x113, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ca18c0eced63a272e1c8e948b071d58c
4357636af93c3db4f79a5de17bf8a6a91aa70cb1
6928cd755cfc47aaf34ac67b1c7d10121de06d58319c19b26dacffcced228795
GET /it/u=1181702781,829817883&fm=253&fmt=auto&app=138&f=JPEG?w=150&h=113 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 3794
expires: Mon, 20 Feb 2023 02:57:41 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: ca18c0eced63a272e1c8e948b071d58c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 02:57:41 GMT
ohc-cache-hit: jjct68 [1], wzix68 [4]
ohc-file-size: 3794
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/315308.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/315308.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/315308.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2402048221,2607217702&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
4271.url.tudown.com/uploads/images/347522.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/347522.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/347522.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1510615438,330178449&fm=224&app=112&f=JPEG?w=500&h=500
4271.url.tudown.com/uploads/images/353537.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/353537.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/353537.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1510796482,3884705894&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
t13.baidu.com/it/u=1510615438,330178449&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 52 kB URL HTTP/1.1 t13.baidu.com/it/u=1510615438,330178449&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1a2c249e0941d711358921ca5d8609a6
1117151776ce2c80b25bb6fb0dc55ce0a3c28f8d
76ec29e7d5afe8d6712400f184571257f9b48067e04be52c3a8f29666ddd4fee
GET /it/u=1510615438,330178449&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpeg
Content-Length: 51591
Connection: keep-alive
Expires: Mon, 13 Feb 2023 13:03:31 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 1a2c249e0941d711358921ca5d8609a6
Age: 696174
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 14 Jan 2023 13:03:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache65 [1], czix163 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51591
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/719740.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/719740.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/719740.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1986908311,1946668540&fm=224&app=112&f=JPEG?w=500&h=500
4271.url.tudown.com/uploads/images/312738.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/312738.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/312738.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3053994392,3801901966&fm=253&fmt=auto?w=120&h=80
img2.baidu.com/it/u=1869367108,3051088590&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
182.106.158.35200 OK 61 kB URL HTTP/2 img2.baidu.com/it/u=1869367108,3051088590&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 394c37edda9377d2090ffd30989e2962
be0bcb68ff97f1828eeb16aa4ad128235e20f318
d7531aa6fdea5c070834425f3abe42ec3287cbb8927b9e66dea013015ddb2c27
GET /it/u=1869367108,3051088590&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 61192
expires: Wed, 08 Feb 2023 07:14:52 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 394c37edda9377d2090ffd30989e2962
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 07:14:52 GMT
ohc-cache-hit: jjct65 [1], wzix116 [2]
ohc-file-size: 61192
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1394127003,2167739577&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=330
182.106.158.35200 OK 7.4 kB URL HTTP/2 img2.baidu.com/it/u=1394127003,2167739577&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=330
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bf93c49f82ba691ed47fb57d48412d6b
c38db87a4ad85c43186d79b3991398f15bd6c7b6
0822dbe14958e127c2000fdb32e305274941372bb43cbc2c9e1fc9820db480ca
GET /it/u=1394127003,2167739577&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=330 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 7420
expires: Sat, 18 Feb 2023 13:24:23 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: bf93c49f82ba691ed47fb57d48412d6b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 13:24:23 GMT
ohc-cache-hit: jjct50 [2], bdix50 [2]
ohc-file-size: 7420
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=1407745396,4157898093&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 58 kB URL HTTP/1.1 t15.baidu.com/it/u=1407745396,4157898093&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 214c2caa6f75d5953a8df47c56b8690e
02a9046be3f33180cadbfb9fe5eef0a8ac8a6a46
8c8a28e585a37a471487f975acef08baeff412667f6dced202ea3235a1a04ce8
GET /it/u=1407745396,4157898093&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpeg
Content-Length: 58539
Connection: keep-alive
Expires: Sat, 04 Feb 2023 02:44:55 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 214c2caa6f75d5953a8df47c56b8690e
Age: 1556981
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 02:44:55 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache65 [1], wzix65 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 58539
X-Cache-Status: HIT
Timing-Allow-Origin: *
bdcode.2345.com/rvsptpwe.js
42.81.8.130200 OK 4.0 kB URL HTTP/1.1 bdcode.2345.com/rvsptpwe.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (11438), with no line terminators
Hash 4927ec7cf61077c3cb553d1e91fbe407
81cecb6db2e670675c9bdac9c8c9225b987262cc
439bad0c6b3cec8c27d7bd369cf89917af4deec831c07836e4e1d265113a641c
Analyzer Verdict Alert fortinet Malware
GET /rvsptpwe.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 4034
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Mon, 23 Jan 2023 04:14:36 GMT
Last-Modified: Tue, 12 Apr 2022 01:59:51 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c1622d1ff8ad37df-143
Server: yunjiasu
t15.baidu.com/it/u=1986908311,1946668540&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t15.baidu.com/it/u=1986908311,1946668540&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d3f3a5db8aa5fa945e3847aa7cfb9d54
44af060ba89bde3f454f38d91b01431215156697
f2a29d466fe6fa1d5f636c0104468c179121cad149fa8d8f0ccd4f38bad002a4
GET /it/u=1986908311,1946668540&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpeg
Content-Length: 44542
Connection: keep-alive
Expires: Wed, 01 Feb 2023 17:08:25 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: d3f3a5db8aa5fa945e3847aa7cfb9d54
Age: 971065
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 17:08:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache52 [4], xaix88 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44542
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3700066340,2812271891&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=374
220.169.152.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=3700066340,2812271891&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=374
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x374, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03cf22b3137049e6ab6e22ab155136cb
cf6d32cec660241ef72b6e5d27e417f6afc2ccb2
aff1864a635cf3f38334fbaa32f386ea574e5f2160489947d672658a85f97a41
GET /it/u=3700066340,2812271891&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=374 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 27474
expires: Mon, 23 Jan 2023 14:12:43 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 03cf22b3137049e6ab6e22ab155136cb
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 14:12:43 GMT
ohc-cache-hit: yy2ct77 [1], bdix230 [2]
ohc-file-size: 27474
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/146084.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/146084.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/146084.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:36 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1488390620,817452110&fm=253&fmt=auto&app=138&f=GIF?w=630&h=500
img0.baidu.com/it/u=3282810049,306122274&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=122
182.106.158.35200 OK 3.9 kB URL HTTP/2 img0.baidu.com/it/u=3282810049,306122274&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=122
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x122, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 33bc855f6be4c40c7a3493eb41dd6060
6c98143a16bc013008375a054d383ffadfac5d88
7caf59be507b87eba89d438ebff69762f88ad431db1c5083f9b825cda7c69c62
GET /it/u=3282810049,306122274&fm=253&fmt=auto&app=138&f=JPEG?w=86&h=122 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 3932
expires: Thu, 02 Feb 2023 01:25:05 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 33bc855f6be4c40c7a3493eb41dd6060
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 01:25:05 GMT
ohc-cache-hit: jjct50 [1], xiangyix138 [4]
ohc-file-size: 3932
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=851152170,873345865&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
182.106.158.35200 OK 51 kB URL HTTP/2 img2.baidu.com/it/u=851152170,873345865&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d40fb4750fe126a2c718bcbdfe50bff6
b0c878914c5193a0be520f891bd48c393341b90e
1794706a54d02bef4bef9500de16ac2442127d7e83b8911788a8132cb8abbb58
GET /it/u=851152170,873345865&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 51244
expires: Sun, 05 Feb 2023 13:01:51 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: d40fb4750fe126a2c718bcbdfe50bff6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 13:01:51 GMT
ohc-cache-hit: jjct68 [1], csix86 [4]
ohc-file-size: 51244
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2402048221,2607217702&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
182.106.158.35200 OK 12 kB URL HTTP/2 img2.baidu.com/it/u=2402048221,2607217702&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2a7d375be5491b956a158a7f8985d553
f7fd900276cf2b947206468ef54e07549e45ce16
1c2c3d9af94d3cf305103664a0eb330f6d909111ba667c601b37c1475413aa2c
GET /it/u=2402048221,2607217702&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 11782
expires: Mon, 06 Feb 2023 11:41:43 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 2a7d375be5491b956a158a7f8985d553
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 11:41:43 GMT
ohc-cache-hit: jjct55 [1], wzix112 [4]
ohc-file-size: 11782
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1510796482,3884705894&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
182.106.158.35200 OK 28 kB URL HTTP/2 img2.baidu.com/it/u=1510796482,3884705894&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2efb80f2e503bdf223958a97f2044808
b81afce0d2cb51fd3ea56764aad9bdec594e53a7
75ae0d0d4a2ad7b4495620b5af18454fee8e4696af191ad9b745d76c413f34ad
GET /it/u=1510796482,3884705894&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:36 GMT
content-type: image/webp
content-length: 27742
expires: Mon, 23 Jan 2023 15:09:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 2efb80f2e503bdf223958a97f2044808
age: 330433
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 15:09:23 GMT
ohc-cache-hit: jjct65 [4], suzix167 [4]
ohc-file-size: 27742
x-cache-status: HIT
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/536074.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/536074.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/536074.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1838805862,899896644&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=336
4271.url.tudown.com/uploads/images/8058.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/8058.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/8058.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=280205002,3902846692&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225
img0.baidu.com/it/u=3053994392,3801901966&fm=253&fmt=auto?w=120&h=80
182.106.158.35200 OK 1.3 kB URL HTTP/2 img0.baidu.com/it/u=3053994392,3801901966&fm=253&fmt=auto?w=120&h=80
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6148e80dd0a7019d14b8aad9e9dbfbf3
26234f35db0e490c27f8f4393a435d37952fb453
d2972dd5ff60ab7847552c9ab42e11ade46fd30176e435bdcefcf2e1ce6fbf3b
GET /it/u=3053994392,3801901966&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:37 GMT
content-type: image/webp
content-length: 1320
expires: Mon, 23 Jan 2023 03:33:37 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6148e80dd0a7019d14b8aad9e9dbfbf3
age: 953541
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 03:33:37 GMT
ohc-cache-hit: jjct63 [4], suzix127 [4]
ohc-file-size: 1320
x-cache-status: HIT
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/73553.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/73553.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/73553.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=862881684,298576819&fm=253&app=120&f=JPEG?w=1280&h=800
4271.url.tudown.com/uploads/images/843057.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/843057.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/843057.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3137138402,1528065685&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img2.baidu.com/it/u=2873043159,1307328718&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
182.106.158.35200 OK 32 kB URL HTTP/2 img2.baidu.com/it/u=2873043159,1307328718&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd9d526a0fa0a89b121d2e21095e25bb
bc2c570b81d92c19dbdfdb1cfa5d034529b8fde8
ff7f3f3d616c5a81a58ea5cb2a872e5a95d7368c5445e6423dc4810066e70c71
GET /it/u=2873043159,1307328718&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:37 GMT
content-type: image/webp
content-length: 32406
expires: Sat, 11 Feb 2023 07:00:54 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: cd9d526a0fa0a89b121d2e21095e25bb
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 07:00:54 GMT
ohc-cache-hit: jjct67 [1], bdix224 [4]
ohc-file-size: 32406
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/339866.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/339866.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/339866.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1299408251,3851878406&fm=253&fmt=auto?w=720&h=1280
4271.url.tudown.com/uploads/images/437231.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/437231.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/437231.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2114322313,1403268247&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=1838805862,899896644&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=336
220.169.152.35200 OK 8.0 kB URL HTTP/2 img1.baidu.com/it/u=1838805862,899896644&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=336
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 224x336, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 86cc9c4bc865980ea658397c552b94d3
7369b125e91b666e79add328a60ab76551ee43dd
c364a8b699f943951b081f6b45442fd9bac0363788b4968ce39facba287825d7
GET /it/u=1838805862,899896644&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=336 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:37 GMT
content-type: image/webp
content-length: 8002
expires: Wed, 08 Feb 2023 11:29:03 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 86cc9c4bc865980ea658397c552b94d3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 11:29:03 GMT
ohc-cache-hit: yy2ct64 [1], suzix191 [4]
ohc-file-size: 8002
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/507708.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/507708.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/507708.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2618689501,1704384219&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
4271.url.tudown.com/uploads/images/92342.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/92342.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/92342.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3797595483,3910155486&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
bdcode.2345.com/js/logo/css/logo-sm.css
42.81.8.130200 OK 783 B URL HTTP/2 bdcode.2345.com/js/logo/css/logo-sm.css
IP 42.81.8.130:0
File type ASCII text, with very long lines (2128), with no line terminators
Hash 621b3563f1231de3a058fa25980064be
c2575c8110cbaba0c87c543fabf7c592789ad67f
37944a5c3981b16d6a498a7dc9427edcd64c1752e6728c5323525bc400efc8d6
GET /js/logo/css/logo-sm.css HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: text/css
date: Mon, 23 Jan 2023 03:14:37 GMT
etag: W/"636c7531-850"
expires: Mon, 23 Jan 2023 04:14:37 GMT
last-modified: Thu, 10 Nov 2022 03:51:13 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c1622d25f61c37e5-143
content-length: 783
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/714053.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/714053.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/714053.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2235785770,892180826&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=932
4271.url.tudown.com/uploads/images/879357.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/879357.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/879357.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=671213229,2198456729&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
img0.baidu.com/it/u=1488390620,817452110&fm=253&fmt=auto&app=138&f=GIF?w=630&h=500
182.106.158.35200 OK 215 kB URL HTTP/2 img0.baidu.com/it/u=1488390620,817452110&fm=253&fmt=auto&app=138&f=GIF?w=630&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type GIF image data, version 89a, 630 x 500\012- data
Size 215 kB (215232 bytes)
Hash c988ab06aca284055176781c37d8c132
99e41e755a6ed459780cc8a7a856c7321e54e024
82e9e57e1071e33299e700bf49db825719d7ada1e112bdc71c92221972523892
GET /it/u=1488390620,817452110&fm=253&fmt=auto&app=138&f=GIF?w=630&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:37 GMT
content-type: image/gif
content-length: 215232
expires: Sun, 19 Feb 2023 17:28:09 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: c988ab06aca284055176781c37d8c132
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 17:28:09 GMT
ohc-cache-hit: jjct72 [2], xaix208 [2]
ohc-file-size: 215232
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=280205002,3902846692&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225
182.106.158.35200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=280205002,3902846692&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5b79ec28f77ee0a7c756c2afcc755826
9401e80cf68cb2213455a4c5d968a37ee9906c3f
0af36a966df1b9f4a4b4e89ca34f9873d4787979a9d853c551155e83e8e3ff0a
GET /it/u=280205002,3902846692&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:37 GMT
content-type: image/webp
content-length: 13098
expires: Wed, 15 Feb 2023 08:15:37 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 5b79ec28f77ee0a7c756c2afcc755826
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 08:15:37 GMT
ohc-cache-hit: jjct57 [1], qdix88 [4]
ohc-file-size: 13098
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3137138402,1528065685&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
182.106.158.35200 OK 37 kB URL HTTP/2 img0.baidu.com/it/u=3137138402,1528065685&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3da2f8c0d7578561b2b8cc64c395d7c8
0fb1b4cf6de8b1187fdf473861f454cc6eec8fda
5e682f452a22b02161e91e1b982c6530f28e4f71108520eef12485709ff88362
GET /it/u=3137138402,1528065685&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:37 GMT
content-type: image/webp
content-length: 36664
expires: Thu, 09 Feb 2023 12:51:11 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 3da2f8c0d7578561b2b8cc64c395d7c8
age: 961807
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 12:51:11 GMT
ohc-cache-hit: jjct72 [4], suzix229 [2]
ohc-file-size: 36664
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1299408251,3851878406&fm=253&fmt=auto?w=720&h=1280
220.169.152.35200 OK 50 kB URL HTTP/2 img1.baidu.com/it/u=1299408251,3851878406&fm=253&fmt=auto?w=720&h=1280
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 720x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2a0c9468fb1872ea6baffac91427bc0
d94fb9c12f4c09c3e2b79e717d004fde17cb1320
c3965c0c20447d7f1ea7da37c017f6330e808aac488ca8c0df74088696ece5b9
GET /it/u=1299408251,3851878406&fm=253&fmt=auto?w=720&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:37 GMT
content-type: image/webp
content-length: 50060
expires: Wed, 01 Feb 2023 10:48:22 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: d2a0c9468fb1872ea6baffac91427bc0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 10:48:22 GMT
ohc-cache-hit: yy2ct52 [1], csix80 [4]
ohc-file-size: 50060
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=2114322313,1403268247&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 88 kB URL HTTP/1.1 t15.baidu.com/it/u=2114322313,1403268247&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b6985bcdccdcc34ab1989a8b830b7046
7c4280cf3b3bb1618f2edb0bb6695e439bb6ef93
8b43649b19b78bc6aea89db01510f6c2b09855b0c459566dac2ad90d2af9aea5
GET /it/u=2114322313,1403268247&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpeg
Content-Length: 87749
Connection: keep-alive
Expires: Sat, 04 Feb 2023 15:14:45 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: b6985bcdccdcc34ab1989a8b830b7046
Age: 972132
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 15:14:45 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache52 [4], czix99 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 87749
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/69049.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/69049.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/69049.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1746872965,3637405754&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
img2.baidu.com/it/u=1195511623,932910324&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
220.169.152.35200 OK 19 kB URL HTTP/1.1 img2.baidu.com/it/u=1195511623,932910324&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45f2d2b42361cef3af824089a172c393
359cc2263c667158c52aa149884d96be91045feb
33d60b61177177679700d93a8c6cb33d09134bf6b5006af24023b0b15d0056f7
GET /it/u=1195511623,932910324&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/webp
Content-Length: 18574
Connection: keep-alive
Expires: Mon, 20 Feb 2023 21:48:52 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 45f2d2b42361cef3af824089a172c393
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 21:48:52 GMT
Ohc-Cache-HIT: yy2ct51 [1], czix102 [2]
Ohc-File-Size: 18574
X-Cache-Status: MISS
4271.url.tudown.com/uploads/images/138948.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/138948.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/138948.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1042137785,97969021&fm=253&fmt=auto&app=138&f=JPEG?w=596&h=500
cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
182.106.158.35200 OK 4.5 kB URL HTTP/2 cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type PNG image data, 44 x 984, 8-bit colormap, non-interlaced\012- data
Hash 3e2d110dd13ae372eac3c04347687487
666c77091671206a1ee7202bfa821afa63dfed94
4b86aeb9d139835e6517cef965d3442d8efca774abc2d6befc580ec63aace62e
GET /cpro/ui/noexpire/img/2.0.0/native_ad.png HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:37 GMT
content-type: image/png
content-length: 4514
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 01 Apr 2022 07:05:03 GMT
etag: "6246a41f-11a2"
cache-control: max-age=315360000
age: 2605835
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Tue, 21 Jun 2022 04:49:12 GMT
ohc-cache-hit: jjct60 [2], wzix60 [2]
ohc-file-size: 4514
x-cache-status: HIT
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/717040.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/717040.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/717040.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3610116471,2639487273&fm=253&app=120&f=JPEG?w=1280&h=800
4271.url.tudown.com/uploads/images/10845.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/10845.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/10845.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3892276928,2071996742&fm=253&app=138&f=JPEG?w=500&h=889
4271.url.tudown.com/uploads/images/186782.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/186782.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/186782.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=791619651,1314926490&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
4271.url.tudown.com/uploads/images/111971.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/111971.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/111971.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1192956693,306220319&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
img2.baidu.com/it/u=3797595483,3910155486&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
182.106.158.35200 OK 83 kB URL HTTP/2 img2.baidu.com/it/u=3797595483,3910155486&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a67d54c1527e2edc5ab8c12f991836d
22a469a07b851ad41290f65145af97dbf8ade105
3c6a0647e45d9bfea387fafbcd359d5808149debca60bf96dda78fd42c1696a3
GET /it/u=3797595483,3910155486&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:37 GMT
content-type: image/webp
content-length: 82568
expires: Mon, 20 Feb 2023 09:31:06 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1a67d54c1527e2edc5ab8c12f991836d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 09:31:06 GMT
ohc-cache-hit: jjct55 [2], bdix88 [2]
ohc-file-size: 82568
x-cache-status: MISS
X-Firefox-Spdy: h2
sofire.baidu.com/h5/t/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://4271.url.tudown.com/
Origin: http://4271.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://4271.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Mon, 23 Jan 2023 03:14:37 GMT
X-Firefox-Spdy: h2
wn.pos.baidu.com/adx.php?c=d25pZD1kMjIwMTUwM2UzNGVhMGRkAHM9ZDIyMDE1MDNlMzRlYTBkZAB0PTE2NzQ0NDM2NzYAc2U9MQBidT00AHByaWNlPVk4MzduQUFCX2psN2pFcGdXNUlBOHA0V1RBVmZkSGVtSXlIS0lBAGNoYXJnZV9wcmljZT0zNABzaGFyaW5nX3ByaWNlPTM0MDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0xNjYyNjQyMzg4AHR1PXU0OTY1ODk0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZODM3bkFBQl9qbDdqRXBnVzVJQThwNFdUQVZmZEhlbUl5SEtJQQBiY2htZD0wAHRtPTAAdj0xAGk9NGNlNTJmMTE
182.61.62.32200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD1kMjIwMTUwM2UzNGVhMGRkAHM9ZDIyMDE1MDNlMzRlYTBkZAB0PTE2NzQ0NDM2NzYAc2U9MQBidT00AHByaWNlPVk4MzduQUFCX2psN2pFcGdXNUlBOHA0V1RBVmZkSGVtSXlIS0lBAGNoYXJnZV9wcmljZT0zNABzaGFyaW5nX3ByaWNlPTM0MDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0xNjYyNjQyMzg4AHR1PXU0OTY1ODk0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZODM3bkFBQl9qbDdqRXBnVzVJQThwNFdUQVZmZEhlbUl5SEtJQQBiY2htZD0wAHRtPTAAdj0xAGk9NGNlNTJmMTE
IP 182.61.62.32:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD1kMjIwMTUwM2UzNGVhMGRkAHM9ZDIyMDE1MDNlMzRlYTBkZAB0PTE2NzQ0NDM2NzYAc2U9MQBidT00AHByaWNlPVk4MzduQUFCX2psN2pFcGdXNUlBOHA0V1RBVmZkSGVtSXlIS0lBAGNoYXJnZV9wcmljZT0zNABzaGFyaW5nX3ByaWNlPTM0MDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0xNjYyNjQyMzg4AHR1PXU0OTY1ODk0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZODM3bkFBQl9qbDdqRXBnVzVJQThwNFdUQVZmZEhlbUl5SEtJQQBiY2htZD0wAHRtPTAAdj0xAGk9NGNlNTJmMTE HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Mon, 23 Jan 2023 03:14:37 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=E1078D6403364FF473E0F2B3291CDBAC:FG=1; expires=Tue, 23-Jan-24 03:14:37 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
img0.baidu.com/it/u=1042137785,97969021&fm=253&fmt=auto&app=138&f=JPEG?w=596&h=500
182.106.158.35200 OK 29 kB URL HTTP/2 img0.baidu.com/it/u=1042137785,97969021&fm=253&fmt=auto&app=138&f=JPEG?w=596&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 596x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec388e00af69df775ad1b58ade37a3ff
44fca4316e63b3a44efdf39fa0e1cbee801128f8
5e9fc39a7ec1c68261a4a4643a6961598fd0c7f8c5b0e01987a51109d86f1aa7
GET /it/u=1042137785,97969021&fm=253&fmt=auto&app=138&f=JPEG?w=596&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:37 GMT
content-type: image/webp
content-length: 29126
expires: Sat, 11 Feb 2023 15:04:16 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: ec388e00af69df775ad1b58ade37a3ff
age: 169365
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 15:04:16 GMT
ohc-cache-hit: jjct51 [4], wzix119 [4]
ohc-file-size: 29126
x-cache-status: HIT
X-Firefox-Spdy: h2
sofire.baidu.com/h5/e/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/e/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/e/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://4271.url.tudown.com/
Origin: http://4271.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://4271.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Mon, 23 Jan 2023 03:14:37 GMT
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/312970.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/312970.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/312970.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500
4271.url.tudown.com/uploads/images/131295.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/131295.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/131295.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3803903364,1841439637&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
img2.baidu.com/it/u=862881684,298576819&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 109 kB URL HTTP/1.1 img2.baidu.com/it/u=862881684,298576819&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 109 kB (108817 bytes)
Hash aa626e4a7f4128aca59a34e484e1b649
43cd70f6128af14672288f5788a8d123710bc9a0
d54ea46335b5397aac0fa92ec1546f023c8666dbfc8dc20b6d5489fef68b767b
GET /it/u=862881684,298576819&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:37 GMT
Content-Type: image/jpeg
Content-Length: 108817
Connection: keep-alive
Expires: Thu, 09 Feb 2023 09:45:02 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: aa626e4a7f4128aca59a34e484e1b649
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 09:45:02 GMT
Ohc-Cache-HIT: yy2ct77 [1], wzix108 [2]
Ohc-File-Size: 108817
X-Cache-Status: MISS
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b9223f8c416b21dd38558000f0e5ff616adfd83c&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&t=1674443675222&r=init
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b9223f8c416b21dd38558000f0e5ff616adfd83c&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&t=1674443675222&r=init
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b9223f8c416b21dd38558000f0e5ff616adfd83c&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&t=1674443675222&r=init HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Mon, 23 Jan 2023 03:14:37 GMT
content-length: 0
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/60441.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/60441.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/60441.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1679225885,2853966471&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
4271.url.tudown.com/uploads/images/169105.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/169105.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/169105.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1214047760,4014093800&fm=224&app=112&f=JPEG?w=500&h=500
4271.url.tudown.com/uploads/images/893065.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/893065.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/893065.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=685579189,1283811002&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
img1.baidu.com/it/u=671213229,2198456729&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
220.169.152.35200 OK 3.6 kB URL HTTP/2 img1.baidu.com/it/u=671213229,2198456729&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 220x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash afb7f72012d656dcd925d27419b3ea1e
d023466001950e21b8e6eb82043b384779cf5412
755b246ed8e03c3c1f93783a7c131642667545e38a681a3cbae83f0ca6a40b83
GET /it/u=671213229,2198456729&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 3556
expires: Fri, 27 Jan 2023 04:24:13 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: afb7f72012d656dcd925d27419b3ea1e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 04:24:13 GMT
ohc-cache-hit: yy2ct51 [1], suzix215 [2]
ohc-file-size: 3556
x-cache-status: MISS
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/545824.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/545824.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/545824.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3179937709,508587875&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1280
img2.baidu.com/it/u=791619651,1314926490&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
182.106.158.35200 OK 31 kB URL HTTP/2 img2.baidu.com/it/u=791619651,1314926490&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 375x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 37a456b4647054fc9fedb28f4f3f2662
20bfee4500b79877a1565af3ff567935cd1e450b
df03ea394fc1f908befe5ac76a71d734d3cd89e711b9f72cee3cec9542555c3a
GET /it/u=791619651,1314926490&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 30672
expires: Tue, 07 Feb 2023 19:48:32 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 37a456b4647054fc9fedb28f4f3f2662
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 19:48:32 GMT
ohc-cache-hit: jjct50 [1], csix106 [2]
ohc-file-size: 30672
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2235785770,892180826&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=932
220.169.152.35200 OK 39 kB URL HTTP/2 img1.baidu.com/it/u=2235785770,892180826&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=932
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x932, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 23c400a96b0ee94b4e9e88c14925ce0e
f34978a627edda3b7e0f86beb26c003a129819d7
ff123b3fb4c496508a6df90b968ff549dc9d26148e1228139d077abdc6f382c4
GET /it/u=2235785770,892180826&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=932 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 38674
expires: Mon, 20 Feb 2023 02:33:12 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 23c400a96b0ee94b4e9e88c14925ce0e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 02:33:12 GMT
ohc-cache-hit: yy2ct57 [1], qdix57 [2]
ohc-file-size: 38674
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1214047760,4014093800&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 54 kB URL HTTP/1.1 t14.baidu.com/it/u=1214047760,4014093800&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash eabfe3c7f9aae8669a0c5a1c7edbe656
dfc586e81a6cb2a217b1890c5356c4306c7a336c
54738ce67a23451a1af52c2c098ab0539256fa3a72a6d41d3ccb3b90f8c645ec
GET /it/u=1214047760,4014093800&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpeg
Content-Length: 54331
Connection: keep-alive
Expires: Tue, 07 Feb 2023 04:29:05 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: eabfe3c7f9aae8669a0c5a1c7edbe656
Age: 972008
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 04:29:05 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache59 [1], xiangyix88 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 54331
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=2618689501,1704384219&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
220.169.152.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=2618689501,1704384219&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 43cc86d4260ccd4f8e440d61bedb4d5f
562e49b55890ab4ba6d9bbd567f89a87f4effa9c
35198f4ecc9b342955f981be580b90ea6744824bd6151526a1a8fcd39e8c807b
GET /it/u=2618689501,1704384219&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 26778
expires: Tue, 07 Feb 2023 18:14:40 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 43cc86d4260ccd4f8e440d61bedb4d5f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 18:14:40 GMT
ohc-cache-hit: yy2ct64 [1], bdix131 [4]
ohc-file-size: 26778
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3892276928,2071996742&fm=253&app=138&f=JPEG?w=500&h=889
220.169.152.35200 OK 43 kB URL HTTP/1.1 img1.baidu.com/it/u=3892276928,2071996742&fm=253&app=138&f=JPEG?w=500&h=889
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash 3a15832bacd4b656b7167c1d444d13e2
52b77df86a23c03d054e6e36f378a9d011c1eafd
bdae3f3899f0234ed2a805a2c341e220d9ed04fcff42ee392513fd7a0e4dcd6a
GET /it/u=3892276928,2071996742&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpeg
Content-Length: 42812
Connection: keep-alive
Expires: Wed, 15 Feb 2023 02:47:41 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 3a15832bacd4b656b7167c1d444d13e2
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 02:47:41 GMT
Ohc-Cache-HIT: yy2ct50 [1], xaix120 [2]
Ohc-File-Size: 42812
X-Cache-Status: MISS
wn.pos.baidu.com/adx.php?c=d25pZD1mMWVkOWVhYjNhNjAwNDRiAHM9ZjFlZDllYWIzYTYwMDQ0YgB0PTE2NzQ0NDM2NzYAc2U9MQBidT00AHByaWNlPVk4MzduQUFCY3VSN2pFcGdXNUlBOHVWUTlwUjNmazFKandkRWtBAGNoYXJnZV9wcmljZT0xAHNoYXJpbmdfcHJpY2U9MTAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MTU4OTg4NzcyNQB0dT11NTAzOTUyNABhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz0xAGVpZD0wAGNiaWQ9WTgzN25BQUJjdVI3akVwZ1c1SUE4dVZROXBSM2ZrMUpqd2RFa0EAYmNobWQ9MAB0bT0wAHY9MQBpPTljZTZjMTcx
182.61.62.32200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD1mMWVkOWVhYjNhNjAwNDRiAHM9ZjFlZDllYWIzYTYwMDQ0YgB0PTE2NzQ0NDM2NzYAc2U9MQBidT00AHByaWNlPVk4MzduQUFCY3VSN2pFcGdXNUlBOHVWUTlwUjNmazFKandkRWtBAGNoYXJnZV9wcmljZT0xAHNoYXJpbmdfcHJpY2U9MTAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MTU4OTg4NzcyNQB0dT11NTAzOTUyNABhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz0xAGVpZD0wAGNiaWQ9WTgzN25BQUJjdVI3akVwZ1c1SUE4dVZROXBSM2ZrMUpqd2RFa0EAYmNobWQ9MAB0bT0wAHY9MQBpPTljZTZjMTcx
IP 182.61.62.32:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD1mMWVkOWVhYjNhNjAwNDRiAHM9ZjFlZDllYWIzYTYwMDQ0YgB0PTE2NzQ0NDM2NzYAc2U9MQBidT00AHByaWNlPVk4MzduQUFCY3VSN2pFcGdXNUlBOHVWUTlwUjNmazFKandkRWtBAGNoYXJnZV9wcmljZT0xAHNoYXJpbmdfcHJpY2U9MTAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MTU4OTg4NzcyNQB0dT11NTAzOTUyNABhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGxvYz0xAGVpZD0wAGNiaWQ9WTgzN25BQUJjdVI3akVwZ1c1SUE4dVZROXBSM2ZrMUpqd2RFa0EAYmNobWQ9MAB0bT0wAHY9MQBpPTljZTZjMTcx HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Mon, 23 Jan 2023 03:14:38 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=B88BB93BA13DEBAF3CBA25C0C1C07DFC:FG=1; expires=Tue, 23-Jan-24 03:14:38 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
img1.baidu.com/it/u=1746872965,3637405754&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
220.169.152.35200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=1746872965,3637405754&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c666929b0568d2760b80348ffee6491b
d0dc5e1eed673824ff9e2527070f0708cff9d85b
43968aea8889d33753955c6e867d3b2ce5e0829b386ef85d66362dc58fdf6cf3
GET /it/u=1746872965,3637405754&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 16820
expires: Wed, 22 Feb 2023 01:37:14 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: c666929b0568d2760b80348ffee6491b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:37:14 GMT
ohc-cache-hit: yy2ct70 [1], suzix221 [4]
ohc-file-size: 16820
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1192956693,306220319&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
220.169.152.35200 OK 18 kB URL HTTP/2 img1.baidu.com/it/u=1192956693,306220319&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00c2b770cc6f26684187925e9ddbc3ef
e25246453d75ea129e9953126b3d175129303d58
b1677bcb100908cd08cd258323570dc02df0b88d880cc0eee04b7a240fedbbdb
GET /it/u=1192956693,306220319&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 18472
expires: Tue, 14 Feb 2023 08:23:16 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 00c2b770cc6f26684187925e9ddbc3ef
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 08:23:16 GMT
ohc-cache-hit: yy2ct57 [1], wzix57 [4]
ohc-file-size: 18472
x-cache-status: MISS
X-Firefox-Spdy: h2
sofire.baidu.com/h5/t/8800
36.110.192.156200 OK 591 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with very long lines (591), with no line terminators
Hash 02c0de3468f53c5df5359a276b743032
5b13c250ca4c29edc54b3c69eb4ba36438084ff9
dce74ed4ec55d9bb74be672d396175a9e2299163ed525934bec857892858fe1a
POST /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
X-Bdh5-Pf: 1
Content-Length: 3642
Origin: http://4271.url.tudown.com
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://4271.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Mon, 23 Jan 2023 03:14:38 GMT
content-length: 591
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500
182.106.158.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c521d95ec65fb91c8caa3407c3665104
e5dbcbaed7de685725c53afcc1d529472b60f550
b33b1929f06c2bd207d78623bb71c07e423fddaab7d5fbe65b45b421d5cd5a2e
GET /it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 17046
expires: Mon, 23 Jan 2023 04:30:42 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: c521d95ec65fb91c8caa3407c3665104
age: 953551
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 04:30:42 GMT
ohc-cache-hit: jjct70 [4], xiangyix145 [4]
ohc-file-size: 17046
x-cache-status: HIT
X-Firefox-Spdy: h2
sofire.baidu.com/h5/e/8800
36.110.192.156200 OK 77 B URL HTTP/2 sofire.baidu.com/h5/e/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 3c018af5074e61a4c9f9dc0f6385682f
6adefaf379b6e4816e57b4dbba27f2c24e2b1335
6870f54b5a4a0e69bf6595173b8dcc7e6c86e66d47593cfcbd4cc54af8ce4ec3
POST /h5/e/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Bdh5-Pf: 1
Origin: http://4271.url.tudown.com
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://4271.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Mon, 23 Jan 2023 03:14:38 GMT
content-length: 77
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3803903364,1841439637&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
220.169.152.35200 OK 31 kB URL HTTP/2 img1.baidu.com/it/u=3803903364,1841439637&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x754, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ecc09a4da7a2018a540b1bb47e4ef57
8dd46d671ef4b92d8ff13d061b899b9b0403c061
3ae7ccbd038e2f074890d92bf2abd10fcfbdbb10743a508b60397f5bb60effa6
GET /it/u=3803903364,1841439637&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 30830
expires: Sat, 18 Feb 2023 04:48:24 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 8ecc09a4da7a2018a540b1bb47e4ef57
age: 210560
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 04:48:24 GMT
ohc-cache-hit: yy2ct51 [4], suzix169 [2]
ohc-file-size: 30830
x-cache-status: HIT
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/271119.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/271119.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/271119.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3695860788,2767676066&fm=253&app=138&f=JPEG?w=800&h=500
4271.url.tudown.com/uploads/images/289967.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/289967.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/289967.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=272208934,1316878114&fm=253&fmt=auto&app=138&f=BMP?w=507&h=293
img2.baidu.com/it/u=1679225885,2853966471&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
182.106.158.35200 OK 36 kB URL HTTP/2 img2.baidu.com/it/u=1679225885,2853966471&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65a5c4812ac781dfeafaed80443bb352
76e5d4aa80f6fe286fd35ea124a6d6313f999561
2d97ca73c99ef5eda7932402a7f6f7a263196b402c076905c773c592ebc517be
GET /it/u=1679225885,2853966471&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 36178
expires: Wed, 22 Feb 2023 02:45:20 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 65a5c4812ac781dfeafaed80443bb352
age: 1758
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:45:20 GMT
ohc-cache-hit: jjct70 [4], czix139 [2]
ohc-file-size: 36178
x-cache-status: HIT
X-Firefox-Spdy: h2
4271.url.tudown.com/uploads/images/209599.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/209599.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/209599.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=951290064,2424471723&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=551
4271.url.tudown.com/uploads/images/549792.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/549792.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/549792.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=488473286,2439975136&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=400
4271.url.tudown.com/uploads/images/957277.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/957277.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/957277.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1276975459,2382201758&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
4271.url.tudown.com/uploads/images/167145.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/167145.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/167145.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1183675996,337122138&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=3179937709,508587875&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1280
220.169.152.35200 OK 97 kB URL HTTP/2 img1.baidu.com/it/u=3179937709,508587875&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1280
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a28d4f94d0cb588d279dc25b146c29c4
c69d0c524e79235c145e85aa669c92bf9b8897cc
52ffc68dae0cb938d82205e0dd9550cfdd0b64dbbd53bba076d003ff0b1a30e1
GET /it/u=3179937709,508587875&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 97086
expires: Thu, 02 Feb 2023 03:47:24 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: a28d4f94d0cb588d279dc25b146c29c4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 03:47:24 GMT
ohc-cache-hit: yy2ct56 [1], csix56 [2]
ohc-file-size: 97086
x-cache-status: MISS
X-Firefox-Spdy: h2
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b9223f8c416b21dd38558000f0e5ff616adfd83c&9=0&10=1&11=1852&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&t=1674443677108&r=lo
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b9223f8c416b21dd38558000f0e5ff616adfd83c&9=0&10=1&11=1852&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&t=1674443677108&r=lo
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b9223f8c416b21dd38558000f0e5ff616adfd83c&9=0&10=1&11=1852&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F4271.url.tudown.com%2Fdown%2F%25E6%258B%25BC%25E9%259F%25B3%25E6%2589%2593%25E5%25AD%2597%25E7%25BB%2583%25E4%25B9%25A0%2520v2017.3%2520-%2520%25E5%25B0%258F%25E5%25AD%25A6%25E7%2594%259F%25E7%2594%25B5%25E8%2584%2591%25E6%2589%2593%25E5%25AD%2597%25E5%25AD%25A6%25E4%25B9%25A0%4067_137887.exe&t=1674443677108&r=lo HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Mon, 23 Jan 2023 03:14:38 GMT
content-length: 0
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3695860788,2767676066&fm=253&app=138&f=JPEG?w=800&h=500
220.169.152.35200 OK 70 kB URL HTTP/1.1 img1.baidu.com/it/u=3695860788,2767676066&fm=253&app=138&f=JPEG?w=800&h=500
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash b9c425cadab90fe2f59fd2e873db00a4
128d4b541462eae7d1fc1cff427aeff815d61fa4
5629cf882b1527444494e5b446793c3c880a94b9c6e9fd21b5f068f9cf833952
GET /it/u=3695860788,2767676066&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpeg
Content-Length: 70213
Connection: keep-alive
Expires: Wed, 25 Jan 2023 12:58:53 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: b9c425cadab90fe2f59fd2e873db00a4
Age: 46223
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 12:58:53 GMT
Ohc-Cache-HIT: yy2ct51 [4], bdix94 [2]
Ohc-File-Size: 70213
X-Cache-Status: HIT
4271.url.tudown.com/uploads/images/988685.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/988685.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/988685.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=666737080,3387737094&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=1138
eclick.baidu.com/se.jpg?type=tc&di=u4965894&t2=2720&ft=pc&af=1&dis=0&fs=0&ver=1221&rdm=1674443676379
110.242.68.137200 OK 43 B URL HTTP/1.1 eclick.baidu.com/se.jpg?type=tc&di=u4965894&t2=2720&ft=pc&af=1&dis=0&fs=0&ver=1221&rdm=1674443676379
IP 110.242.68.137:0
ASN #4837 CHINA UNICOM China169 Backbone
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /se.jpg?type=tc&di=u4965894&t2=2720&ft=pc&af=1&dis=0&fs=0&ver=1221&rdm=1674443676379 HTTP/1.1
Host: eclick.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 23 Jan 2023 03:14:38 GMT
Expires: Mon, 23 Jan 2023 03:14:38 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
4271.url.tudown.com/uploads/images/163737.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/163737.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/163737.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3522020323,4254817507&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=272208934,1316878114&fm=253&fmt=auto&app=138&f=BMP?w=507&h=293
220.169.152.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=272208934,1316878114&fm=253&fmt=auto&app=138&f=BMP?w=507&h=293
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 507x293, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c3b60d6ff82851fe31d52e99874995c4
fa3e2d2dcce8bbff42382ac8211571e3cb62583a
abcd7c86f961200892626a83762b9d82ccf2fb7f99e5d549fb0f0f0a9cebc195
GET /it/u=272208934,1316878114&fm=253&fmt=auto&app=138&f=BMP?w=507&h=293 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 19936
expires: Wed, 22 Feb 2023 02:59:51 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: c3b60d6ff82851fe31d52e99874995c4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:59:51 GMT
ohc-cache-hit: yy2ct53 [1], qdix122 [2]
ohc-file-size: 19936
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=3522020323,4254817507&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 47 kB URL HTTP/1.1 t13.baidu.com/it/u=3522020323,4254817507&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ad27e15c1264bedc64c2134023b7c3e4
6dca8fbea3cfec24af513a15b11e659b28fde11b
d3ca013c75cb40a564effdbc3d22b7225c967593450490857c2c844161984986
GET /it/u=3522020323,4254817507&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpeg
Content-Length: 47261
Connection: keep-alive
Expires: Fri, 27 Jan 2023 15:10:30 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: ad27e15c1264bedc64c2134023b7c3e4
Age: 1555067
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 15:10:30 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache56 [1], czix56 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 47261
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/27409.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/27409.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/27409.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3321200371,2904499352&fm=224&app=112&f=JPEG?w=500&h=333
4271.url.tudown.com/uploads/images/114831.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/114831.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/114831.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2637808973,1505753324&fm=253&app=120&f=JPEG?w=1280&h=800
4271.url.tudown.com/uploads/images/670700.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/670700.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/670700.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=309650916,1771122032&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=3321200371,2904499352&fm=224&app=112&f=JPEG?w=500&h=333
185.10.104.124200 OK 29 kB URL HTTP/1.1 t14.baidu.com/it/u=3321200371,2904499352&fm=224&app=112&f=JPEG?w=500&h=333
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x333, components 3\012- data
Hash 6136dca86ce443975f04ee4b4f186c12
1607921db4d0a3b538284808214382f7efc71641
6b0d04985a73ce2e37ebc532f29129282fd0ce1ee6b38d33c7c830975f197c06
GET /it/u=3321200371,2904499352&fm=224&app=112&f=JPEG?w=500&h=333 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpeg
Content-Length: 29293
Connection: keep-alive
Expires: Tue, 07 Feb 2023 00:52:00 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 6136dca86ce443975f04ee4b4f186c12
Age: 972487
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 00:52:00 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache65 [1], czix241 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 29293
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/264433.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/264433.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/264433.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=729021492,696498165&fm=253&app=120&f=JPEG?w=1280&h=800
t15.baidu.com/it/u=309650916,1771122032&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 32 kB URL HTTP/1.1 t15.baidu.com/it/u=309650916,1771122032&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash bb3aaa06efba54247208e57504fb20bf
1af254f8493f67b44a146046165d55d8a04f875d
8f2769fb41d64612cc15a138c211927b147d509edaea28b2b9a6d93bffedd59a
GET /it/u=309650916,1771122032&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpeg
Content-Length: 32335
Connection: keep-alive
Expires: Sun, 29 Jan 2023 02:51:31 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: bb3aaa06efba54247208e57504fb20bf
Age: 2074987
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 30 Dec 2022 02:51:30 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache64 [1], czix202 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 32335
X-Cache-Status: HIT
Timing-Allow-Origin: *
4271.url.tudown.com/uploads/images/504043.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/504043.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/504043.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=923876473,62210316&fm=253&app=138&f=JPEG?w=500&h=800
img0.baidu.com/it/u=951290064,2424471723&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=551
182.106.158.35200 OK 8.1 kB URL HTTP/2 img0.baidu.com/it/u=951290064,2424471723&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=551
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x551, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e0de25fc80eb9c929bd34846f392407e
144309d8a221cb14772d2a87542c1783b46aa7ac
5f66752e8a1534a66d26ba0e9c13cd32371c921b589497701684b6dc4afa70c1
GET /it/u=951290064,2424471723&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=551 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 8146
expires: Sun, 05 Feb 2023 09:08:08 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: e0de25fc80eb9c929bd34846f392407e
age: 799412
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 09:08:08 GMT
ohc-cache-hit: jjct59 [4], czix136 [2]
ohc-file-size: 8146
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=488473286,2439975136&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=400
182.106.158.35200 OK 30 kB URL HTTP/2 img0.baidu.com/it/u=488473286,2439975136&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=400
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 349x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 13151e80bd2bc68837d89c8c314f98ea
58a74e8ff749747b03f0c9ed48ae5d9c1ab6577d
432646d5ddb723c144f55ab474b71876c5dff8edc8f236ce6fb20e3f3a2d1d28
GET /it/u=488473286,2439975136&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 30068
expires: Wed, 22 Feb 2023 02:45:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 13151e80bd2bc68837d89c8c314f98ea
age: 1755
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:45:23 GMT
ohc-cache-hit: jjct63 [4], bdix144 [2]
ohc-file-size: 30068
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 26d27425f3b3b28c293c532ed36a51fc
e91a3aba3f738ea0c9b759f171a661d3595ad134
f85142701680c43fe4c60498b534b1ff8a2b20e6a041eb0128690e2172016945
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 23 Jan 2023 03:14:39 GMT
Ali-Swift-Global-Savetime: 1674443679
Via: cache2.l2de2[47,46,200-0,M], cache2.l2de2[47,0], cache7.se1[68,67,200-0,M], cache7.se1[70,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 03:14:39 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16744436790176729e
4271.url.tudown.com/uploads/images/841096.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/841096.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/841096.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2860831130,3346658070&fm=253&fmt=auto?w=800&h=1280
img2.baidu.com/it/u=1183675996,337122138&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
182.106.158.35200 OK 43 kB URL HTTP/2 img2.baidu.com/it/u=1183675996,337122138&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e1903b901a9a40f0cd1134b4f4b3be6
eaa339072321a252a0fa2736f8a5aba447c39975
2e714dd072f6e91785a8dfab5cbdb7fc05c5ba1bef81930fa99e7675e7de3546
GET /it/u=1183675996,337122138&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 43038
expires: Tue, 31 Jan 2023 10:50:57 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1e1903b901a9a40f0cd1134b4f4b3be6
age: 1758
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 10:50:57 GMT
ohc-cache-hit: jjct63 [4], csix106 [4]
ohc-file-size: 43038
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 26d27425f3b3b28c293c532ed36a51fc
e91a3aba3f738ea0c9b759f171a661d3595ad134
f85142701680c43fe4c60498b534b1ff8a2b20e6a041eb0128690e2172016945
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 23 Jan 2023 03:14:39 GMT
Last-Modified: Sun, 22 Jan 2023 15:48:36 GMT
ETag: "63cd5ad4-1d7"
Expires: Tue, 24 Jan 2023 15:48:36 GMT
Cache-Control: max-age=131637
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674443679
Via: cache9.l2de2[51,50,200-0,M], cache9.l2de2[52,0], cache5.se1[73,72,200-0,M], cache5.se1[74,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 03:14:39 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916744436790224067e
img0.baidu.com/it/u=685579189,1283811002&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
182.106.158.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=685579189,1283811002&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 31e35930d9a3974a885db556fe3c1522
3d50996b24f996fc39b0fd2f242217bcf9da6cb4
cd8ee30272ae46bbfc672a958aa5241278841901cfda60534bd316abea8085cf
GET /it/u=685579189,1283811002&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 17248
expires: Tue, 07 Feb 2023 06:49:44 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 31e35930d9a3974a885db556fe3c1522
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 06:49:44 GMT
ohc-cache-hit: jjct64 [1], suzix169 [4]
ohc-file-size: 17248
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3610116471,2639487273&fm=253&app=120&f=JPEG?w=1280&h=800
182.106.158.35200 OK 191 kB URL HTTP/1.1 img0.baidu.com/it/u=3610116471,2639487273&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 191 kB (191188 bytes)
Hash 5128ef579f4f80d7b8daeac0a33b8eee
a8af18abe00dc421b2872a9c8144c8885e252104
f39a68d74628844bca7b1e0476f8622591bdcd24263f4f20729a961d6a970a20
GET /it/u=3610116471,2639487273&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:38 GMT
Content-Type: image/jpeg
Content-Length: 191188
Connection: keep-alive
Expires: Tue, 07 Feb 2023 15:06:01 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: 5128ef579f4f80d7b8daeac0a33b8eee
Age: 953543
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 15:06:01 GMT
Ohc-Cache-HIT: jjct66 [3], xaix131 [4]
Ohc-File-Size: 191188
X-Cache-Status: HIT
img2.baidu.com/it/u=1276975459,2382201758&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
182.106.158.35200 OK 59 kB URL HTTP/2 img2.baidu.com/it/u=1276975459,2382201758&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69d4846cd7d548588a8724d49853b4bd
5a4fb63695f24eb06bb5e378f47d6f8d919784d0
bd91c37401a46184f10141ce621971ee351bb9fb9fa5d0abb792ae9b7292204d
GET /it/u=1276975459,2382201758&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:38 GMT
content-type: image/webp
content-length: 59374
expires: Mon, 20 Feb 2023 08:46:48 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 69d4846cd7d548588a8724d49853b4bd
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 08:46:48 GMT
ohc-cache-hit: jjct60 [1], czix189 [2]
ohc-file-size: 59374
x-cache-status: MISS
X-Firefox-Spdy: h2
eclick.baidu.com/rs.jpg?pageSearchId=16744436757080vmhwfmacgar&content=%7BpgSacI%22%226446500mwmca%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F21ultdw.o%2Fon%2568%25CE%25FB%2568%253E%25D9%257B%253E%259A%25021.%250%250E%2508%255A%256E%2549%2579%255E%2549%2568%253E%25D9%255A%256E%259A%407178.x%22%22aeerhd%3A1743778vhfagr%7D%7D%22aeerhd%3A1743778vhfagr%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F47.r.uoncmdw%2FE%25BB%2599%253E%2599%255A%257E%25B8%254B%2502v0732-2%255B%25FE%25DA%2579%25FE%254B%2588%251E%2599%255A%257E%25DA%254B%2506_387ee%2CpgSacI%22%226446500mwmca%22%5D
110.242.68.137200 OK 0 B URL HTTP/1.1 eclick.baidu.com/rs.jpg?pageSearchId=16744436757080vmhwfmacgar&content=%7BpgSacI%22%226446500mwmca%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F21ultdw.o%2Fon%2568%25CE%25FB%2568%253E%25D9%257B%253E%259A%25021.%250%250E%2508%255A%256E%2549%2579%255E%2549%2568%253E%25D9%255A%256E%259A%407178.x%22%22aeerhd%3A1743778vhfagr%7D%7D%22aeerhd%3A1743778vhfagr%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F47.r.uoncmdw%2FE%25BB%2599%253E%2599%255A%257E%25B8%254B%2502v0732-2%255B%25FE%25DA%2579%25FE%254B%2588%251E%2599%255A%257E%25DA%254B%2506_387ee%2CpgSacI%22%226446500mwmca%22%5D
IP 110.242.68.137:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rs.jpg?pageSearchId=16744436757080vmhwfmacgar&content=%7BpgSacI%22%226446500mwmca%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F21ultdw.o%2Fon%2568%25CE%25FB%2568%253E%25D9%257B%253E%259A%25021.%250%250E%2508%255A%256E%2549%2579%255E%2549%2568%253E%25D9%255A%256E%259A%407178.x%22%22aeerhd%3A1743778vhfagr%7D%7D%22aeerhd%3A1743778vhfagr%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F47.r.uoncmdw%2FE%25BB%2599%253E%2599%255A%257E%25B8%254B%2502v0732-2%255B%25FE%25DA%2579%25FE%254B%2588%251E%2599%255A%257E%25DA%254B%2506_387ee%2CpgSacI%22%226446500mwmca%22%5D HTTP/1.1
Host: eclick.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://4271.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: image/jpeg
Date: Mon, 23 Jan 2023 03:14:39 GMT
Etag: "63bd4cfd-0"
Expires: Mon, 23 Jan 2023 03:14:39 GMT
Last-Modified: Tue, 10 Jan 2023 11:33:17 GMT
Server: nginx
4271.url.tudown.com/uploads/images/515807.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/515807.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/515807.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=342880419,17222575&fm=224&app=112&f=JPEG?w=500&h=500
4271.url.tudown.com/uploads/images/326328.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 4271.url.tudown.com/uploads/images/326328.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/326328.jpg HTTP/1.1
Host: 4271.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://4271.url.tudown.com/down/%E6%8B%BC%E9%9F%B3%E6%89%93%E5%AD%97%E7%BB%83%E4%B9%A0%20v2017.3%20-%20%E5%B0%8F%E5%AD%A6%E7%94%9F%E7%94%B5%E8%84%91%E6%89%93%E5%AD%97%E5%AD%A6%E4%B9%A0@67_137887.exe
Cookie: __bid_n=185dc864a8b7f2c1384207; FPTOKEN=tdpsSR5KDbaJlv6M76O8Qo/pk6tUjsdBHgWuwuKDbsTGmv0eRxvMjbRhherKwFkSaYOqiUIHGhXMT0IJikqyPoPVMsm3s5JwkB814sE5gtWlG2H5i8pF/wxY7/EaBMFLd9KbZ+gmvuEYy/0sX9RaisU5vFDDn848WEIHgOs15HN4gb6zZ005eI0rmSywaBFO8xe09DAqrCKkQudx/ZfjJbBr/HzZKSClnv8zVA4Mbq1kgH7+5Hr/iiFDPfy+jIeP7xRJCA6/+PPig/S80Rln2/ich7pXKkpd8Z1VYJGxe69uNNSxEc7DRr5R1o0MRCP+9TUTs5YEqj+U17SPGhgkEOKCTCR/jyk76A5q7QjRnnsmzcHNhDI3+RvfznRrn8ED93cIvVZB8jRjYyKpShp+JQ==|LPp+PBJdO+dx3v6WaiHHCh4oTty1NrKSgV8lu/VDAwM=|10|8c2b658f9c7e3694a51a7b34f8a93f81
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 03:14:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3695049304,218010904&fm=253&app=138&f=JPEG?w=200&h=200
img1.baidu.com/it/u=666737080,3387737094&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=1138
220.169.152.35200 OK 63 kB URL HTTP/2 img1.baidu.com/it/u=666737080,3387737094&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=1138
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x1138, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e1ca6e63435ac56e003e358967343dc7
b5b8fcde7eb58520071af5c6273599d0a4b66209
63fbd5abd8771c3ca80d26829de0e65bca51226c64b6d8120ff848cc117d862d
GET /it/u=666737080,3387737094&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=1138 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:39 GMT
content-type: image/webp
content-length: 62906
expires: Sun, 19 Feb 2023 00:17:21 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: e1ca6e63435ac56e003e358967343dc7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 00:17:21 GMT
ohc-cache-hit: yy2ct73 [1], bdix86 [2]
ohc-file-size: 62906
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=342880419,17222575&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 18 kB URL HTTP/1.1 t13.baidu.com/it/u=342880419,17222575&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f84dba9a03e07ebc1c20bd05f8838a0d
bcebc85d4d1e1b809a7e65ad2f01c7566b754159
3574d497acc1b4f360cf02bc52ae86f82c9fc2f6b282e1233783df7db04eea2c
GET /it/u=342880419,17222575&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:39 GMT
Content-Type: image/jpeg
Content-Length: 18210
Connection: keep-alive
Expires: Tue, 24 Jan 2023 20:34:24 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: f84dba9a03e07ebc1c20bd05f8838a0d
Age: 971068
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 25 Dec 2022 20:34:23 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache63 [1], xiangyix158 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 18210
X-Cache-Status: HIT
Timing-Allow-Origin: *
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 26d27425f3b3b28c293c532ed36a51fc
e91a3aba3f738ea0c9b759f171a661d3595ad134
f85142701680c43fe4c60498b534b1ff8a2b20e6a041eb0128690e2172016945
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 23 Jan 2023 03:14:39 GMT
Ali-Swift-Global-Savetime: 1674443679
Via: cache25.l2de2[189,189,200-0,M], cache25.l2de2[190,0], cache3.se1[212,212,200-0,M], cache3.se1[213,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 03:14:39 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716744436790204136e
img1.baidu.com/it/u=2637808973,1505753324&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 166 kB URL HTTP/1.1 img1.baidu.com/it/u=2637808973,1505753324&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 166 kB (166027 bytes)
Hash f9692a89ca67e5f3a190091073638ecf
d7c51705f18a62720adf0346cf222af36aba0281
0f1f03a690a8c658a595ae18a220a97a02050030b7de853f2f148c5db40ddfb6
GET /it/u=2637808973,1505753324&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:39 GMT
Content-Type: image/jpeg
Content-Length: 166027
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:19:49 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: f9692a89ca67e5f3a190091073638ecf
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:19:49 GMT
Ohc-Cache-HIT: yy2ct63 [1], csix82 [2]
Ohc-File-Size: 166027
X-Cache-Status: MISS
img2.baidu.com/it/u=923876473,62210316&fm=253&app=138&f=JPEG?w=500&h=800
220.169.152.35200 OK 45 kB URL HTTP/1.1 img2.baidu.com/it/u=923876473,62210316&fm=253&app=138&f=JPEG?w=500&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x800, components 3\012- data
Hash 21dd2d93fc71fa3ef8b1aad13bed9c7a
b69e5e182c4ca82e419c1c00d7b7abe903d54f8c
f33ee213ad56e373dcc20730450514f595e4cada01397f9d6e45ed33d250dc90
GET /it/u=923876473,62210316&fm=253&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:39 GMT
Content-Type: image/jpeg
Content-Length: 44747
Connection: keep-alive
Expires: Tue, 21 Feb 2023 20:19:22 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 21dd2d93fc71fa3ef8b1aad13bed9c7a
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 20:19:22 GMT
Ohc-Cache-HIT: yy2ct69 [1], wzix69 [2]
Ohc-File-Size: 44747
X-Cache-Status: MISS
lupic.cdn.bcebos.com/20210629/2006674708_14.jpg
111.225.213.35200 OK 9.7 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/2006674708_14.jpg
IP 111.225.213.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash 14de964e1b49b9dd13901c37973d3bf5
fee149c5b57979a27b32da6c25e250b5b3ee09e9
25d2574f398ee4c1cf09f479aa72984d9e2e8791c772fdc5c572cbd7c418ad90
GET /20210629/2006674708_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:39 GMT
content-type: image/jpeg
content-length: 9709
expires: Wed, 25 Jan 2023 05:39:33 GMT
last-modified: Tue, 29 Jun 2021 21:54:38 GMT
etag: "14de964e1b49b9dd13901c37973d3bf5"
age: 75454
accept-ranges: bytes
content-md5: FN6WThtJud0TkBw3lz079Q==
x-bce-content-crc32: 0
x-bce-debug-id: PVgLxf9W0qtYVNMwvISQiHBVSNifpLKqtL8FcVWf59vIminHVMybhs4Sih+1l2UY6OkE5Q3l9vh+dleu10KwWw==
x-bce-request-id: ec7b402c-65f1-4c39-b93c-3f4785a4ba2c
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:39:33 GMT
ohc-cache-hit: lf6ct86 [2], czix238 [2]
ohc-file-size: 9709
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2860831130,3346658070&fm=253&fmt=auto?w=800&h=1280
182.106.158.35200 OK 110 kB URL HTTP/2 img0.baidu.com/it/u=2860831130,3346658070&fm=253&fmt=auto?w=800&h=1280
IP 182.106.158.35:0
ASN #139201 Jiangxi Jiujiang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 110 kB (110138 bytes)
Hash 2ef03eb5380dda6498f5ca7d505591e1
07070237780ee82f1cc4f4ddc241da49efa936f3
2013d0eeaf9133539d000c08d8995c7801f0235a60d0cce6b1a0218b8cea4ec0
GET /it/u=2860831130,3346658070&fm=253&fmt=auto?w=800&h=1280 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:39 GMT
content-type: image/webp
content-length: 110138
expires: Tue, 21 Feb 2023 09:09:57 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 2ef03eb5380dda6498f5ca7d505591e1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 09:09:57 GMT
ohc-cache-hit: jjct51 [1], suzix100 [4]
ohc-file-size: 110138
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=729021492,696498165&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 125 kB URL HTTP/1.1 img2.baidu.com/it/u=729021492,696498165&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 125 kB (124934 bytes)
Hash 909de239324446421a1b40061813312c
e18ef5e53eaea5d1c517a1a471b631e5bab45bad
b8137aed00e5ed8238bf59e3dfb5812641c6e706350be9cf476d5f5cc3b24115
GET /it/u=729021492,696498165&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:39 GMT
Content-Type: image/jpeg
Content-Length: 124934
Connection: keep-alive
Expires: Sun, 05 Feb 2023 08:20:35 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 909de239324446421a1b40061813312c
Age: 168515
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 08:20:35 GMT
Ohc-Cache-HIT: yy2ct59 [4], bdix86 [2]
Ohc-File-Size: 124934
X-Cache-Status: HIT
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 26d27425f3b3b28c293c532ed36a51fc
e91a3aba3f738ea0c9b759f171a661d3595ad134
f85142701680c43fe4c60498b534b1ff8a2b20e6a041eb0128690e2172016945
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 23 Jan 2023 03:14:39 GMT
Last-Modified: Sun, 22 Jan 2023 15:48:36 GMT
ETag: "63cd5ad4-1d7"
Expires: Tue, 24 Jan 2023 15:48:36 GMT
Cache-Control: max-age=131637
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674443679
Via: cache9.l2de2[478,477,200-0,M], cache9.l2de2[479,0], cache7.se1[499,499,200-0,M], cache7.se1[500,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 03:14:39 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16744436790436736e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 26d27425f3b3b28c293c532ed36a51fc
e91a3aba3f738ea0c9b759f171a661d3595ad134
f85142701680c43fe4c60498b534b1ff8a2b20e6a041eb0128690e2172016945
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 23 Jan 2023 03:14:39 GMT
Ali-Swift-Global-Savetime: 1674443679
Via: cache11.l2de2[516,515,200-0,M], cache11.l2de2[516,0], cache1.se1[539,538,200-0,M], cache1.se1[540,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 03:14:39 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516744436790206280e
img2.baidu.com/it/u=3695049304,218010904&fm=253&app=138&f=JPEG?w=200&h=200
220.169.152.35200 OK 9.4 kB URL HTTP/1.1 img2.baidu.com/it/u=3695049304,218010904&fm=253&app=138&f=JPEG?w=200&h=200
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash b6160345a16de720086c88ef4fb766d1
fb259ba6edccdf272787408e0d0950017e21f6bb
ccb763c38a8835b80c9e42ec3ccb73787c04a823bc7b3397e8afa7faa3271704
GET /it/u=3695049304,218010904&fm=253&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://4271.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 03:14:39 GMT
Content-Type: image/jpeg
Content-Length: 9351
Connection: keep-alive
Expires: Sun, 05 Feb 2023 13:43:26 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: b6160345a16de720086c88ef4fb766d1
Age: 172495
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 13:43:26 GMT
Ohc-Cache-HIT: yy2ct64 [4], czix164 [2]
Ohc-File-Size: 9351
X-Cache-Status: HIT
lupic.cdn.bcebos.com/20191203/3017154272_14.jpg
111.225.213.35200 OK 32 kB URL HTTP/2 lupic.cdn.bcebos.com/20191203/3017154272_14.jpg
IP 111.225.213.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x286, components 3\012- data
Hash bcc5b64c96a6e8f6458bc4ab5f693f9a
c6014adf636fa61ec1979cdc1e7f88f00957de26
bba7634817c698a5fcdda323c6c9b8aca75d22e0fb560f4aafae7231032ee129
GET /20191203/3017154272_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:39 GMT
content-type: image/jpeg
content-length: 31834
expires: Mon, 23 Jan 2023 23:33:14 GMT
last-modified: Tue, 03 Dec 2019 08:45:26 GMT
etag: "bcc5b64c96a6e8f6458bc4ab5f693f9a"
age: 184840
accept-ranges: bytes
content-md5: vMW2TJam6PZFi8SrX2k/mg==
x-bce-content-crc32: 609958593
x-bce-debug-id: kixkZUotojcfbZzARjX4zXSCytA5rg1weAw0RS01olCuHvKt33sp4jC/q94VsLjpFvQF3ckyc+iZtQ55rGH0Hg==
x-bce-request-id: 120e7a4f-615a-469f-9e65-30d87782e4bf
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 23:33:14 GMT
ohc-cache-hit: lf6ct75 [2], suzix220 [4]
ohc-file-size: 31834
x-cache-status: HIT
X-Firefox-Spdy: h2
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.208200 OK 0 B URL HTTP/2 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.208:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://4271.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
strict-transport-security: max-age=5184000
date: Mon, 23 Jan 2023 03:14:34 GMT
last-modified: Wed, 06 Nov 2019 08:19:39 GMT
etag: W/"5dc2821b-4c53"
vary: Accept-Encoding, Accept-Encoding
expires: Tue, 22 Nov 2022 14:45:06 GMT
cache-control: max-age=600
ali-swift-global-savetime: 1674443674
via: cache1.l2de2[417,417,304-0,M], cache15.l2de2[418,0], cache8.se1[505,505,200-0,H], cache8.se1[507,0]
age: 0
x-cache: HIT TCP_REFRESH_HIT dirn:11:335020828
x-swift-savetime: Mon, 23 Jan 2023 03:14:34 GMT
x-swift-cachetime: 600
content-encoding: br
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
timing-allow-origin: *
eagleid: 2ff62c9c16744436736471869e
X-Firefox-Spdy: h2
bdcode.2345.com/js/logo/js/logo.js
42.81.8.130200 OK 0 B URL HTTP/2 bdcode.2345.com/js/logo/js/logo.js
IP 42.81.8.130:0
Analyzer Verdict Alert fortinet Malware
GET /js/logo/js/logo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: application/x-javascript
date: Mon, 23 Jan 2023 03:14:37 GMT
etag: W/"639b0691-371a"
expires: Mon, 23 Jan 2023 04:14:37 GMT
last-modified: Thu, 15 Dec 2022 11:35:45 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c1622d25465d37e5-143
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20191203/3018425820_14.jpg
111.225.213.35200 OK 0 B URL HTTP/2 lupic.cdn.bcebos.com/20191203/3018425820_14.jpg
IP 111.225.213.35:0
ASN #58539 Langfang,Hebei province, P.R.China
GET /20191203/3018425820_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 03:14:39 GMT
content-type: image/jpeg
content-length: 43544
expires: Wed, 25 Jan 2023 03:17:59 GMT
last-modified: Tue, 03 Dec 2019 10:40:45 GMT
etag: "3c722206d21d6e4bbb293148d9c91e3f"
age: 85340
accept-ranges: bytes
content-md5: PHIiBtIdbku7KTFI2ckePw==
x-bce-content-crc32: 2947831683
x-bce-debug-id: dxvQuzm/4fX4IdmJBr/AABStazw1YXnQjWMcBP14GMcAp2vPPq2JvyvyW3W7uMdIiasGJ4dboDfi79phL31/Gg==
x-bce-request-id: c99bfbb2-d9e2-4a67-87c3-43df5729de98
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:17:59 GMT
ohc-cache-hit: lf6ct80 [2], suzix244 [2]
ohc-file-size: 43544
x-cache-status: HIT
X-Firefox-Spdy: h2