r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10368
Expires: Sat, 04 Feb 2023 09:46:47 GMT
Date: Sat, 04 Feb 2023 06:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2540
Expires: Sat, 04 Feb 2023 07:36:19 GMT
Date: Sat, 04 Feb 2023 06:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11583
Expires: Sat, 04 Feb 2023 10:07:02 GMT
Date: Sat, 04 Feb 2023 06:53:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 06:43:36 GMT
content-type: application/json
age: 623
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nnUZLa38D175ozH3EuTALLMNzbT9k9fVA4FTco0WI02hdYCytZbDIWrnyKoa3ovZVei/r9ezWAU=
x-amz-request-id: 0D8S7RHKW8J7F6YY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 06:52:44 GMT
age: 75
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:53:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 06:49:07 GMT
age: 292
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15364
Expires: Sat, 04 Feb 2023 11:10:03 GMT
Date: Sat, 04 Feb 2023 06:53:59 GMT
Connection: keep-alive
18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
154.218.151.71200 OK 9.2 kB URL HTTP/1.1 18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1384)
Hash b7b4f02371139e9e8947a16665cec753
dda6c01a074a40d9f1f3f589f2373f8f187d44c4
0233248f276efbe282839102ea025a86e41b21f38120f5c34b848eeeb428c9db
Analyzer Verdict Alert fortinet Malware
GET /xiaz/autocad2014@34_134313.exe HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:53:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.41.34.173101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.34.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9rJfkfrAy5V1fBXf0s5Zhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7lU/MJPf4ojfk9Xvuf+3KGalFzE=
18405.url.tudown.com/template/company/moban/index_files/common20200314.css
154.218.151.71200 OK 11 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/common20200314.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 45e7104994ba9d28a3840e7b57fe10db
8f3fa3c7e86d69b7f7d1d87cb88db05d369084ad
d7d57f9fd8ca7419fd1151643a1a11d1f947e0ce14409758536c5f78feb7a3a7
GET /template/company/moban/index_files/common20200314.css HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:00 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 07:11:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7511-b757"
Expires: Sat, 04 Feb 2023 18:54:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
18405.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 18405.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
18405.url.tudown.com/template/company/moban/js/push.js
154.218.151.71200 OK 281 B URL HTTP/1.1 18405.url.tudown.com/template/company/moban/js/push.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
Analyzer Verdict Alert fortinet Malware
GET /template/company/moban/js/push.js HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:00 GMT
Content-Type: application/javascript
Content-Length: 281
Last-Modified: Mon, 31 Oct 2022 07:24:37 GMT
Connection: keep-alive
ETag: "635f7835-119"
Expires: Sat, 04 Feb 2023 18:54:00 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
18405.url.tudown.com/template/company/moban/js/jquery.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/js/jquery.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash b0e3a6733a542de9809c5d7db72f8040
91b6e610ee2a602873c1e2d0fbea7cfa5370b4f7
3970f3998e97d13c827a4043241bdec5797f55ed3ce12939226e62f63b19d4a7
Analyzer Verdict Alert fortinet Malware
GET /template/company/moban/js/jquery.js HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7873-ca4"
Expires: Sat, 04 Feb 2023 18:54:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
18405.url.tudown.com/template/company/moban/js/common200314.js
154.218.151.71200 OK 7.9 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/js/common200314.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (582), with CRLF line terminators
Hash c63394e2ec253720b14b63812f72fdc4
acd72fdd9431629de8334bcf14f2b3eaba8455f7
13eb4601f2369316cae59b5a826dbc359bf7761e503e3f9b2681c8db6db9a68b
Analyzer Verdict Alert fortinet Malware
GET /template/company/moban/js/common200314.js HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7885-70d5"
Expires: Sat, 04 Feb 2023 18:54:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
18405.url.tudown.com/template/company/moban/index_files/seo0327.css
154.218.151.71200 OK 625 B URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/seo0327.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 711032f9fe79a8a5ad4e93ef3b5d630a
592e0c0dfa651a9e71376ad3bbbc5cbd192c991c
c97203ea0db06a934f0ebc3c9e2796891215551df15abf9f12f0edf2a076ae5d
GET /template/company/moban/index_files/seo0327.css HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:00 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 07:11:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f7515-59b"
Expires: Sat, 04 Feb 2023 18:54:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
18405.url.tudown.com/template/company/moban/js/hm.js
154.218.151.71200 OK 12 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/js/hm.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1075), with CRLF line terminators
Hash 5edaed7ef425da9212ba1892bd7da753
341e9f19f879261b7c47b3b988fee87aa028da9e
b0d03117ba938b859d9422c740dc2ce315c3d91b78ed6bcdd6e059a1aa0808e5
Analyzer Verdict Alert fortinet Malware
GET /template/company/moban/js/hm.js HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:24:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f784a-781d"
Expires: Sat, 04 Feb 2023 18:54:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
18405.url.tudown.com/template/company/moban/js/jquery-1.js
154.218.151.71200 OK 38 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/js/jquery-1.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32038), with CRLF line terminators
Hash adbc5e76397fe7c0f17d0c2f86d22aca
d7ae0f7aad6555282106498db4573df817d1ea11
6e1a6d6592d35652998b135ec2dde01b5326006bf3199a633b2bbd768725a7e6
Analyzer Verdict Alert fortinet Malware
GET /template/company/moban/js/jquery-1.js HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 07:25:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f785f-176d8"
Expires: Sat, 04 Feb 2023 18:54:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fc91044ea257e54846f8dd907b48d29e
6d2231e05dabe5ee55f8dbf8687d7b7a92c25d64
8e77e1a87ab035ed1affd01159d1c899e46d7c247d0bc085dd57d1b1c6fed830
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E77E1A87AB035ED1AFFD01159D1C899E46D7C247D0BC085DD57D1B1C6FED830"
Last-Modified: Thu, 02 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2106
Expires: Sat, 04 Feb 2023 07:29:07 GMT
Date: Sat, 04 Feb 2023 06:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 06:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 06:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 06:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 06:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9630
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 06:54:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 31231
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 32757
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 31408
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 31522
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 30962
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 31420
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
18405.url.tudown.com/template/company/moban/index_files/shoucang.png
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/shoucang.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 112dd72135aceaef7b25583061398368
73d3f2825122e66564122f1d8e87065b71c9ac33
5f5dc0b4419a3e37547d82c55b1332b6c421d382067cf542dadb3c65a4fa066f
GET /template/company/moban/index_files/shoucang.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/png
Content-Length: 1456
Last-Modified: Mon, 31 Oct 2022 07:11:39 GMT
Connection: keep-alive
ETag: "635f752b-5b0"
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash c45b5d23d78c603a4f679957cc907c55
c0c6131e462224b19bf52c269ffda26be7dcc3ce
7acbb574f2c3ce64da98b8bf9e8af19ba063535e4cbf9fadaf803c34381178dd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:09:39 GMT
ETag: "c0c6131e462224b19bf52c269ffda26be7dcc3ce"
Last-Modified: Sat, 04 Feb 2023 04:09:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2540
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79417e1af8c5b521-OSL
18405.url.tudown.com/template/company/moban/index_files/chakan.png
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/chakan.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash acb0ada0040b83568aac894905d88cca
90c3924ecf672018cdc013d30716966b196ccbda
0511b79ede1d0228f1ecd14d917e26e8613a7e7b99f31b7bc66fae4285bdd4d6
GET /template/company/moban/index_files/chakan.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/png
Content-Length: 1469
Last-Modified: Mon, 31 Oct 2022 07:11:28 GMT
Connection: keep-alive
ETag: "635f7520-5bd"
Accept-Ranges: bytes
18405.url.tudown.com/uploads/images/687152.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/687152.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/687152.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1270682339,2539839619&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=389
18405.url.tudown.com/uploads/images/669388.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/669388.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/669388.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1668704151,892490102&fm=253&app=120&f=JPEG?w=720&h=1280
18405.url.tudown.com/template/company/moban/index_files/searchbox_action.png
154.218.151.71200 OK 6.2 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/searchbox_action.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 60 x 60, 16-bit/color RGBA, non-interlaced\012- data
Hash 99e950348c1a490f8fe53e5c5b1b32a6
6f79160d4f4161f19ab2058d2480f156dd5ee408
d11a69c15618f1ed03351f4b41fb7bbdbcc6b4743a44c2dad6127eb5f7b45b06
GET /template/company/moban/index_files/searchbox_action.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33; Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675493675; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675493675
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/png
Content-Length: 6235
Last-Modified: Mon, 31 Oct 2022 07:11:37 GMT
Connection: keep-alive
ETag: "635f7529-185b"
Accept-Ranges: bytes
18405.url.tudown.com/uploads/images/412158.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/412158.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/412158.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1369729800,1784312900&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=687
18405.url.tudown.com/uploads/images/433155.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/433155.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/433155.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3652056375,1772523793&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=424
api.share.baidu.com/s.gif?l=http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 06:54:01 GMT
18405.url.tudown.com/template/company/moban/images/icon_06.png
154.218.151.71200 OK 9.2 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/images/icon_06.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1376)
Hash 2521a6e2041bf287dfbef32a51c33683
c3b352a031abea5170fe042c1fd6c63fbcb38022
cfbee33ed613356ec51fb083837f07cb17b77c990790bf6fb85ef863779c0a62
GET /template/company/moban/images/icon_06.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33; Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675493675; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675493675
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
18405.url.tudown.com/template/company/moban/images/icon_01.png
154.218.151.71200 OK 9.2 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/images/icon_01.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1408)
Hash 44919a65ab976a1f7ec47ca36d3b4b23
0821b6e70270359c018045dcdb506233f7bb557b
6196e1f2960bc68c241e4d68f3de021849541a2849f1dbe8b9b7bd542fd425bb
GET /template/company/moban/images/icon_01.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33; Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675493675; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675493675
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
18405.url.tudown.com/template/company/moban/index_files/yyh.png
154.218.151.71200 OK 3.3 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/yyh.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ff16370de7effacbc2dad368909f4ce9
6797aa73900e37841cd8f26d20afbbce76ed2bd4
18d1ff6e85efd537b99aae82df385b44b02f9699df6ee5d4295069034fdfd4f0
GET /template/company/moban/index_files/yyh.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/png
Content-Length: 3307
Last-Modified: Mon, 31 Oct 2022 07:11:41 GMT
Connection: keep-alive
ETag: "635f752d-ceb"
Accept-Ranges: bytes
18405.url.tudown.com/template/company/moban/index_files/close_black.png
154.218.151.71200 OK 9.1 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/close_black.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 840 x 832, 8-bit/color RGBA, non-interlaced\012- data
Hash 61258db0845df63b5aef5e137b425ba7
00be51fff891b55e1b0e0ed5972b9c0c12b182b5
f65333f53a9c02d89ba24e8679788371f8076f5be618a44cddfa314cb14521e1
GET /template/company/moban/index_files/close_black.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/png
Content-Length: 9098
Last-Modified: Mon, 31 Oct 2022 07:11:30 GMT
Connection: keep-alive
ETag: "635f7522-238a"
Accept-Ranges: bytes
18405.url.tudown.com/template/company/moban/index_files/logo2.png
154.218.151.71200 OK 5.7 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/logo2.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 172 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c00109aa99d34615f91984307d2d4de
3bde4746cc37110bccb5766f077002da9c251582
80b083f9300489095112b79c8af03547db4eaede2ba43ff6ac4b828e2428fc9d
GET /template/company/moban/index_files/logo2.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/png
Content-Length: 5697
Last-Modified: Mon, 31 Oct 2022 07:11:36 GMT
Connection: keep-alive
ETag: "635f7528-1641"
Accept-Ranges: bytes
18405.url.tudown.com/uploads/images/706257.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/706257.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/706257.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4009211644,582231007&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=450
18405.url.tudown.com/template/company/moban/index_files/icon_03.png
154.218.151.71200 OK 3.2 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/icon_03.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 26cf006988edd9c4eb048a12f20d8f12
f5875a0dfadf0b2d7ba040de986d3e92ec4f2992
87510ec460049035d8d4bdd190024b2f297df37e1fd36f5eb122cc12737cbc23
GET /template/company/moban/index_files/icon_03.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/png
Content-Length: 3164
Last-Modified: Mon, 31 Oct 2022 07:11:32 GMT
Connection: keep-alive
ETag: "635f7524-c5c"
Accept-Ranges: bytes
18405.url.tudown.com/template/company/moban/index_files/icon_04.png
154.218.151.71200 OK 3.0 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/icon_04.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 25 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cfb3c0eccae9226e14ecc2f1642b6f35
b2b6497c7b8441cf2562ec555ed6a5465aacd8d9
44058ef0ee0a2252592665923108686538ac74c78ef05131fb47b455d562965d
GET /template/company/moban/index_files/icon_04.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:01 GMT
Content-Type: image/png
Content-Length: 3044
Last-Modified: Mon, 31 Oct 2022 07:11:34 GMT
Connection: keep-alive
ETag: "635f7526-be4"
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1212269100&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=25865&r=0&ww=1280&ct=!!&u=http%3A%2F%2F18405.url.tudown.com%2Fxiaz%2Fautocad2014%4034_134313.exe&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E4%BD%93%E8%82%B2%E5%AE%98%E7%BD%91app%E7%99%BB%E5%BD%95%E5%85%A5%E5%8F%A3(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1212269100&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=25865&r=0&ww=1280&ct=!!&u=http%3A%2F%2F18405.url.tudown.com%2Fxiaz%2Fautocad2014%4034_134313.exe&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E4%BD%93%E8%82%B2%E5%AE%98%E7%BD%91app%E7%99%BB%E5%BD%95%E5%85%A5%E5%8F%A3(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1212269100&si=54b2b3c6299a2d96d5b7b5615a1c83ed&v=1.2.94&lv=1&sn=25865&r=0&ww=1280&ct=!!&u=http%3A%2F%2F18405.url.tudown.com%2Fxiaz%2Fautocad2014%4034_134313.exe&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E4%BD%93%E8%82%B2%E5%AE%98%E7%BD%91app%E7%99%BB%E5%BD%95%E5%85%A5%E5%8F%A3(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18405.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 06:54:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B9365B7EEFEF5890; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 06:54:01 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 06:54:01 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=5D86FE609486B6DB040B29B19B7621F1:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 06:54:01 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
18405.url.tudown.com/uploads/images/621752.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/621752.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/621752.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3165265658,3938012511&fm=253&fmt=auto?w=1000&h=800
18405.url.tudown.com/uploads/images/205153.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/205153.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/205153.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805
18405.url.tudown.com/uploads/images/874789.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/874789.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/874789.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1251620736,566630190&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
18405.url.tudown.com/uploads/images/490529.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/490529.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/490529.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1762450376,606503624&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
api.share.baidu.com/s.gif?l=http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
182.61.201.94200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 06:54:02 GMT
18405.url.tudown.com/uploads/images/487285.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/487285.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/487285.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3185590620,2822808298&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=500
18405.url.tudown.com/uploads/images/993871.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/993871.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/993871.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4036493351,1839042457&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
18405.url.tudown.com/uploads/images/559011.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/559011.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/559011.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=327443173,3668268040&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
18405.url.tudown.com/uploads/images/765162.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/765162.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/765162.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3656833976,4233226354&fm=253&app=120&f=JPEG?w=1422&h=800
18405.url.tudown.com/uploads/images/231528.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/231528.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/231528.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3840466692,975686451&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=1668704151,892490102&fm=253&app=120&f=JPEG?w=720&h=1280
36.103.236.35200 OK 79 kB URL HTTP/1.1 img2.baidu.com/it/u=1668704151,892490102&fm=253&app=120&f=JPEG?w=720&h=1280
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 720x1280, components 3\012- data
Hash 4e12cc5c80792c84940370efec938a4b
1a2ee9df687d603d99b91992749be21b1ae11064
0bad840e1097b891fd050f15f27801c8d340bbc4ce4b21d94da21e3c0d803d2e
GET /it/u=1668704151,892490102&fm=253&app=120&f=JPEG?w=720&h=1280 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpeg
Content-Length: 79205
Connection: keep-alive
Expires: Fri, 03 Mar 2023 19:59:50 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 4e12cc5c80792c84940370efec938a4b
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Feb 2023 19:59:50 GMT
Ohc-Cache-HIT: zw2ct53 [2], bdix229 [4]
Ohc-File-Size: 79205
X-Cache-Status: MISS
18405.url.tudown.com/uploads/images/160263.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/160263.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/160263.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3377610248,53319843&fm=253&fmt=auto&app=120&f=JPEG?w=700&h=748
img1.baidu.com/it/u=1270682339,2539839619&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=389
42.81.98.35200 OK 40 kB URL HTTP/2 img1.baidu.com/it/u=1270682339,2539839619&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=389
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x389, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 948254e6ad035413fe7b0996e0d7c86d
4e706803f42b08881dfdfabf27a3e29fe4f2acfd
bae6c6dc2a9a3e93ca38fe01c83526b2263566227dfec5cd7562db37de5407df
GET /it/u=1270682339,2539839619&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=389 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 39920
expires: Sat, 04 Mar 2023 03:31:40 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 948254e6ad035413fe7b0996e0d7c86d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 03:31:40 GMT
ohc-cache-hit: tj5ct67 [1], csix67 [2]
ohc-file-size: 39920
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805
42.81.98.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x805, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 05043cf05c62c1a674a11424dcfe842b
46fc3edf8d33bf06f3d8c4bd0bd9dbd96c343c45
ec6e0580e59609bc9821acf6dd00c361b101d41c850449e74e87f42b9de4feec
GET /it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 26840
expires: Sat, 04 Feb 2023 08:11:42 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 05043cf05c62c1a674a11424dcfe842b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 08:11:42 GMT
ohc-cache-hit: tj5ct66 [1], wzix110 [4]
ohc-file-size: 26840
x-cache-status: MISS
X-Firefox-Spdy: h2
18405.url.tudown.com/uploads/images/67661.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/67661.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/67661.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2450867732,2904936427&fm=224&app=112&f=JPEG?w=500&h=500
18405.url.tudown.com/uploads/images/371847.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/371847.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/371847.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=903308574,1810465017&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
18405.url.tudown.com/uploads/images/820488.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/820488.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/820488.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2987617574,1591591596&fm=253&app=120&f=JPEG?w=1280&h=800
t14.baidu.com/it/u=3840466692,975686451&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 62 kB URL HTTP/1.1 t14.baidu.com/it/u=3840466692,975686451&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b78fc919df9310a57601d3b2c885ef45
a527180102cbf3ed229156974f0e61f57887163b
a50dc06e42cf800d7e9beaacdb27b9202ea9098dc929285c8530a9ea53867e88
GET /it/u=3840466692,975686451&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpeg
Content-Length: 62356
Connection: keep-alive
Expires: Fri, 03 Mar 2023 02:21:14 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: b78fc919df9310a57601d3b2c885ef45
Age: 186467
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Feb 2023 02:21:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache63 [1], csix96 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 62356
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=4009211644,582231007&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=450
36.103.236.35200 OK 58 kB URL HTTP/2 img2.baidu.com/it/u=4009211644,582231007&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=450
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4fc85d041c80dac31cdf80f8ff6a720
df77801705032f5a60c1a43020412ae7d3ef77b8
d91fad66f8b90257216091d79361ea2d4f51908a0b434ae69ab8e206ca6a3a59
GET /it/u=4009211644,582231007&fm=253&fmt=auto&app=138&f=JPEG?w=600&h=450 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 58268
expires: Sun, 19 Feb 2023 05:12:33 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: b4fc85d041c80dac31cdf80f8ff6a720
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 05:12:33 GMT
ohc-cache-hit: zw2ct55 [1], qdix106 [4]
ohc-file-size: 58268
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2450867732,2904936427&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 57 kB URL HTTP/1.1 t14.baidu.com/it/u=2450867732,2904936427&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d7872d6928c818165a1b26061adecc1a
10e696c5cbe8ee0fef1c7462cbf4dda3d69e298a
2a5fc5895a0eac9f632adb9cb9f5cc9b6f82fc25b0ea1d55e89df3f58bae8250
GET /it/u=2450867732,2904936427&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpeg
Content-Length: 57027
Connection: keep-alive
Expires: Mon, 06 Feb 2023 12:20:47 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: d7872d6928c818165a1b26061adecc1a
Age: 2021862
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 12:20:47 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache54 [4], czix128 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57027
X-Cache-Status: HIT
Timing-Allow-Origin: *
18405.url.tudown.com/uploads/images/382987.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/382987.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/382987.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2968735583,2880346486&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
18405.url.tudown.com/uploads/images/542899.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/542899.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/542899.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3204667243,2709648927&fm=253&fmt=auto&app=138&f=JPEG?w=386&h=500
img0.baidu.com/it/u=3185590620,2822808298&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=500
42.81.98.35200 OK 27 kB URL HTTP/2 img0.baidu.com/it/u=3185590620,2822808298&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 480x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a2af1a9879673bb04b71dda6ad809a9c
0f9c04cd347b2e33cc70fa24e0797ee00d0c0c8c
62a69a0a367e7c6c33e6a5920ddc5b7c0a128a8502293ae7f1bd20cffc7884be
GET /it/u=3185590620,2822808298&fm=253&fmt=auto&app=138&f=JPEG?w=480&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 26590
expires: Fri, 24 Feb 2023 23:24:24 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: a2af1a9879673bb04b71dda6ad809a9c
age: 109749
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 23:24:24 GMT
ohc-cache-hit: tj5ct63 [4], xiangyix101 [2]
ohc-file-size: 26590
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3377610248,53319843&fm=253&fmt=auto&app=120&f=JPEG?w=700&h=748
42.81.98.35200 OK 71 kB URL HTTP/2 img1.baidu.com/it/u=3377610248,53319843&fm=253&fmt=auto&app=120&f=JPEG?w=700&h=748
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x748, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f80b389018c4581f10cb284e4839c1bd
887a560d5beed256cec7a2c471c7acf6de6c0f37
f92362b413c8e78bfc04bbe5d97f3d31c2758fc16910f326ae7ca7e9666ef5c5
GET /it/u=3377610248,53319843&fm=253&fmt=auto&app=120&f=JPEG?w=700&h=748 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 70974
expires: Tue, 21 Feb 2023 02:31:10 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: f80b389018c4581f10cb284e4839c1bd
age: 876839
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:31:10 GMT
ohc-cache-hit: tj5ct66 [4], czix194 [2]
ohc-file-size: 70974
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3165265658,3938012511&fm=253&fmt=auto?w=1000&h=800
42.81.98.35200 OK 36 kB URL HTTP/2 img0.baidu.com/it/u=3165265658,3938012511&fm=253&fmt=auto?w=1000&h=800
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b52666591cee034f863ba7ed59b43542
755f282ac4db7dea79377d865a118331178bd12d
27367659852c088df0f3cf264f576f0ff384928467ac12ac1d0aa5d40a32b678
GET /it/u=3165265658,3938012511&fm=253&fmt=auto?w=1000&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 36426
expires: Fri, 24 Feb 2023 08:24:55 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b52666591cee034f863ba7ed59b43542
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 08:24:55 GMT
ohc-cache-hit: tj5ct56 [1], wzix56 [2]
ohc-file-size: 36426
x-cache-status: MISS
X-Firefox-Spdy: h2
18405.url.tudown.com/uploads/images/146937.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/146937.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/146937.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3693137685,3981295420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
img2.baidu.com/it/u=1762450376,606503624&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
36.103.236.35200 OK 43 kB URL HTTP/2 img2.baidu.com/it/u=1762450376,606503624&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 681d8a931498d92b619da9c3476db476
a93462217ab817574582ba186c33424927e682ce
eb801f30d5fc66d206c8fc810a946de3d1ad22bdb16491b4de66de0f632204e6
GET /it/u=1762450376,606503624&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 43000
expires: Mon, 20 Feb 2023 08:55:54 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 681d8a931498d92b619da9c3476db476
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 08:55:54 GMT
ohc-cache-hit: zw2ct60 [1], qdix171 [4]
ohc-file-size: 43000
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3652056375,1772523793&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=424
36.103.236.35200 OK 23 kB URL HTTP/2 img2.baidu.com/it/u=3652056375,1772523793&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=424
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x424, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b4666c08f3040e2ffbd2302c109de5d
b3f44638ca76fb6e5508f4e33d83452bb50bad32
ce305a82d1b1640c0fe450f1437b88ef00cd44a01692f5e881d77b4a757eb5e6
GET /it/u=3652056375,1772523793&fm=253&fmt=auto&app=138&f=JPEG?w=320&h=424 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 22866
expires: Tue, 07 Feb 2023 21:52:07 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 3b4666c08f3040e2ffbd2302c109de5d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 21:52:07 GMT
ohc-cache-hit: zw2ct57 [1], wzix117 [4]
ohc-file-size: 22866
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4036493351,1839042457&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
36.103.236.35200 OK 29 kB URL HTTP/2 img2.baidu.com/it/u=4036493351,1839042457&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cdfa58f51ad113a3eee8b8d50668cff2
1d9de4851636e61983f2e03dbca2e2e1a86dbb8a
f3d8fa2a7d87d955621fc7da3738bd687c8bccd48f366099bbb3de992467d2d5
GET /it/u=4036493351,1839042457&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 28678
expires: Thu, 02 Mar 2023 08:30:45 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: cdfa58f51ad113a3eee8b8d50668cff2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 08:30:45 GMT
ohc-cache-hit: zw2ct56 [1], wzix72 [2]
ohc-file-size: 28678
x-cache-status: MISS
X-Firefox-Spdy: h2
18405.url.tudown.com/uploads/images/809292.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/809292.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/809292.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2569565472,1814890522&fm=224&app=112&f=JPEG?w=375&h=500
18405.url.tudown.com/uploads/images/745120.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/745120.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/745120.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1275459887,53886868&fm=253&fmt=auto?w=120&h=80
18405.url.tudown.com/uploads/images/598587.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/598587.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/598587.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3766377767,544811525&fm=224&app=112&f=JPEG?w=350&h=350
img2.baidu.com/it/u=327443173,3668268040&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
36.103.236.35200 OK 59 kB URL HTTP/2 img2.baidu.com/it/u=327443173,3668268040&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 22d5989ca04f579e2417f1d799baa07e
058d6936cf3ca378c264e818b2d87622c5d83c04
8789ed6d418473e3b0a81d8d0e9a6e55d6c499a8cba5d39b27457df553e08986
GET /it/u=327443173,3668268040&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 59072
expires: Mon, 20 Feb 2023 06:55:17 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 22d5989ca04f579e2417f1d799baa07e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:55:17 GMT
ohc-cache-hit: zw2ct51 [1], bdix229 [2]
ohc-file-size: 59072
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2968735583,2880346486&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
42.81.98.35200 OK 49 kB URL HTTP/2 img1.baidu.com/it/u=2968735583,2880346486&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a003d290772739ebf0badd5ec8b07f2
2bbe1bed08f7ca7cebabc856dc09c879735a578b
c6f053f26924568c3e717b2a060e52adac4633811b66e1fbe849c8a60ac6463f
GET /it/u=2968735583,2880346486&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:03 GMT
content-type: image/webp
content-length: 49354
expires: Fri, 03 Mar 2023 12:35:34 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1a003d290772739ebf0badd5ec8b07f2
age: 104749
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 12:35:34 GMT
ohc-cache-hit: tj5ct56 [4], csix56 [2]
ohc-file-size: 49354
x-cache-status: HIT
X-Firefox-Spdy: h2
18405.url.tudown.com/uploads/images/522272.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/522272.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/522272.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=141005729,4262677742&fm=253&fmt=auto&app=138&f=JPEG?w=579&h=500
t13.baidu.com/it/u=3766377767,544811525&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 15 kB URL HTTP/1.1 t13.baidu.com/it/u=3766377767,544811525&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash f5199bd687a5d1fd026e578f1e5356c1
3af0df931d06e177c3634ecfcdfa6b653babfbc7
06101bd06b5b2fb73696d1ecdb8f45db22c6c011018969a20184a2ff042c73d0
GET /it/u=3766377767,544811525&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpeg
Content-Length: 14733
Connection: keep-alive
Expires: Thu, 09 Feb 2023 03:19:22 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: f5199bd687a5d1fd026e578f1e5356c1
Age: 705860
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 03:19:22 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache51 [1], suzix216 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 14733
X-Cache-Status: HIT
Timing-Allow-Origin: *
18405.url.tudown.com/uploads/images/219555.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/219555.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/219555.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2917169226,3214617518&fm=253&fmt=auto&app=138&f=JPEG?w=401&h=500
18405.url.tudown.com/uploads/images/704099.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/704099.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/704099.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3370086540,2463674630&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img2.baidu.com/it/u=1251620736,566630190&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
36.103.236.35200 OK 89 kB URL HTTP/2 img2.baidu.com/it/u=1251620736,566630190&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f7b3be81467a44857b985561c78346f2
1c1b6f684fa800033eaa40f3fea0064dc155c480
1087208f46308af099025e7bee548e847c2e6bdd991d8a692fdd27721123e225
GET /it/u=1251620736,566630190&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:02 GMT
content-type: image/webp
content-length: 88766
expires: Fri, 17 Feb 2023 07:23:52 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: f7b3be81467a44857b985561c78346f2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 07:23:52 GMT
ohc-cache-hit: zw2ct59 [1], suzix235 [2]
ohc-file-size: 88766
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=903308574,1810465017&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
36.103.236.35200 OK 24 kB URL HTTP/2 img2.baidu.com/it/u=903308574,1810465017&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6964bb772bd334983cd1cfae9a141163
a28b81fcc9d1c71f03e9a50454ee52ac366c1336
60ecdf3ed04bc2cd216b47acfee71a817d31a49110541662f91bda38a9028af8
GET /it/u=903308574,1810465017&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:03 GMT
content-type: image/webp
content-length: 23658
expires: Sun, 05 Feb 2023 21:46:58 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 6964bb772bd334983cd1cfae9a141163
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 21:46:58 GMT
ohc-cache-hit: zw2ct61 [1], suzix73 [4]
ohc-file-size: 23658
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3656833976,4233226354&fm=253&app=120&f=JPEG?w=1422&h=800
42.81.98.35200 OK 184 kB URL HTTP/1.1 img1.baidu.com/it/u=3656833976,4233226354&fm=253&app=120&f=JPEG?w=1422&h=800
IP 42.81.98.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2018:03:28 10:05:50], baseline, precision 8, 1422x800, components 3\012- data
Size 184 kB (183750 bytes)
Hash b7af0635768dcb45eb974e2eae7ab1a2
f98925932c0a85b78085eae297030618509cff17
0d52e764fe3f0800e4e042fc9a3588a7cc437dd290684fcec4fcd071e051f947
GET /it/u=3656833976,4233226354&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:02 GMT
Content-Type: image/jpeg
Content-Length: 183750
Connection: keep-alive
Expires: Sun, 05 Feb 2023 09:20:25 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: b7af0635768dcb45eb974e2eae7ab1a2
Age: 65449
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 09:20:25 GMT
Ohc-Cache-HIT: tj5ct51 [4], xiangyix130 [4]
Ohc-File-Size: 183750
X-Cache-Status: HIT
t15.baidu.com/it/u=2569565472,1814890522&fm=224&app=112&f=JPEG?w=375&h=500
185.10.104.124200 OK 46 kB URL HTTP/1.1 t15.baidu.com/it/u=2569565472,1814890522&fm=224&app=112&f=JPEG?w=375&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x500, components 3\012- data
Hash bd5504b4a1167ed426dac489889a6bfb
f601c76c1540da855c4fb8fc9515454db3f8d9b2
9062e615bfa1c852e0b2c061a5e52303dee4d91809cf34c2ab12a9f72b19553c
GET /it/u=2569565472,1814890522&fm=224&app=112&f=JPEG?w=375&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpeg
Content-Length: 45977
Connection: keep-alive
Expires: Wed, 01 Mar 2023 08:03:08 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: bd5504b4a1167ed426dac489889a6bfb
Age: 346775
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 30 Jan 2023 08:03:08 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache60 [1], wzix60 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 45977
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=3204667243,2709648927&fm=253&fmt=auto&app=138&f=JPEG?w=386&h=500
36.103.236.35200 OK 48 kB URL HTTP/2 img2.baidu.com/it/u=3204667243,2709648927&fm=253&fmt=auto&app=138&f=JPEG?w=386&h=500
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 386x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b8b4b2df138cf65b40022f5cdd3c9d39
075f04817d28f165793724b833964f0848c75cb4
4db9a1d3fd455f66568865fe85d17189c58bf1778d6aa436f8b389634805c42b
GET /it/u=3204667243,2709648927&fm=253&fmt=auto&app=138&f=JPEG?w=386&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:03 GMT
content-type: image/webp
content-length: 47616
expires: Tue, 07 Feb 2023 14:30:44 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: b8b4b2df138cf65b40022f5cdd3c9d39
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 14:30:44 GMT
ohc-cache-hit: zw2ct61 [1], suzix116 [4]
ohc-file-size: 47616
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=141005729,4262677742&fm=253&fmt=auto&app=138&f=JPEG?w=579&h=500
42.81.98.35200 OK 11 kB URL HTTP/2 img1.baidu.com/it/u=141005729,4262677742&fm=253&fmt=auto&app=138&f=JPEG?w=579&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 579x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2419d2f13ab2ddbea7d8e4da413c766
8e627314d4804d1761faaa44719864c4a4858a46
807ea0fa08589f5a2a587564724f7e89ac5bd3ca2e040c1b3eb2c0e18451244c
GET /it/u=141005729,4262677742&fm=253&fmt=auto&app=138&f=JPEG?w=579&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:03 GMT
content-type: image/webp
content-length: 11042
expires: Thu, 02 Mar 2023 03:05:33 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: d2419d2f13ab2ddbea7d8e4da413c766
age: 101227
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 03:05:33 GMT
ohc-cache-hit: tj5ct65 [4], xiangyix239 [2]
ohc-file-size: 11042
x-cache-status: HIT
X-Firefox-Spdy: h2
18405.url.tudown.com/uploads/images/319486.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/319486.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/319486.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1954806058,1966559403&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
img2.baidu.com/it/u=3693137685,3981295420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
36.103.236.35200 OK 58 kB URL HTTP/2 img2.baidu.com/it/u=3693137685,3981295420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x888, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b6e9bf8318519aa5a99fd46d93d930b2
074f686083f46e0d2cc48558dbcc28188b9b94f4
1c1364a334360a4e3fff4d1a3ebba0a63ed20e4aa029c1af60233c274150e943
GET /it/u=3693137685,3981295420&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=888 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:03 GMT
content-type: image/webp
content-length: 57944
expires: Sat, 11 Feb 2023 09:08:25 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: b6e9bf8318519aa5a99fd46d93d930b2
age: 194708
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 09:08:25 GMT
ohc-cache-hit: zw2ct54 [4], qdix159 [4]
ohc-file-size: 57944
x-cache-status: HIT
X-Firefox-Spdy: h2
18405.url.tudown.com/uploads/images/758775.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/758775.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/758775.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1235208397,2162167577&fm=253&app=120&f=JPEG?w=1422&h=800
18405.url.tudown.com/uploads/images/667479.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/667479.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/667479.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1858310716,3291525453&fm=224&app=112&f=JPEG?w=500&h=500&s=3CF84F96550B64FC5293BBFD0300E03D
img0.baidu.com/it/u=1275459887,53886868&fm=253&fmt=auto?w=120&h=80
42.81.98.35200 OK 2.6 kB URL HTTP/2 img0.baidu.com/it/u=1275459887,53886868&fm=253&fmt=auto?w=120&h=80
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 89fdcac08cb4929e3a0e439944548c43
50007f3ce5f649821177018db8cd2ce4e8a1b225
de1f98279ac246d420e6653f2b326c3b89da024fe3a960f0de969ff4e04307ff
GET /it/u=1275459887,53886868&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:03 GMT
content-type: image/webp
content-length: 2564
expires: Mon, 06 Mar 2023 06:54:03 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 89fdcac08cb4929e3a0e439944548c43
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 06:54:03 GMT
ohc-cache-hit: tj5ct60 [1], suzix151 [2]
ohc-file-size: 2564
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1369729800,1784312900&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=687
36.103.236.35200 OK 21 kB URL HTTP/2 img2.baidu.com/it/u=1369729800,1784312900&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=687
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x687, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f37f973ab4a002884309138ace2b6e3
1c494057f0fb4dc030cbabc9861e268581da5abe
41eb52b55d50ea350720ff25ca5493f37144a4269dff0c9f6ea20a7dab196f2a
GET /it/u=1369729800,1784312900&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=687 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:03 GMT
content-type: image/webp
content-length: 20756
expires: Sun, 19 Feb 2023 14:14:49 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 7f37f973ab4a002884309138ace2b6e3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 14:14:49 GMT
ohc-cache-hit: zw2ct58 [1], xaix101 [4]
ohc-file-size: 20756
x-cache-status: MISS
X-Firefox-Spdy: h2
18405.url.tudown.com/uploads/images/10117.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/10117.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/10117.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2529254948,2329024226&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=3370086540,2463674630&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
42.81.98.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=3370086540,2463674630&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f1db5c4b07251346ea638ca37eb00ce2
ae7bae2773cec7a20f463c49b0df5a0002a570c7
015af7d97a0aca74038ededd86054e64e75e026e274852b6bb9e1378cc8a449d
GET /it/u=3370086540,2463674630&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:03 GMT
content-type: image/webp
content-length: 20250
expires: Mon, 20 Feb 2023 06:30:40 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: f1db5c4b07251346ea638ca37eb00ce2
age: 147445
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:30:40 GMT
ohc-cache-hit: tj5ct57 [4], wzix71 [2]
ohc-file-size: 20250
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2917169226,3214617518&fm=253&fmt=auto&app=138&f=JPEG?w=401&h=500
36.103.236.35200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=2917169226,3214617518&fm=253&fmt=auto&app=138&f=JPEG?w=401&h=500
IP 36.103.236.35:0
ASN #134761 CHINANET NINGXIA province ZHONGWEI IDC network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 401x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2745717577c64cd21801437e5308224
743a20ba94f115f9c7845f5424fe8d0bbdedc6b8
e0172dd8158c7baa6b147cefb3a602628dd57b422f3be54f2530d24b29787ed9
GET /it/u=2917169226,3214617518&fm=253&fmt=auto&app=138&f=JPEG?w=401&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:03 GMT
content-type: image/webp
content-length: 12890
expires: Wed, 22 Feb 2023 03:21:40 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: f2745717577c64cd21801437e5308224
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:21:40 GMT
ohc-cache-hit: zw2ct53 [1], suzix151 [2]
ohc-file-size: 12890
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=2529254948,2329024226&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 28 kB URL HTTP/1.1 t13.baidu.com/it/u=2529254948,2329024226&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash dc29bcd0cb45d3773abb28414d1d1f72
96030c46959fecc246c3e28625b6cb760be3f3c1
1204d7c30948624642d23402dcb45fc417b3da5da4f674fc8cf7b106cce29055
GET /it/u=2529254948,2329024226&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpeg
Content-Length: 28091
Connection: keep-alive
Expires: Sat, 04 Mar 2023 05:48:46 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: dc29bcd0cb45d3773abb28414d1d1f72
Age: 176717
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 05:48:46 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache60 [4], qdix198 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 28091
X-Cache-Status: HIT
Timing-Allow-Origin: *
18405.url.tudown.com/uploads/images/687960.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/687960.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/687960.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2789714789,1778503972&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=1858310716,3291525453&fm=224&app=112&f=JPEG?w=500&h=500&s=3CF84F96550B64FC5293BBFD0300E03D
185.10.104.124200 OK 61 kB URL HTTP/1.1 t14.baidu.com/it/u=1858310716,3291525453&fm=224&app=112&f=JPEG?w=500&h=500&s=3CF84F96550B64FC5293BBFD0300E03D
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f2cc542d4c4a2cadaf089b1ee484e0c0
065953dc484593f405d76e7acabce68134ef338f
8a0c0f69576b6b657b643bd878d9b9695ef9323d360fdfebae5cf4b99888754e
GET /it/u=1858310716,3291525453&fm=224&app=112&f=JPEG?w=500&h=500&s=3CF84F96550B64FC5293BBFD0300E03D HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpeg
Content-Length: 60756
Connection: keep-alive
Expires: Tue, 14 Feb 2023 15:14:30 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: f2cc542d4c4a2cadaf089b1ee484e0c0
Age: 1571055
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 15:14:30 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache60 [1], qdix130 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 60756
X-Cache-Status: HIT
Timing-Allow-Origin: *
18405.url.tudown.com/uploads/images/963731.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/963731.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/963731.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=516044647,4226043988&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
img0.baidu.com/it/u=1954806058,1966559403&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
42.81.98.35200 OK 25 kB URL HTTP/2 img0.baidu.com/it/u=1954806058,1966559403&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9246d6e51a963c7bb76388c57cb77198
f3f9bbae612cc0eaeac71cafc421fee264716546
769800a6e17da8791bdf422785e04a4c985f55fd5f99abc37b7a618ab6766175
GET /it/u=1954806058,1966559403&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:03 GMT
content-type: image/webp
content-length: 25128
expires: Fri, 24 Feb 2023 21:54:20 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 9246d6e51a963c7bb76388c57cb77198
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 21:54:20 GMT
ohc-cache-hit: tj5ct58 [1], wzix79 [4]
ohc-file-size: 25128
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2789714789,1778503972&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 51 kB URL HTTP/1.1 t14.baidu.com/it/u=2789714789,1778503972&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4e546dcd5608f80e0d5aa74a8c6935f3
b6f953c5e5c98ff3d3c01fd0fee99289fc31ed99
f7209937139ea1c75bff1092c30cfd78de8514469b8da24feaac37f5b5392221
GET /it/u=2789714789,1778503972&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpeg
Content-Length: 51070
Connection: keep-alive
Expires: Sat, 04 Feb 2023 20:13:49 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 4e546dcd5608f80e0d5aa74a8c6935f3
Age: 2019688
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 20:13:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache58 [2], suzix58 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51070
X-Cache-Status: HIT
Timing-Allow-Origin: *
18405.url.tudown.com/uploads/images/523387.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/523387.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/523387.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3245812197,1483090058&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
18405.url.tudown.com/uploads/images/384336.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/384336.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/384336.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1567634593,1233232683&fm=224&app=112&f=JPEG?w=500&h=500
18405.url.tudown.com/uploads/images/1689.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/1689.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/1689.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2493057797,2706017235&fm=253&fmt=auto&app=138&f=JPEG?w=380&h=569
img0.baidu.com/it/u=2987617574,1591591596&fm=253&app=120&f=JPEG?w=1280&h=800
36.99.50.35200 OK 137 kB URL HTTP/1.1 img0.baidu.com/it/u=2987617574,1591591596&fm=253&app=120&f=JPEG?w=1280&h=800
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 137 kB (136732 bytes)
Hash 92a9cb7e9511d565cb3255eb7383e952
adfc998fcd322080dfd8593fb9902ade09469970
1092ffc56e7b2e9b377aee8bff084cb7992fb2e618a50d0ea961a62e4640680f
GET /it/u=2987617574,1591591596&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpeg
Content-Length: 136732
Connection: keep-alive
Expires: Fri, 24 Feb 2023 15:24:51 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 92a9cb7e9511d565cb3255eb7383e952
Age: 660380
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 15:24:51 GMT
Ohc-Cache-HIT: zz6ct57 [3], xiangyix101 [4]
Ohc-File-Size: 136732
X-Cache-Status: HIT
t13.baidu.com/it/u=1567634593,1233232683&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 46 kB URL HTTP/1.1 t13.baidu.com/it/u=1567634593,1233232683&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 92f31bfb7796d21d17e9159f9b38bdfe
71c4c44c276bdebc06bf341dfdb7a7d778c3f3cc
fec50e7ad78a06405697c1e8da58b12acc8f977d0ac88146eb004d6eff31c202
GET /it/u=1567634593,1233232683&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:04 GMT
Content-Type: image/jpeg
Content-Length: 45909
Connection: keep-alive
Expires: Mon, 06 Feb 2023 18:45:56 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 92f31bfb7796d21d17e9159f9b38bdfe
Age: 2020581
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 18:45:56 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache58 [4], wzix91 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 45909
X-Cache-Status: HIT
Timing-Allow-Origin: *
18405.url.tudown.com/uploads/images/352976.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18405.url.tudown.com/uploads/images/352976.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/352976.jpg HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:54:03 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3249184793,1828695843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=371
img0.baidu.com/it/u=516044647,4226043988&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
42.81.98.35200 OK 4.3 kB URL HTTP/2 img0.baidu.com/it/u=516044647,4226043988&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f285c0d4ce402611a38727def47a3539
b45cfae7e8c79b4155e5eeccc98e85d1b028b67f
e5d8284a2f7a48b350fe58d3602754d0347e4ae768ffc97c5c29d629802be76b
GET /it/u=516044647,4226043988&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:04 GMT
content-type: image/webp
content-length: 4324
expires: Sun, 26 Feb 2023 11:32:38 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: f285c0d4ce402611a38727def47a3539
age: 140894
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 11:32:38 GMT
ohc-cache-hit: tj5ct52 [4], wzix98 [2]
ohc-file-size: 4324
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3245812197,1483090058&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
42.81.98.35200 OK 40 kB URL HTTP/2 img0.baidu.com/it/u=3245812197,1483090058&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1de3269cb83c2b0f448e071e81b2165b
40c836944778dfbcecaf63673b1af5f38f5a39f7
fcc28128bb1933d84f0344c0a041d726cd5c6473be950f218cac4da963180703
GET /it/u=3245812197,1483090058&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:04 GMT
content-type: image/webp
content-length: 40232
expires: Sat, 11 Feb 2023 12:07:48 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 1de3269cb83c2b0f448e071e81b2165b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 12:07:48 GMT
ohc-cache-hit: tj5ct61 [1], xaix154 [2]
ohc-file-size: 40232
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2493057797,2706017235&fm=253&fmt=auto&app=138&f=JPEG?w=380&h=569
42.81.98.35200 OK 24 kB URL HTTP/2 img0.baidu.com/it/u=2493057797,2706017235&fm=253&fmt=auto&app=138&f=JPEG?w=380&h=569
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x569, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd95dacae9d53da9a739153046106d07
2aafb77843f256fe54a9ed5f73dc1e67bdf068db
49ce3ede430eadc55c29a2d89ea0a750dbe607e3f35b07627e5af015a39fd53d
GET /it/u=2493057797,2706017235&fm=253&fmt=auto&app=138&f=JPEG?w=380&h=569 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:04 GMT
content-type: image/webp
content-length: 24330
expires: Thu, 16 Feb 2023 02:11:37 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: cd95dacae9d53da9a739153046106d07
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 17 Jan 2023 02:11:37 GMT
ohc-cache-hit: tj5ct66 [1], csix89 [2]
ohc-file-size: 24330
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3249184793,1828695843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=371
42.81.98.35200 OK 22 kB URL HTTP/2 img0.baidu.com/it/u=3249184793,1828695843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=371
IP 42.81.98.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x371, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 991ffa9fa8b9db960cac7ae99c03ecea
af2f9672edb866d14824c5b4ad82f5abd37dfee8
e73f6244718fdab00a8ac940ab4447d7e48aad51d3571969ba30ae1fb533da39
GET /it/u=3249184793,1828695843&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=371 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18405.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:54:04 GMT
content-type: image/webp
content-length: 22208
expires: Wed, 22 Feb 2023 02:47:41 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 991ffa9fa8b9db960cac7ae99c03ecea
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:47:41 GMT
ohc-cache-hit: tj5ct56 [1], czix234 [4]
ohc-file-size: 22208
x-cache-status: MISS
X-Firefox-Spdy: h2
18405.url.tudown.com/template/company/moban/images/footer_line.png
154.218.151.71200 OK 9.2 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/images/footer_line.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1378)
Hash 0491ae7cd8e5328c28168e256e0b95fd
0c45d917229d84551bd71933cf856ae69469bdb6
2867ddbd12ff4d9486572a1c0b3c68691fa4a43eca4c59ab0afa51fe19d8475b
GET /template/company/moban/images/footer_line.png HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/template/company/moban/index_files/common20200314.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33; Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675493675; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675493675
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:04 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
18405.url.tudown.com/template/company/moban/index_files/favicon.ico
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 18405.url.tudown.com/template/company/moban/index_files/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 82255b6cc962e6ae6e19b381abacce63
89a73ff1e607fd4dfb5a4fc3d6e1d0d1ec4a2e8e
d7358a12adcb1b04c97af316d799cb4f4d807fe2901e8e162b5d101d4ac9d2d3
GET /template/company/moban/index_files/favicon.ico HTTP/1.1
Host: 18405.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18405.url.tudown.com/xiaz/autocad2014@34_134313.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675480776,1675489429; __bid_n=1861a7ac1116a4ffe44207; FPTOKEN=RhMjXL9a2tIj0sFzUzpmH3WTcQPsoetcooUahZ1J10sD2cqE4bSeyw+Y98q5ZtnzRsY6p+NWmpDwFABE9nFYT8I57/vseKEZDnONkax/XC+gSeCe3JfU8Y8Uo/koxnpBeTWXuw5TFLjbhnkwFxl7vhpZhDhDQvesyFl+cmiQTK81+1rXbzTU2809yXJ7gvxGNObnP/BlEfb68GB5b/qjiEc/w/kz16LSMMU8JxJBdiMLgYVeMiCwc3oGc3yG1/vyPHWfuubS6W6Djx4ueryrPsG+GNCqAJPEfu4imMQbs9dj72yo7EAn+pxVyRD/vzwtKa8yDp1c6gThFvGMQC0QWtawDhkz6OQOgugepln0QA3yYzR/FDwt+vrnjrqs31CyF/k3QGIFMAZwDNVBZDO3jQ==|ABrTKgxwFyOkRRtikZqgLPW9q42pmztxxkrT1u5UJ9I=|10|5ce6c0c829141106d500a6d07ff1ec33; Hm_lvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675493675; Hm_lpvt_54b2b3c6299a2d96d5b7b5615a1c83ed=1675493675
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:54:04 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Mon, 31 Oct 2022 09:44:24 GMT
Connection: keep-alive
ETag: "635f98f8-47e"
Accept-Ranges: bytes
img0.baidu.com/it/u=1235208397,2162167577&fm=253&app=120&f=JPEG?w=1422&h=800
36.99.50.35200 OK 157 kB URL HTTP/1.1 img0.baidu.com/it/u=1235208397,2162167577&fm=253&app=120&f=JPEG?w=1422&h=800
IP 36.99.50.35:0
ASN #137687 Luoyang, Henan Province, P.R.China.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 157 kB (157355 bytes)
Hash c9142acbcb00b457f16049240dae803b
13365d2f3bcaa5d4c653fa2ec83d488c01ae23b4
df1b32474f91951823db11c437a986e35a7e72eef4b8fc2ee95af8e8d87aa112
GET /it/u=1235208397,2162167577&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18405.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:54:04 GMT
Content-Type: image/jpeg
Content-Length: 157355
Connection: keep-alive
Expires: Tue, 28 Feb 2023 03:58:50 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: c9142acbcb00b457f16049240dae803b
Age: 353053
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 03:58:50 GMT
Ohc-Cache-HIT: zz6ct61 [4], xiangyix239 [4]
Ohc-File-Size: 157355
X-Cache-Status: HIT