r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5604
Expires: Sat, 04 Feb 2023 07:36:19 GMT
Date: Sat, 04 Feb 2023 06:02:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13432
Expires: Sat, 04 Feb 2023 09:46:47 GMT
Date: Sat, 04 Feb 2023 06:02:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 05:43:35 GMT
content-type: application/json
age: 1161
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4059
Expires: Sat, 04 Feb 2023 07:10:35 GMT
Date: Sat, 04 Feb 2023 06:02:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PXMi4+yBvKCYSBaAsMrakRvkxrwJ8gxdRtJf3zx0R3r7/GW7I/e/YQcYvGqSSyGXNLDr0bJ2jYY=
x-amz-request-id: 51W20BGX53AEX19C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 05:52:43 GMT
age: 613
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:02:56 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 05:07:19 GMT
age: 3337
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18427
Expires: Sat, 04 Feb 2023 11:10:03 GMT
Date: Sat, 04 Feb 2023 06:02:56 GMT
Connection: keep-alive
20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
154.218.151.71200 OK 6.3 kB URL HTTP/1.1 20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (305), with CRLF, LF line terminators
Hash 63a2442736a11d640cc5f6eab7b736e4
0541f786612240e177c977f437af63a6008d1a24
8213ec4a6d622208f72ad470fa130d69fe701a6ccc59ad52cb96832ccacf6902
Analyzer Verdict Alert fortinet Malware
GET /xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.149.13.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.13.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KCxUtiZwEtC979x9+CbU/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rQvZwlSdz2Wk1Icsq6tMJcRW3KU=
20745.url.tudown.com/template/company/42xz/css/common.css
154.218.151.71200 OK 1.9 kB URL HTTP/1.1 20745.url.tudown.com/template/company/42xz/css/common.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5
GET /template/company/42xz/css/common.css HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Sat, 04 Feb 2023 18:02:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
20745.url.tudown.com/template/company/42xz/css/soft.css
154.218.151.71200 OK 6.6 kB URL HTTP/1.1 20745.url.tudown.com/template/company/42xz/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356
GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Sat, 04 Feb 2023 18:02:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
20745.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 20745.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
20745.url.tudown.com/template/company/42xz/js/soft.js
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 20745.url.tudown.com/template/company/42xz/js/soft.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d
GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Sat, 04 Feb 2023 18:02:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
20745.url.tudown.com/uploads/images/521375.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/521375.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/521375.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1622997378,904526249&fm=253&fmt=auto&app=138&f=GIF?w=240&h=320
20745.url.tudown.com/template/company/42xz/images/tab_line.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 20745.url.tudown.com/template/company/42xz/images/tab_line.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 190 x 7\012- data
Hash 4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06
GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/template/company/42xz/css/soft.css
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes
20745.url.tudown.com/uploads/images/199840.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/199840.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/199840.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2621949072,3390893004&fm=224&app=112&f=JPEG?w=500&h=500&s=9BB967877CF3CBE970A1816E0300F07B
20745.url.tudown.com/uploads/images/437625.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/437625.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/437625.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2078352950,1234178466&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fc91044ea257e54846f8dd907b48d29e
6d2231e05dabe5ee55f8dbf8687d7b7a92c25d64
8e77e1a87ab035ed1affd01159d1c899e46d7c247d0bc085dd57d1b1c6fed830
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E77E1A87AB035ED1AFFD01159D1C899E46D7C247D0BC085DD57D1B1C6FED830"
Last-Modified: Thu, 02 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5170
Expires: Sat, 04 Feb 2023 07:29:07 GMT
Date: Sat, 04 Feb 2023 06:02:57 GMT
Connection: keep-alive
20745.url.tudown.com/uploads/images/logo.png?n=46cknzf5tts3raxfv2pojoe24wp3t2fovxslrlpfx6bq&w=250
154.218.151.71200 OK 3.8 kB URL HTTP/1.1 20745.url.tudown.com/uploads/images/logo.png?n=46cknzf5tts3raxfv2pojoe24wp3t2fovxslrlpfx6bq&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash e2959f04b79b9535decc73aced1efdce
429ff86efe03aee501bc99d6e9d4a9a945994737
dadb9cd0f8267aa17720c8971b9ab3c7b08f81410134f7fa37480345cfee7294
GET /uploads/images/logo.png?n=46cknzf5tts3raxfv2pojoe24wp3t2fovxslrlpfx6bq&w=250 HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
20745.url.tudown.com/uploads/images/619597.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/619597.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/619597.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2115249626,2832831544&fm=224&app=112&f=JPEG?w=400&h=400
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash c45b5d23d78c603a4f679957cc907c55
c0c6131e462224b19bf52c269ffda26be7dcc3ce
7acbb574f2c3ce64da98b8bf9e8af19ba063535e4cbf9fadaf803c34381178dd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:09:39 GMT
ETag: "c0c6131e462224b19bf52c269ffda26be7dcc3ce"
Last-Modified: Sat, 04 Feb 2023 04:09:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3080
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79413350bfb8b50f-OSL
20745.url.tudown.com/uploads/images/583846.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/583846.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/583846.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2144345989,2246226505&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
20745.url.tudown.com/uploads/images/801981.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/801981.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/801981.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3861871061,88107011&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
20745.url.tudown.com/uploads/images/432993.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/432993.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/432993.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1989076129,3183703155&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=500
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3438
Expires: Sat, 04 Feb 2023 07:00:16 GMT
Date: Sat, 04 Feb 2023 06:02:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3438
Expires: Sat, 04 Feb 2023 07:00:16 GMT
Date: Sat, 04 Feb 2023 06:02:58 GMT
Connection: keep-alive
20745.url.tudown.com/template/company/42xz/js/jquery.js
154.218.151.71200 OK 46 kB URL HTTP/1.1 20745.url.tudown.com/template/company/42xz/js/jquery.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash 49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be
GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Sat, 04 Feb 2023 18:02:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 28952
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 28357
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 28634
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ThTL_OlFd4yMELCmSzH4ziqxa8gdYgAAbxLY9VZPVaIldOUkvFVF_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:12:43 GMT
age: 28215
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 28459
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:47:06 GMT
age: 29752
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
20745.url.tudown.com/uploads/images/194660.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/194660.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/194660.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1105362924,3628585228&fm=253&app=120&f=JPEG?w=640&h=1136
20745.url.tudown.com/uploads/images/267315.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/267315.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/267315.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1263162721,3231632107&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=559
20745.url.tudown.com/uploads/images/256871.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/256871.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/256871.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3295580319,3678632216&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=569
20745.url.tudown.com/uploads/images/209945.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/209945.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/209945.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500
20745.url.tudown.com/uploads/images/199392.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/199392.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/199392.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4075938840,420804611&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=772
20745.url.tudown.com/uploads/images/149447.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/149447.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/149447.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2317030829,1276939570&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 06:02:58 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 06:02:58 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=F194CBF9EC8B8F23A7498A716CDF3E2A:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 06:02:58 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
20745.url.tudown.com/uploads/images/512892.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/512892.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/512892.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2204042064,2132699369&fm=224&app=112&f=JPEG?w=500&h=500
20745.url.tudown.com/uploads/images/942332.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/942332.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/942332.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2122911012,3345885642&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=719
20745.url.tudown.com/uploads/images/139510.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/139510.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/139510.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=147082219,752378818&fm=224&app=112&f=JPEG?w=398&h=500
20745.url.tudown.com/uploads/images/667738.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/667738.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/667738.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=80411744,899831565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
20745.url.tudown.com/uploads/images/803981.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/803981.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/803981.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2531697070,1475200272&fm=253&fmt=auto&app=138&f=JPEG?w=240&h=360
20745.url.tudown.com/uploads/images/296326.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/296326.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/296326.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
20745.url.tudown.com/uploads/images/366373.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/366373.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/366373.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3282217110,2937448311&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
20745.url.tudown.com/uploads/images/547365.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/547365.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/547365.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3695906001,2660949226&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=200
20745.url.tudown.com/uploads/images/655684.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/655684.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/655684.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960
api.share.baidu.com/s.gif?l=http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 06:02:59 GMT
20745.url.tudown.com/uploads/images/965086.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/965086.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/965086.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=236493224,1828024268&fm=253&app=120&f=JPEG?w=1422&h=800
20745.url.tudown.com/uploads/images/304112.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/304112.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/304112.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=350978266,2939093321&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash d10c1fbc90bbb34a03988ae6ea09b57e
201e15e6ae2093c7e7b21b4bcdf1ee5bb9c4d699
2dcaa0ab9468f4d685f6635298395c63c8302ad919b5b351066fab88a9498910
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20745.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 06:02:58 GMT
Etag: 8b05dc993febe580a7c6a281b8551378
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3C377CEF6555380D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
20745.url.tudown.com/uploads/images/833907.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/833907.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/833907.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800
img2.baidu.com/it/u=2122911012,3345885642&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=719
125.74.110.35200 OK 20 kB URL HTTP/1.1 img2.baidu.com/it/u=2122911012,3345885642&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=719
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x719, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6a0ec76d4efded3a00ec380067354b06
6193f317a05b7b913e12a6a0f32feeff65debb95
8a817b994efa8e8d15628fbb6153981de137b2753e8dc7170cdba6f55b0644f5
GET /it/u=2122911012,3345885642&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=719 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/webp
Content-Length: 19902
Connection: keep-alive
Expires: Sat, 04 Mar 2023 06:37:23 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 6a0ec76d4efded3a00ec380067354b06
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 06:37:23 GMT
Ohc-Cache-HIT: lz6ct54 [1], xiangyix112 [2]
Ohc-File-Size: 19902
X-Cache-Status: MISS
img0.baidu.com/it/u=1263162721,3231632107&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=559
150.138.188.35200 OK 27 kB URL HTTP/2 img0.baidu.com/it/u=1263162721,3231632107&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=559
IP 150.138.188.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x559, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55ce4345d913ad66b433ffb7b585be4e
91d29b08465b0c8efe2e94df6e61bb3156e597a8
2c7ffffc7806ba4a07d42efe03c7673d23033b356dbbba43ea88556bf863ee5c
GET /it/u=1263162721,3231632107&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=559 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 26796
expires: Tue, 21 Feb 2023 05:19:31 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 55ce4345d913ad66b433ffb7b585be4e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:19:31 GMT
ohc-cache-hit: qd5ct52 [1], czix108 [4]
ohc-file-size: 26796
x-cache-status: MISS
X-Firefox-Spdy: h2
20745.url.tudown.com/template/company/42xz/images/dian1.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 20745.url.tudown.com/template/company/42xz/images/dian1.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685
GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/template/company/42xz/css/soft.css
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes
20745.url.tudown.com/template/company/42xz/images/dian2.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 20745.url.tudown.com/template/company/42xz/images/dian2.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash 3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1
GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/template/company/42xz/css/soft.css
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes
20745.url.tudown.com/uploads/images/867569.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/867569.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/867569.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3621934748,494421679&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710
20745.url.tudown.com/uploads/images/63752.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/63752.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/63752.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2430318761,1815862467&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
20745.url.tudown.com/uploads/images/506058.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/506058.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/506058.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1415189852,4157433511&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=4075938840,420804611&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=772
114.232.92.35200 OK 31 kB URL HTTP/2 img1.baidu.com/it/u=4075938840,420804611&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=772
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x772, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 80263018bb19917773cbfe23c00e9b8e
8727f71dcf16b6daebd91bb898de704bdcdf8979
d93c43bbffb6ea21630a7cccd047dd241f30de87077d0c0d7f165d0e5bf11e19
GET /it/u=4075938840,420804611&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=772 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 31404
expires: Mon, 06 Feb 2023 03:18:21 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 80263018bb19917773cbfe23c00e9b8e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 03:18:21 GMT
ohc-cache-hit: nt2ct82 [1], xiangyix82 [2]
ohc-file-size: 31404
x-cache-status: MISS
X-Firefox-Spdy: h2
20745.url.tudown.com/uploads/images/520646.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/520646.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/520646.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 2d1a15af936b883451dbf3d75568f863
fc4961b5f0041dc198464c6dda01183cb07ef0ae
b85ef4c0fe7a48d851368152ecd1cf3f17611ed52c2a11936e5d3ae01d932e9d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:50:17 GMT
ETag: "fc4961b5f0041dc198464c6dda01183cb07ef0ae"
Last-Modified: Sat, 04 Feb 2023 04:50:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1461
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941335b4b68b529-OSL
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1116848145&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=22804&r=0&ww=1280&u=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&tt=AG%E4%BA%9A%E6%B8%B8%E5%9B%BD%E9%99%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1116848145&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=22804&r=0&ww=1280&u=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&tt=AG%E4%BA%9A%E6%B8%B8%E5%9B%BD%E9%99%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1116848145&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=22804&r=0&ww=1280&u=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&tt=AG%E4%BA%9A%E6%B8%B8%E5%9B%BD%E9%99%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20745.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 06:02:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A790C92FC4ECC814; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img0.baidu.com/it/u=1105362924,3628585228&fm=253&app=120&f=JPEG?w=640&h=1136
150.138.188.35200 OK 127 kB URL HTTP/1.1 img0.baidu.com/it/u=1105362924,3628585228&fm=253&app=120&f=JPEG?w=640&h=1136
IP 150.138.188.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x1136, components 3\012- data
Size 127 kB (127186 bytes)
Hash cf1201efd0d2ff617d065303217f47a7
a19123abf995229661598a64f5c773b1c382cb82
28bd2f7f876ac6e937159f67bdff2b0acf5f0753839ebc4c3a0d77ef30ccd72d
GET /it/u=1105362924,3628585228&fm=253&app=120&f=JPEG?w=640&h=1136 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpeg
Content-Length: 127186
Connection: keep-alive
Expires: Wed, 01 Mar 2023 11:45:08 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: cf1201efd0d2ff617d065303217f47a7
Age: 404098
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 30 Jan 2023 11:45:08 GMT
Ohc-Cache-HIT: qd5ct61 [4], csix61 [2]
Ohc-File-Size: 127186
X-Cache-Status: HIT
t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 25 kB URL HTTP/1.1 t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 0eec0e0237fb11b843dc4d8d177a8c89
7bc050b98ed0e2652d1398012acb8f0df8618c38
f5f9a5f0112d61f94c1746eb3611104f7a9c8bd714b351421f8b153acbbbc5ae
GET /it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 24858
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:53:31 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 0eec0e0237fb11b843dc4d8d177a8c89
Age: 2019544
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:53:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache58 [1], czix188 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24858
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 32 kB URL HTTP/1.1 t15.baidu.com/it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 16186aa6cdf72f4fb6873bdc5ea733c4
0b9a25585e3edd1254857b5146aea2d43eca03f5
a833b324afa37ab3b2a672537e8e3746e6e0b5e66a423c1239faf10fa9df545a
GET /it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 31998
Connection: keep-alive
Expires: Wed, 08 Feb 2023 02:26:48 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 16186aa6cdf72f4fb6873bdc5ea733c4
Age: 2019463
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 02:26:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache61 [4], wzix66 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31998
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=147082219,752378818&fm=224&app=112&f=JPEG?w=398&h=500
185.10.104.124200 OK 34 kB URL HTTP/1.1 t14.baidu.com/it/u=147082219,752378818&fm=224&app=112&f=JPEG?w=398&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 398x500, components 3\012- data
Hash 13d1245882490cc524276aa839ece9f8
cbfad1368fbc3a5225113130dd17d8f8d9d47a5c
a78ff0afc6640240ebc42d02fbe493940808e8d98e7d42adf9b0cc1b7c979ffa
GET /it/u=147082219,752378818&fm=224&app=112&f=JPEG?w=398&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 33771
Connection: keep-alive
Expires: Mon, 20 Feb 2023 03:16:09 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 13d1245882490cc524276aa839ece9f8
Age: 354141
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 03:16:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache55 [1], czix175 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33771
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1622997378,904526249&fm=253&fmt=auto&app=138&f=GIF?w=240&h=320
150.138.188.35200 OK 49 kB URL HTTP/2 img0.baidu.com/it/u=1622997378,904526249&fm=253&fmt=auto&app=138&f=GIF?w=240&h=320
IP 150.138.188.35:0
File type GIF image data, version 89a, 240 x 320\012- data
Hash f4b73a1c2d99a6f7950b9b25ae66f0ba
c48db87f4a019eeab5127ca72d8b08e695c71113
156acc18f79939c9819e6410513166992737d4701d6217cde59f6087320a2fd7
GET /it/u=1622997378,904526249&fm=253&fmt=auto&app=138&f=GIF?w=240&h=320 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/gif
content-length: 49362
expires: Wed, 01 Mar 2023 06:32:47 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: f4b73a1c2d99a6f7950b9b25ae66f0ba
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 30 Jan 2023 06:32:47 GMT
ohc-cache-hit: qd5ct61 [1], xiangyix214 [4]
ohc-file-size: 49362
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3695906001,2660949226&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=200
150.138.188.35200 OK 4.1 kB URL HTTP/2 img0.baidu.com/it/u=3695906001,2660949226&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=200
IP 150.138.188.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 10cc9dd6f4a4909e597e884b9fa23180
7236a5372cb5ce359705efb9ec9e46b3228e4046
5aef347b6e92e652999439d3346b2d4d6bb41b5d07f1cf2e2340ea40d2d8b186
GET /it/u=3695906001,2660949226&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 4142
expires: Tue, 21 Feb 2023 16:42:03 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 10cc9dd6f4a4909e597e884b9fa23180
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 16:42:03 GMT
ohc-cache-hit: qd5ct59 [1], suzix232 [4]
ohc-file-size: 4142
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3295580319,3678632216&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=569
114.232.92.35200 OK 21 kB URL HTTP/1.1 img1.baidu.com/it/u=3295580319,3678632216&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=569
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x569, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5aec69a447cffb5ec08abb2f7b82e5a0
0251de71f2fadff3a067bdc8e37658d826451629
8c3ed56baa2e6c1acd571c1d6da253b0e717a9958215d2d1ef596e8c4670fd56
GET /it/u=3295580319,3678632216&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=569 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/webp
Content-Length: 21410
Connection: keep-alive
Expires: Tue, 21 Feb 2023 04:43:18 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 5aec69a447cffb5ec08abb2f7b82e5a0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 04:43:18 GMT
Ohc-Cache-HIT: nt2ct61 [1], suzix129 [4]
Ohc-File-Size: 21410
X-Cache-Status: MISS
20745.url.tudown.com/uploads/images/927450.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/927450.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/927450.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3449645749,296685161&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
t15.baidu.com/it/u=2115249626,2832831544&fm=224&app=112&f=JPEG?w=400&h=400
185.10.104.124200 OK 34 kB URL HTTP/1.1 t15.baidu.com/it/u=2115249626,2832831544&fm=224&app=112&f=JPEG?w=400&h=400
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash e63a44ae3d22293bc72542d7f0b6bc77
6f4dd7a820dc197e8c6c584eaff115f98a231f61
24adc051eaabfda34e166e1f079f8078efea67701f6f2e99bf426bfa34785f16
GET /it/u=2115249626,2832831544&fm=224&app=112&f=JPEG?w=400&h=400 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 34133
Connection: keep-alive
Expires: Tue, 28 Feb 2023 16:44:24 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e63a44ae3d22293bc72542d7f0b6bc77
Age: 370423
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 16:44:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache54 [1], bdix222 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 34133
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=1989076129,3183703155&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=500
125.74.110.35200 OK 13 kB URL HTTP/2 img2.baidu.com/it/u=1989076129,3183703155&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=500
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 479x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 77454d10905e890bc62081ebcec84ce4
c6d444c39e3e57c53c47cd8a7fc28aa638deae2d
342171749243fc488986108c76482c75faf9eae01451707c754b75353a963e8e
GET /it/u=1989076129,3183703155&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 13316
expires: Wed, 15 Feb 2023 02:22:05 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 77454d10905e890bc62081ebcec84ce4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 02:22:05 GMT
ohc-cache-hit: lz6ct61 [1], suzix229 [2]
ohc-file-size: 13316
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2144345989,2246226505&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
125.74.110.35200 OK 15 kB URL HTTP/2 img2.baidu.com/it/u=2144345989,2246226505&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 018fb0cdf34e42324752f6e3495f8221
9d0b99cc6ee2dfaf462913a24b2a86c1942815d2
289f3e3e12df570e087f6ecb3f92dea6cc09bb82d2cafe168513da0ea260b04a
GET /it/u=2144345989,2246226505&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 15164
expires: Sun, 19 Feb 2023 07:08:34 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 018fb0cdf34e42324752f6e3495f8221
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 07:08:34 GMT
ohc-cache-hit: lz6ct50 [1], bdix115 [2]
ohc-file-size: 15164
x-cache-status: MISS
X-Firefox-Spdy: h2
20745.url.tudown.com/uploads/images/162428.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/162428.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/162428.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3650368425,436190755&fm=253&fmt=auto?w=1280&h=800
img0.baidu.com/it/u=350978266,2939093321&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
150.138.188.35200 OK 47 kB URL HTTP/2 img0.baidu.com/it/u=350978266,2939093321&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 150.138.188.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f0117d1721a72016eb483e04684f482
b766c45e64f585a0f4aeffeb49c94d126512ac12
7cfa3f07aac7c74f2d1c3dc191349395eee20f5927769764a760502980760c18
GET /it/u=350978266,2939093321&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 46888
expires: Sat, 04 Feb 2023 19:11:05 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 5f0117d1721a72016eb483e04684f482
age: 57307
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 19:11:05 GMT
ohc-cache-hit: qd5ct70 [4], bdix185 [4]
ohc-file-size: 46888
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2430318761,1815862467&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
125.74.110.35200 OK 20 kB URL HTTP/1.1 img2.baidu.com/it/u=2430318761,1815862467&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7244a89e7c0f72ad8a750d97a4a37aa7
cd4f515858557364ad3735e8e8249ed42477fc3c
8a2c5f2102accca83a5c66decc88351bcb31f648cf3b7c23518d5db92f1f3e7d
GET /it/u=2430318761,1815862467&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/webp
Content-Length: 20426
Connection: keep-alive
Expires: Sun, 19 Feb 2023 07:01:00 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 7244a89e7c0f72ad8a750d97a4a37aa7
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 20 Jan 2023 07:01:00 GMT
Ohc-Cache-HIT: lz6ct59 [1], csix88 [4]
Ohc-File-Size: 20426
X-Cache-Status: MISS
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
101.198.192.8200 OK 117 B URL HTTP/1.1 js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP 101.198.192.8:0
ASN #55992 Beijing Qihu Technology Company Limited
File type HTML document, ASCII text, with no line terminators
Hash 807bb08bf1c51aaff763edb0f02719ef
6e089da63e5751494b32d77031df30ec3c8be067
7eb411ad7be2e6af85645f2a2b6401bf6085fe4e0436d004f33710bb84a7be4e
GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Sat, 04 Feb 2023 06:12:59 GMT
KCS-Via: REVALIDATED from w-fc02.hkht;REVALIDATED from w-sc01.hkht
Content-Encoding: gzip
20745.url.tudown.com/uploads/images/984153.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/984153.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/984153.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=328378750,941456446&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500
20745.url.tudown.com/uploads/images/320847.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/320847.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/320847.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500
t13.baidu.com/it/u=2204042064,2132699369&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 48 kB URL HTTP/1.1 t13.baidu.com/it/u=2204042064,2132699369&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5faefc48d26e696ac8fb5ef0a8d33883
5eb038ae81cb20ad759a7049981a60fc0344c7cc
49398eaa5049a16e1763516883b94213566330675b3e2cc90f40db76ff5c512b
GET /it/u=2204042064,2132699369&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 48326
Connection: keep-alive
Expires: Sat, 04 Feb 2023 18:12:25 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 5faefc48d26e696ac8fb5ef0a8d33883
Age: 2019420
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 18:12:25 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache65 [4], xaix186 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 48326
X-Cache-Status: HIT
Timing-Allow-Origin: *
20745.url.tudown.com/uploads/images/120795.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/120795.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/120795.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1495232795,4227167524&fm=224&app=112&f=JPEG?w=500&h=500
20745.url.tudown.com/uploads/images/855408.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/855408.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/855408.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1858725663,2465798137&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img0.baidu.com/it/u=3621934748,494421679&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710
150.138.188.35200 OK 47 kB URL HTTP/2 img0.baidu.com/it/u=3621934748,494421679&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710
IP 150.138.188.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x710, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08a89b6956bc3c50ba38864063e99fd0
f0bc9e8dcbecad6c3c08be951cfe5e16c2ed1789
212b85c31a44e491cab2803fba78f930b9ff8a5bebcbed93805e618b30562d30
GET /it/u=3621934748,494421679&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 47056
expires: Wed, 01 Mar 2023 04:23:48 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 08a89b6956bc3c50ba38864063e99fd0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 30 Jan 2023 04:23:48 GMT
ohc-cache-hit: qd5ct73 [1], wzix98 [4]
ohc-file-size: 47056
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=236493224,1828024268&fm=253&app=120&f=JPEG?w=1422&h=800
150.138.188.35200 OK 187 kB URL HTTP/1.1 img0.baidu.com/it/u=236493224,1828024268&fm=253&app=120&f=JPEG?w=1422&h=800
IP 150.138.188.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 187 kB (187428 bytes)
Hash 7b4fbe3d25ba7c7dd072b948d48e9b56
00d5571ac61f08c4ac907429329df6ace285020e
af40ab7418182e9a3f3a3bffe9942fc621606dc36a57f0d0444a587c9ed1c80b
GET /it/u=236493224,1828024268&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 187428
Connection: keep-alive
Expires: Wed, 15 Feb 2023 07:30:05 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 7b4fbe3d25ba7c7dd072b948d48e9b56
Age: 65965
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 07:30:05 GMT
Ohc-Cache-HIT: qd5ct55 [4], qdix55 [2]
Ohc-File-Size: 187428
X-Cache-Status: HIT
t14.baidu.com/it/u=1495232795,4227167524&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 67 kB URL HTTP/1.1 t14.baidu.com/it/u=1495232795,4227167524&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5ac07f4795755f8526c53cdeceff48dd
84999fe537c7a8ea25a674dff3bda0b5dfb5fa2f
e40d404d8eba710e14bc40860c8f0b01b892c555604990cad51a3ae7b3125871
GET /it/u=1495232795,4227167524&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpeg
Content-Length: 67146
Connection: keep-alive
Expires: Tue, 28 Feb 2023 03:19:08 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 5ac07f4795755f8526c53cdeceff48dd
Age: 528232
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 03:19:08 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache83 [4], xaix240 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 67146
X-Cache-Status: HIT
img2.baidu.com/it/u=2531697070,1475200272&fm=253&fmt=auto&app=138&f=JPEG?w=240&h=360
125.74.110.35200 OK 25 kB URL HTTP/2 img2.baidu.com/it/u=2531697070,1475200272&fm=253&fmt=auto&app=138&f=JPEG?w=240&h=360
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a74bacb723cc771473ddfb2c2007d020
8f4adc8fe90acd6c2724319a053b78652cf9d495
f02c5bdf3c7b702e04b0c1c12225c583a644636e72d4d032c574bf843504f339
GET /it/u=2531697070,1475200272&fm=253&fmt=auto&app=138&f=JPEG?w=240&h=360 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 25418
expires: Thu, 02 Mar 2023 03:58:31 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: a74bacb723cc771473ddfb2c2007d020
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 03:58:31 GMT
ohc-cache-hit: lz6ct58 [1], xiangyix82 [4]
ohc-file-size: 25418
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
125.74.110.35200 OK 14 kB URL HTTP/2 img2.baidu.com/it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 67ca8d5ab5e8c02e34039b72cd314889
6bba92845a4f0f2ed7bf559d747214ddf7fed05f
2f22629304f76aa73d8c6e6f5197ca80150afb9f94c56d4515c7c478885eb6ee
GET /it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 13700
expires: Sun, 26 Feb 2023 05:04:25 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 67ca8d5ab5e8c02e34039b72cd314889
age: 12943
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 05:04:25 GMT
ohc-cache-hit: lz6ct61 [4], xaix92 [4]
ohc-file-size: 13700
x-cache-status: HIT
X-Firefox-Spdy: h2
t13.baidu.com/it/u=2621949072,3390893004&fm=224&app=112&f=JPEG?w=500&h=500&s=9BB967877CF3CBE970A1816E0300F07B
185.10.104.124200 OK 60 kB URL HTTP/1.1 t13.baidu.com/it/u=2621949072,3390893004&fm=224&app=112&f=JPEG?w=500&h=500&s=9BB967877CF3CBE970A1816E0300F07B
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 91d4ed5de9c3e8506a3be366383c4caf
4ac93a501096de8cb5d5fd044a9fc40047a298f1
df97d4bad14136b735a63c88e6dafac7af269bc590660fd0ff0aa42935e36c74
GET /it/u=2621949072,3390893004&fm=224&app=112&f=JPEG?w=500&h=500&s=9BB967877CF3CBE970A1816E0300F07B HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpeg
Content-Length: 60395
Connection: keep-alive
Expires: Sat, 04 Mar 2023 15:12:56 GMT
Last-Modified: Mon, 19 Jan 1970 00:00:00 GMT
ETag: 91d4ed5de9c3e8506a3be366383c4caf
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 15:12:55 GMT
Ohc-Upstream-Trace: 58.216.2.239; 58.20.204.57
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache57 [4], czix239 [2]
Ohc-Response-Time: 1 0 0 0 317 318
Ohc-File-Size: 60395
X-Cache-Status: MISS
Timing-Allow-Origin: *
img1.baidu.com/it/u=2317030829,1276939570&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
114.232.92.35200 OK 88 kB URL HTTP/2 img1.baidu.com/it/u=2317030829,1276939570&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa341346649e341b60889c79b60f4b81
c9094081101333506b0d77a648ddc287d76cad49
f4eaf126bd4f2b456718d4e2d2b92c7d1348ab6b2b6de4c6904d64e8f3623c3f
GET /it/u=2317030829,1276939570&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 88228
expires: Fri, 10 Feb 2023 14:38:38 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: fa341346649e341b60889c79b60f4b81
age: 344736
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 14:38:38 GMT
ohc-cache-hit: nt2ct65 [4], wzix65 [2]
ohc-file-size: 88228
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=80411744,899831565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
114.232.92.35200 OK 16 kB URL HTTP/2 img1.baidu.com/it/u=80411744,899831565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f49c93c11ee64b3a28ba5a9e65f50bf
1116f66d6122ee56749a23cb13450e86324a5b36
50f2a4ecf091a68010477d8fb15f8436a4a64a5cefb071adf83894558e0c5d14
GET /it/u=80411744,899831565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 15852
expires: Thu, 02 Mar 2023 04:43:55 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 5f49c93c11ee64b3a28ba5a9e65f50bf
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 04:43:55 GMT
ohc-cache-hit: nt2ct78 [1], xiangyix138 [4]
ohc-file-size: 15852
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3861871061,88107011&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
114.232.92.35200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=3861871061,88107011&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0f0256519936ba9506b5ebeff454bc4e
a01ed1ba612dae3c88a471d58b90944c8591079f
fe48e3680de5c398b67a1a83a3b14657e5e9b843f12173e9853f2951c7f29737
GET /it/u=3861871061,88107011&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 16806
expires: Sun, 19 Feb 2023 11:59:30 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 0f0256519936ba9506b5ebeff454bc4e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 11:59:30 GMT
ohc-cache-hit: nt2ct83 [1], qdix236 [4]
ohc-file-size: 16806
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2078352950,1234178466&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
114.232.92.35200 OK 6.8 kB URL HTTP/2 img1.baidu.com/it/u=2078352950,1234178466&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eaa5af5236d291eda619681de0491a69
d41efe8610cda18a21d048e7f385cea3558b63e0
6660b2ae43d3eb634717c453dc6ee3f2c8da83b3a05bc70338b1ff550c5fb045
GET /it/u=2078352950,1234178466&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 6812
expires: Fri, 24 Feb 2023 14:23:04 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: eaa5af5236d291eda619681de0491a69
age: 157614
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 14:23:04 GMT
ohc-cache-hit: nt2ct50 [4], wzix50 [4]
ohc-file-size: 6812
x-cache-status: HIT
X-Firefox-Spdy: h2
20745.url.tudown.com/uploads/images/536979.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/536979.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/536979.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1171421054,3626947149&fm=224&app=112&f=JPEG?w=350&h=350
img0.baidu.com/it/u=1415189852,4157433511&fm=253&app=120&f=JPEG?w=1280&h=800
150.138.188.35200 OK 87 kB URL HTTP/1.1 img0.baidu.com/it/u=1415189852,4157433511&fm=253&app=120&f=JPEG?w=1280&h=800
IP 150.138.188.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash a11aa918db5897b5c6845ceb3a572089
ac04854de4b9a35cdafb430e7feca753111eb5a9
de7e829522fdfbb4233df3f2f7afebe73cd205495a1bca0401afef80ae01f220
GET /it/u=1415189852,4157433511&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 87167
Connection: keep-alive
Expires: Tue, 14 Feb 2023 02:51:14 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: a11aa918db5897b5c6845ceb3a572089
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 02:51:14 GMT
Ohc-Cache-HIT: qd5ct63 [1], bdix242 [4]
Ohc-File-Size: 87167
X-Cache-Status: MISS
img1.baidu.com/it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960
114.232.92.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x960, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ba57ba38e43ee221765b1f1b7e064a2b
f3d9ad7e969153e6774c4f444b8475f15cee3caf
ff4eafb78398fc3fcd3795e9cd84d959b40a13a90fd4f14c3fc4082a8333bbd0
GET /it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 23124
expires: Tue, 21 Feb 2023 05:58:29 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: ba57ba38e43ee221765b1f1b7e064a2b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:58:29 GMT
ohc-cache-hit: nt2ct62 [1], qdix201 [4]
ohc-file-size: 23124
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3282217110,2937448311&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
114.232.92.35200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=3282217110,2937448311&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 59d55da2102625f10a212163e764bb02
5e1dc23569ed6bccfaa4242bf0e660522550a2e4
c857f282f67452464d639d073b0725edbc15ac599be6fbf5bbf5f2f82a8c5ec1
GET /it/u=3282217110,2937448311&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 17228
expires: Mon, 20 Feb 2023 06:24:54 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 59d55da2102625f10a212163e764bb02
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:24:54 GMT
ohc-cache-hit: nt2ct77 [1], bdix224 [2]
ohc-file-size: 17228
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=1171421054,3626947149&fm=224&app=112&f=JPEG?w=350&h=350
185.10.104.124200 OK 8.7 kB URL HTTP/1.1 t15.baidu.com/it/u=1171421054,3626947149&fm=224&app=112&f=JPEG?w=350&h=350
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 8d42860e6ad74dbc2312b0523ce3fa0b
6294f47afd12b197867fdb26ddf9732ca2fea42c
58374bc0a6b87d2b05354d7b37dcb3844c7b3173afae454d1ebc3a73af26400e
GET /it/u=1171421054,3626947149&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpeg
Content-Length: 8714
Connection: keep-alive
Expires: Sun, 05 Feb 2023 21:46:48 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 8d42860e6ad74dbc2312b0523ce3fa0b
Age: 356283
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 21:46:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache54 [1], xaix175 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 8714
X-Cache-Status: HIT
Timing-Allow-Origin: *
s6.qhres2.com/static/ab77b6ea7f3fbf79.js
54.230.111.4200 OK 478 B URL HTTP/1.1 s6.qhres2.com/static/ab77b6ea7f3fbf79.js
IP 54.230.111.4:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s6.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qdwtSaTRJM4wMfcQQw0gFPSYeCcSxet_mfWBYKVN3HVU9s7b13QvaA==
Age: 11333675
20745.url.tudown.com/uploads/images/730248.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/730248.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/730248.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=995696646,3927522449&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
img1.baidu.com/it/u=3650368425,436190755&fm=253&fmt=auto?w=1280&h=800
114.232.92.35200 OK 34 kB URL HTTP/2 img1.baidu.com/it/u=3650368425,436190755&fm=253&fmt=auto?w=1280&h=800
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44498915482fc778b72e30e01902c1a2
fcd7c8d5d3ba8eb374a40c180b20a932db53b663
ca7da00d0d4a3de309f9d6bf7fa4475ca48000238942803b4ff009c23a762fe1
GET /it/u=3650368425,436190755&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 33698
expires: Tue, 21 Feb 2023 05:42:21 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 44498915482fc778b72e30e01902c1a2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:42:21 GMT
ohc-cache-hit: nt2ct73 [1], qdix73 [2]
ohc-file-size: 33698
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500
114.232.92.35200 OK 48 kB URL HTTP/2 img1.baidu.com/it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 412x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ca65831f2e4a7d54459733e55bd88794
7f5a4b96571eefe84ca624a9d8a9f58f9f35f59c
fd7929e4f39a371c6f6e9ed22149256d036829ef24b71717bff529f26447d30c
GET /it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 48522
expires: Mon, 20 Feb 2023 07:12:07 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: ca65831f2e4a7d54459733e55bd88794
age: 160076
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 07:12:07 GMT
ohc-cache-hit: nt2ct55 [4], suzix206 [2]
ohc-file-size: 48522
x-cache-status: HIT
X-Firefox-Spdy: h2
20745.url.tudown.com/uploads/images/913091.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/913091.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/913091.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3308514828,603896565&fm=224&app=112&f=JPEG?w=500&h=500&s=02B45483C3C512FB50ACD4B803005021
20745.url.tudown.com/uploads/images/539112.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/539112.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/539112.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=30629542,1692593181&fm=253&fmt=auto&app=138&f=PNG?w=281&h=500
20745.url.tudown.com/uploads/images/482747.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 20745.url.tudown.com/uploads/images/482747.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/482747.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
t15.baidu.com/it/u=3308514828,603896565&fm=224&app=112&f=JPEG?w=500&h=500&s=02B45483C3C512FB50ACD4B803005021
185.10.104.124200 OK 41 kB URL HTTP/1.1 t15.baidu.com/it/u=3308514828,603896565&fm=224&app=112&f=JPEG?w=500&h=500&s=02B45483C3C512FB50ACD4B803005021
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 75x75, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash da0fa1156c273ea38a7a115ce6cc7e97
310706a2854d9084662939ef59402a0ac9bad71e
10a2b943fe0828e8b83b948775be25ffe08d9e8ee205f12d55dcd713db726ea5
GET /it/u=3308514828,603896565&fm=224&app=112&f=JPEG?w=500&h=500&s=02B45483C3C512FB50ACD4B803005021 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpeg
Content-Length: 41404
Connection: keep-alive
Expires: Mon, 20 Feb 2023 10:42:44 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: da0fa1156c273ea38a7a115ce6cc7e97
Age: 335271
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 10:42:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache58 [1], xiangyix167 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 41404
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800
125.74.110.35200 OK 531 kB URL HTTP/1.1 img2.baidu.com/it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800
IP 125.74.110.35:0
File type PNG image data, 1422 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 531 kB (530895 bytes)
Hash c1fc233090e97e297d8132e74568465c
5f3d473ec63255cd6f954df0b191a5613c9b1530
b23ab16be1942307bcff953265de987ff99b54d0f121483896c072dbc25991c8
GET /it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/png
Content-Length: 530895
Connection: keep-alive
Expires: Fri, 03 Mar 2023 15:30:50 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: c1fc233090e97e297d8132e74568465c
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Feb 2023 15:30:50 GMT
Ohc-Cache-HIT: lz6ct60 [2], csix70 [2]
Ohc-File-Size: 530895
X-Cache-Status: MISS
img0.baidu.com/it/u=1858725663,2465798137&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
150.138.188.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=1858725663,2465798137&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 150.138.188.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f27ae356ed30e167d5ac89c49e834c91
059bd4485162476b754844ae4e70ace5358ad7a2
770c3dd8cc3bf77f07bb95aa91880fc47aca7009f26e302b76bc86ca1ed23d2d
GET /it/u=1858725663,2465798137&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 18442
expires: Tue, 21 Feb 2023 04:20:51 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: f27ae356ed30e167d5ac89c49e834c91
age: 320861
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 04:20:51 GMT
ohc-cache-hit: qd5ct50 [4], xiangyix218 [2]
ohc-file-size: 18442
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=328378750,941456446&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500
150.138.188.35200 OK 35 kB URL HTTP/2 img0.baidu.com/it/u=328378750,941456446&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500
IP 150.138.188.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 552x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a3ad02c63e5da171b154a5070d0ea6cc
81e04758abc30e9f0c4021a01e457ef99fe4bb38
774f10c91a1f26485d2b2585f71180ab640c70db7d615d661e0db53b666749cf
GET /it/u=328378750,941456446&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 35056
expires: Sun, 19 Feb 2023 18:39:22 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: a3ad02c63e5da171b154a5070d0ea6cc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 18:39:22 GMT
ohc-cache-hit: qd5ct51 [1], czix51 [2]
ohc-file-size: 35056
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=995696646,3927522449&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
125.74.110.35200 OK 66 kB URL HTTP/2 img2.baidu.com/it/u=995696646,3927522449&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 125.74.110.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14bf527bfc1ed94fe01cc3cf10beccf4
9f1fed27dde465f4e6b68ec933770d5312b91e0b
28ac8017da0cca977ebbe72acae5ccc075f43bd0516d6f8ecd0c4cb22166b0bd
GET /it/u=995696646,3927522449&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 65624
expires: Mon, 27 Feb 2023 14:38:48 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 14bf527bfc1ed94fe01cc3cf10beccf4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 28 Jan 2023 14:38:48 GMT
ohc-cache-hit: lz6ct59 [1], xiangyix230 [4]
ohc-file-size: 65624
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3449645749,296685161&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
150.138.188.35200 OK 28 kB URL HTTP/2 img0.baidu.com/it/u=3449645749,296685161&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 150.138.188.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7e07e641efb8f4dc9f5711523182f5a5
bf9e4e88ce43a0fe8ac0bdd5e5eac7d24199564c
b358836c202bf7bad45139e18e549028e186ef110be1f1d6d17badb73c01aac8
GET /it/u=3449645749,296685161&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 28280
expires: Tue, 07 Feb 2023 16:34:03 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 7e07e641efb8f4dc9f5711523182f5a5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 16:34:03 GMT
ohc-cache-hit: qd5ct68 [1], wzix68 [4]
ohc-file-size: 28280
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=30629542,1692593181&fm=253&fmt=auto&app=138&f=PNG?w=281&h=500
150.138.188.35200 OK 89 kB URL HTTP/2 img0.baidu.com/it/u=30629542,1692593181&fm=253&fmt=auto&app=138&f=PNG?w=281&h=500
IP 150.138.188.35:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 92c6f0947bdce717762aab8e4934b898
249d1ab1f128d7ec452538fde6e874f1ccf6567f
e768a5e63487c10545a91945f1d763dfe70f61c0ecb9a2fe0addea004cca6cd8
GET /it/u=30629542,1692593181&fm=253&fmt=auto&app=138&f=PNG?w=281&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 88890
expires: Sun, 26 Feb 2023 14:32:03 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 92c6f0947bdce717762aab8e4934b898
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 14:32:03 GMT
ohc-cache-hit: qd5ct63 [1], wzix98 [4]
ohc-file-size: 88890
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
150.138.188.35200 OK 33 kB URL HTTP/2 img0.baidu.com/it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
IP 150.138.188.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x754, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2e65f3fcf42668ed17357e5f286bfc6
a5342d7a36129f9231b3d90b5984a563c3b30829
6b43bcdca7015d4ba6c8c4610acf939491d8fdd27629b62b8465bd7ee464c3dc
GET /it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 33002
expires: Sun, 26 Feb 2023 16:47:02 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: d2e65f3fcf42668ed17357e5f286bfc6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 16:47:02 GMT
ohc-cache-hit: qd5ct57 [1], xaix93 [4]
ohc-file-size: 33002
x-cache-status: MISS
X-Firefox-Spdy: h2
s.360.cn/so/zz.gif?url=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a628601209e_39a197b@970n
180.163.251.230200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a628601209e_39a197b@970n
IP 180.163.251.230:0
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a628601209e_39a197b@970n HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Fri, 27 Jul 2018 07:11:23 GMT
Connection: keep-alive
ETag: "5b5ac59b-0"
Accept-Ranges: bytes
20745.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 20745.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675490614; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675490614
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:03:01 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
180.97.251.250200 OK 0 B URL HTTP/2 s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP 180.97.251.250:0
GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20745.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Sat, 04 Feb 2023 06:03:00 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sat, 04 Feb 2023 06:03:00 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1675490580
via: cache18.l2ea120-8[75,75,200-0,M], cache30.l2ea120-8[77,0], cache8.cn2205[86,86,200-0,M], cache5.cn2205[87,0]
x-cache: MISS TCP_REFRESH_MISS dirn:-2:-2
x-swift-savetime: Sat, 04 Feb 2023 06:03:00 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb1916754905801395449e
X-Firefox-Spdy: h2