r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8492
Expires: Mon, 23 Jan 2023 11:33:08 GMT
Date: Mon, 23 Jan 2023 09:11:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13824
Expires: Mon, 23 Jan 2023 13:02:00 GMT
Date: Mon, 23 Jan 2023 09:11:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 08:42:36 GMT
content-type: application/json
age: 1740
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9354
Expires: Mon, 23 Jan 2023 11:47:30 GMT
Date: Mon, 23 Jan 2023 09:11:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dUAtYLbFRTLBso6garWHrStijvNAxMNVJAikZRPs7OIXPoyQ6GGzzBer18sDK2+bSHfTZMCYli02mjXpkogJyw==
x-amz-request-id: SVB6FQ4T9T5EVV1S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 08:47:39 GMT
age: 1437
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 09:11:36 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 08:17:30 GMT
age: 3246
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3404
Cache-Control: max-age=89514
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:11:37 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:03:31 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
154.218.151.71200 OK 17 kB URL HTTP/1.1 21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash ffae3a0dba7dbd0a3f68c942e88ccc80
a6364cc04a66deb8b6d7d79376781861804e5ccd
1af7935199f0609fe48a1aa61b880150f207f24f1c3f391e0cd50d7a95ba6bff
Analyzer Verdict Alert fortinet Malware
GET /xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.39.110.92101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.110.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hfoO66XLX6IOurPvTE3E2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t5soN4Z/uW17ZTMKWCDsLyW87u4=
21155.url.tudown.com/template/company/duote-xiazai/css/global.css
154.218.151.71200 OK 7.6 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/css/global.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (710)
Hash b2502d4c36bc519e47bce519ffb3a295
d252dd5c34dbd231f5c120d8f45ded16e0aa3f4c
10bec4c97bde3cac4a43e4d86604e1ff2c54926ec350419e404435f0616d1a1a
GET /template/company/duote-xiazai/css/global.css HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6b-935f"
Expires: Mon, 23 Jan 2023 21:11:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21155.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 21155.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
21155.url.tudown.com/template/company/duote-xiazai/css/news.css
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/css/news.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 4d5f155ee78bab18dd989f8fedda8ebc
d3e3353e7a3da786e2a1342ca13407fd432e3398
6754cc7b30008e41d53b0ebfb6b52a0c59712348880d235a77a07c3af02d9886
GET /template/company/duote-xiazai/css/news.css HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-16fd"
Expires: Mon, 23 Jan 2023 21:11:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21155.url.tudown.com/template/company/duote-xiazai/css/soft.css
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 952b2841668e8303c2ee8bc817394790
1e7d159d8d75df0112f06eedab3ecd62b7075a52
51c463da96c71adce2a234968d1e46949fa82804f680861cb6562da84239e209
GET /template/company/duote-xiazai/css/soft.css HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6e-a090"
Expires: Mon, 23 Jan 2023 21:11:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21155.url.tudown.com/template/company/duote-xiazai/css/message.css
154.218.151.71200 OK 1.6 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/css/message.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 90d699f8127fe2e7210c0f31f0b90bb0
245191b7026614b76c7234e8e82724d463d4adf1
50d4eaf1d089edb739f43068f78330d22700b47f9ea8acb14fa5606637aeaf23
GET /template/company/duote-xiazai/css/message.css HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-17a8"
Expires: Mon, 23 Jan 2023 21:11:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0ad6fd6b20514f73fe8a2db532cba85b
9e8585d2934da70f4222173ad2ff0ca57dc7870a
694c69ff0739897af014efa4c2ccb569d8a826c8cc26cf7e2f8dfea53946ff68
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 23 Jan 2023 09:11:37 GMT
Last-Modified: Mon, 23 Jan 2023 07:12:34 GMT
ETag: "63ce3362-1d7"
Expires: Wed, 25 Jan 2023 07:12:34 GMT
Cache-Control: max-age=165657
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674465097
Via: cache15.l2de2[4,4,200-0,M], cache15.l2de2[6,0], cache7.se1[41,40,200-0,M], cache7.se1[42,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 09:11:37 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16744650977806551e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 0ad6fd6b20514f73fe8a2db532cba85b
9e8585d2934da70f4222173ad2ff0ca57dc7870a
694c69ff0739897af014efa4c2ccb569d8a826c8cc26cf7e2f8dfea53946ff68
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 23 Jan 2023 09:11:37 GMT
Last-Modified: Mon, 23 Jan 2023 07:12:34 GMT
ETag: "63ce3362-1d7"
Expires: Wed, 25 Jan 2023 07:12:34 GMT
Cache-Control: max-age=165657
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674465097
Via: cache5.l2de2[4,3,200-0,M], cache5.l2de2[5,0], cache5.se1[25,24,200-0,M], cache5.se1[27,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 09:11:37 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916744650977966122e
21155.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
154.218.151.71200 OK 353 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 6fc35ccb15b461bc6b549a85ea398894
21581ad4fc3db4acc99bb2fb4ed2fde1dfa50049
8d88f6d1d76a2cf300e9378742dc29f48060c9747cfdeb6b05050cf25cc5ebfb
GET /template/company/duote-xiazai/css/scrollbar.css HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: text/css
Content-Length: 353
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Connection: keep-alive
ETag: "63676e6e-161"
Expires: Mon, 23 Jan 2023 21:11:37 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
21155.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
154.218.151.71404 Not Found 146 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/company/duote-xiazai/css/scrollStyle.css HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
21155.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
154.218.151.71200 OK 37 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d4e282e0e1e69d378568eac0d45bfd24
8b62528373788e473676aa025a72aae45ec17d01
b5bbdf5ae69bfc2b39919ac018f41b27efac22f98ab92848db65022eb03dfd12
GET /template/company/duote-xiazai/js/jquery.min.js HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-16f44"
Expires: Mon, 23 Jan 2023 21:11:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 415558e4daea542acd1dc5046c834f25
3d1a13af98eafdbaf4f084adab56fe07e3c4a32d
2e909f4bc6ac189762f8562eef321e136c0ed93b2613a980b28216d1d03708e5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Mon, 23 Jan 2023 09:10:17 GMT
last-modified: Sat, 21 Jan 2023 04:54:57 GMT
expires: Sat, 28 Jan 2023 04:54:56 GMT
etag: "3d1a13af98eafdbaf4f084adab56fe07e3c4a32d"
cache-control: max-age=603937,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78df6537cc9bbbf5-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1674465017
via: cache2.l2de2[0,0,304-0,H], cache8.l2de2[0,0], cache3.se1[0,0,200-0,H], cache3.se1[0,0], cache8.se1[2,0]
age: 80
x-cache: HIT TCP_MEM_HIT dirn:2:75895192
x-swift-savetime: Mon, 23 Jan 2023 09:11:00 GMT
x-swift-cachetime: 1757
timing-allow-origin: *, *
eagleid: 2ff62c9c16744650978891616e, 2ff62c9c16744650978891616e
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 54b4257370c9efa368a34f01c13b2271
c2e7bb7d14e03e11e52e93880baec5a72c60a02c
f44e7a566cc157ee1825577b4adfe54f2415eaaf09b6650233ac2c08ce51eb73
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 27 Jan 2023 06:10:31 GMT
ETag: "c2e7bb7d14e03e11e52e93880baec5a72c60a02c"
Last-Modified: Mon, 23 Jan 2023 06:10:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1626
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78df672eac2e1bfa-OSL
21155.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
154.218.151.71200 OK 8.9 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (29165), with CRLF line terminators
Hash fd0bdc561b4f37fa8e4539d86c5fd0e4
663b932af8ef82dff4cfeb56351bd32853e54804
98161b22bc6e6613ecf1c230ff9664ba032c3abfe8d6a4079263f9daeb1829db
GET /template/company/duote-xiazai/css/jquery-ui.min.css HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-7d6e"
Expires: Mon, 23 Jan 2023 21:11:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21155.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
154.218.151.71200 OK 799 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash ac93d373f5090fbc3e8a7152aab7170d
160c0bc3072bccced250979b7999ae060941eb06
e15e1cefcdcd40db68eecbd7a02af32a8a97e5749791b07b434f8454408c1570
GET /template/company/duote-xiazai/js/duotecommon_top.js HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-a0b"
Expires: Mon, 23 Jan 2023 21:11:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21155.url.tudown.com/template/company/duote-xiazai/css/index.css
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/css/index.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash fbfd831dee308c5094076e0b4022a222
fa69c04bf3f0c911d2b1697717e05706362f0c57
ab5a9d33745256917eb22abecd3d8ed4790e612720f2a743206d00b85aa5ff4f
GET /template/company/duote-xiazai/css/index.css HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6c-42b3"
Expires: Mon, 23 Jan 2023 21:11:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
static.mediav.com/js/mvf_g2.js
104.192.110.245200 OK 9.0 kB URL HTTP/1.1 static.mediav.com/js/mvf_g2.js
IP 104.192.110.245:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (25539), with no line terminators
Hash 1baf9fc7116527b1a41307a6653030ca
f854953834e70e842d0d3fe6c8966ffb38e16744
d601207a5fa9a6b11008bc0a5a295c46ed62707d4a4b7b04a276eef33c3dcbd3
GET /js/mvf_g2.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:41 GMT
Vary: Accept-Encoding
Expires: Mon, 23 Jan 2023 14:11:38 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc01.lato;HIT from w-sc02.bjmd
21155.url.tudown.com/template/company/duote-xiazai/css/teach.css
154.218.151.71200 OK 4.1 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/css/teach.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (499)
Hash 16ca38b11b525a142c6086c2c2802545
88ed9d1c7088344b24f18132ad025ed63623bb7e
c7d5eef240fb383c039b0141854336a78a07597b0bff022ae71514e913351d7a
GET /template/company/duote-xiazai/css/teach.css HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:37 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e70-503f"
Expires: Mon, 23 Jan 2023 21:11:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21155.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
154.218.151.71200 OK 741 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1844)
Hash 64d8d6bbbe2129e883c5af163b76600d
5c0f7df223f7f0ca25cc5c8247ae8b8f0cae4805
66f01728ee43d433d4fd4c0409354667cc543ae51cd362376d3f053da321369b
GET /template/company/duote-xiazai/js/super_slider.js HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-763"
Expires: Mon, 23 Jan 2023 21:11:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.207301 Moved Permanently 262 B URL HTTP/1.1 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.207:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://www.2345.com/js/index/activity/20171111/widget.min.js
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Via: cache2.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9616744650981503610e
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aff1c8f8bde400381877e95444ca236d
c532f6f9daa1d1685b4a4b75c2ab171f1731f78e
02cbcddfab60c295e61e716b7880c5acc66533a2cc2b151b4c9674109eacb71a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CBCDDFAB60C295E61E716B7880C5ACC66533A2CC2B151B4C9674109EACB71A"
Last-Modified: Mon, 23 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20860
Expires: Mon, 23 Jan 2023 14:59:18 GMT
Date: Mon, 23 Jan 2023 09:11:38 GMT
Connection: keep-alive
static.mediav.com/js/mvf_pm_slider.js
104.192.110.245200 OK 40 kB URL HTTP/1.1 static.mediav.com/js/mvf_pm_slider.js
IP 104.192.110.245:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (65536), with no line terminators, with escape sequences
Hash b23b60a7adefb62f50583079ed66f03b
965ea6506ea6c004b1135f23c10c67484fc0d238
987d03cb317bd411589ab916be6ea0e5aaabf8de0e94a2de7712beff577a62f8
GET /js/mvf_pm_slider.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:42 GMT
Vary: Accept-Encoding
Expires: Mon, 23 Jan 2023 14:11:38 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc01.lato;HIT from w-sc02.lyct
21155.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 33db5499343abb12f6c7d980cfdf5af0
ca9f7d2be1dd0f229f709b2effd22d57413fc7d4
3ca1208b56597372cccafd9817375f08e7e85ab84b310cb882ff8a76bac1c388
GET /template/company/duote-xiazai/js/soft_comment.js HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-f1c"
Expires: Mon, 23 Jan 2023 21:11:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21155.url.tudown.com/template/company/duote-xiazai/js/index.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/js/index.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (8638)
Hash a1f3815ea981db7480ca3c4d5d54aac6
f3961cccb17dc2190e2a8c249d936d0b1185fd7e
7adb4d2ea2856125d829deeabfc70e92f87a5e50f84187ed8d570b810c807d6f
GET /template/company/duote-xiazai/js/index.js HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e97-223b"
Expires: Mon, 23 Jan 2023 21:11:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img4.duote.com/duoteimg/js/baidu_js_push.js
222.186.17.193200 OK 359 B URL HTTP/2 img4.duote.com/duoteimg/js/baidu_js_push.js
IP 222.186.17.193:0
File type ASCII text, with CRLF line terminators
Hash f63ef5e096ef52af0cb95b8d2f3fda32
8d6dcc307c816618f7b26e1482d16d447f382e51
e0679eaf3f94f9353f167a1ebe1a8424c61631cc9be2d5a5445ba35e77f58932
GET /duoteimg/js/baidu_js_push.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 359
date: Mon, 19 Dec 2022 17:16:09 GMT
x-oss-request-id: 63A09C59AFFD70313763EF54
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "F63EF5E096EF52AF0CB95B8D2F3FDA32"
last-modified: Tue, 21 Jun 2022 08:41:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2603761381065918884
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Wed, 22 Jun 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQUxiBgID4uNiVjBgiIDdjODgyMTExYzA2OTQ5NmU4NjMxZTI4MDZmMTc2NGEx
content-md5: 9j714JbvUq8MuVuNLz/aMg==
x-oss-server-time: 5
ali-swift-global-savetime: 1671470169
via: cache17.l2cn3037[0,0,200-0,H], cache43.l2cn3037[1,0], ens-vcache19.cn5274[0,0,200-0,H], ens-vcache21.cn5274[1,0]
age: 2994929
x-cache: HIT TCP_MEM_HIT dirn:11:115098713
x-swift-savetime: Sun, 01 Jan 2023 05:15:12 GMT
x-swift-cachetime: 14472057
timing-allow-origin: *
eagleid: deba11a816744650981888354e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
222.186.17.193200 OK 361 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
IP 222.186.17.193:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (361), with no line terminators
Hash d7877f2308efe72c7913b65816859daa
755606b601ae85ebcbf0dd47660fb028d1bf30d7
3af5e226f01cd0faf44433ba44517cc6b0fe9596de061a613c8d719227cc2c1a
GET /duoteimg/dtnew_recom_img/duoteself/softdown_1.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 361
date: Wed, 04 Jan 2023 10:48:37 GMT
x-oss-request-id: 63B55985341EC4383238B58D
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D7877F2308EFE72C7913B65816859DAA"
last-modified: Wed, 04 Jan 2023 09:53:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13587884656729146177
x-oss-storage-class: Standard
x-oss-meta-mtime: 1672826010
x-oss-expiration: expiry-date="Thu, 05 Jan 2023 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVxiBgMCnu.bwqxgiIGMwYmRlOGE3NDQ3MjQxYmY4Y2NiYWYyOWExMzU2Zjdi
content-md5: 14d/Iwjv5yx5E7ZYFoWdqg==
x-oss-server-time: 26
ali-swift-global-savetime: 1672829317
via: cache42.l2cn3037[0,0,200-0,H], cache35.l2cn3037[1,0], ens-vcache1.cn5274[0,0,200-0,H], ens-vcache21.cn5274[0,0]
age: 1635781
x-cache: HIT TCP_MEM_HIT dirn:12:130594919
x-swift-savetime: Wed, 04 Jan 2023 11:29:37 GMT
x-swift-cachetime: 15549540
timing-allow-origin: *
eagleid: deba11a816744650982148358e
X-Firefox-Spdy: h2
21155.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
154.218.151.71200 OK 577 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d2fd0ff89c3e773f8cfb6e5e57ae2909
537114b9b969f30770ba619a17d217bb69efb759
9665a3c5c2aa7e032819815b24dccc0dd5fbfbbef8876d7d42dfe2751e06d8f7
GET /template/company/duote-xiazai/js/clickdown_stat_ajax.js HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-57a"
Expires: Mon, 23 Jan 2023 21:11:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
180.101.199.244404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 180.101.199.244:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Mon, 23 Jan 2023 09:11:38 GMT
ali-swift-global-savetime: 1674465098
via: cache78.l2cn3037[23,23,404-1280,M], cache21.l2cn3037[24,0], cache21.l2cn3037[24,0], vcache27.cn4733[26,25,404-1280,M], vcache30.cn4733[27,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Mon, 23 Jan 2023 09:11:38 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: b465c73216744650982222049e
X-Firefox-Spdy: h2
union2.50bang.org/js/duoteall
180.101.190.124200 OK 370 B URL HTTP/1.1 union2.50bang.org/js/duoteall
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
File type ASCII text, with very long lines (370), with no line terminators
Hash a5995fe8f76d461db0ff4bc459d38a6b
433df89b48fd7024659328073319a5dffc27121a
d33e755e8df58395b14950f28d6b118ad8fee4a40a898b00e7274ac0bd254583
GET /js/duoteall HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Length: 370
21155.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
154.218.151.71200 OK 63 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 827609f4f6b6dbef37e7bbb2c6cb8535
09929f83133df43c4ec28623065e3af7647a1f11
f7f82084b7a593e189a56487ea3179a61e6d8c93ec6ffdfada18e8c5e8863375
GET /template/company/duote-xiazai/js/keyword_new.js HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/javascript
Content-Length: 63
Last-Modified: Sun, 06 Nov 2022 08:21:47 GMT
Connection: keep-alive
ETag: "63676e9b-3f"
Expires: Mon, 23 Jan 2023 21:11:38 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
img4.duote.com/duoteimg/js/front_ad.js
222.186.17.193200 OK 0 B URL HTTP/2 img4.duote.com/duoteimg/js/front_ad.js
IP 222.186.17.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /duoteimg/js/front_ad.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 0
date: Sat, 21 Jan 2023 03:02:46 GMT
x-oss-request-id: 63CB55D6960DF2343850A2E2
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D41D8CD98F00B204E9800998ECF8427E"
last-modified: Wed, 02 Sep 2020 01:55:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 0
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 1B2M2Y8AsgTpgAmY7PhCfg==
ali-swift-global-savetime: 1674270166
via: cache8.l2cn3037[0,0,200-0,H], cache34.l2cn3037[1,0], ens-vcache22.cn5274[0,0,200-0,H], ens-vcache21.cn5274[1,0]
age: 194932
x-cache: HIT TCP_MEM_HIT dirn:12:264096559
x-swift-savetime: Sun, 22 Jan 2023 04:24:20 GMT
x-swift-cachetime: 15460706
timing-allow-origin: *
eagleid: deba11a816744650982768372e
X-Firefox-Spdy: h2
21155.url.tudown.com/template/company/duote-xiazai/images/stars.png
154.218.151.71200 OK 409 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/images/stars.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/stars.png HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/template/company/duote-xiazai/css/global.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:35 GMT
Connection: keep-alive
ETag: "63676e8f-199"
Accept-Ranges: bytes
img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
222.186.17.193200 OK 1.0 kB URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/soft/auto_complete.js
IP 222.186.17.193:0
Hash 8c6a6de562181b71d2867e2711f31df9
6e3aed7b36431b15293f6a3a1c66567a6fec5334
f65233dc7f87033f78a736238467c78ce1973af259b67f932c285a0f180174ee
GET /duoteimg/dtnew_assets/pc/js/soft/auto_complete.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 1015
date: Wed, 19 Oct 2022 02:18:07 GMT
vary: Accept-Encoding
x-oss-request-id: 634F5E5F9F5C5134319809A9
x-oss-cdn-auth: success
last-modified: Wed, 19 Oct 2022 02:15:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3181168464323094172
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVRiBgICaq4y4nxgiIDJjNjljMDkwMWY0MjQ4N2JhZTA2NmEwOWJkZmNhMWYx
content-md5: 5qfmF/GrELbus726BAkyLQ==
x-oss-server-time: 11
content-encoding: gzip
ali-swift-global-savetime: 1666145887
via: cache71.l2cn3037[0,0,200-0,H], cache1.l2cn3037[1,0], ens-vcache29.cn5274[0,0,200-0,H], ens-vcache21.cn5274[1,0]
age: 8319211
x-cache: HIT TCP_MEM_HIT dirn:12:390389817
x-swift-savetime: Sun, 01 Jan 2023 07:31:10 GMT
x-swift-cachetime: 9139617
timing-allow-origin: *
eagleid: deba11a816744650982958377e
X-Firefox-Spdy: h2
21155.url.tudown.com/template/company/duote-xiazai/js/new_global.js
154.218.151.71200 OK 592 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/js/new_global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 232fd4a41f68cb95c02a365b6aca84e9
4d17747184f32abc1b922759c510bdbab4eccedd
0d50c1f4db8f330ef99775e40dadb29b531eb33314540560567b1f2623d4885e
GET /template/company/duote-xiazai/js/new_global.js HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9d-685"
Expires: Mon, 23 Jan 2023 21:11:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8633
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:11:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8633
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:11:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8633
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:11:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8633
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:11:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3Ke5d5WguVrF_Phnhu9ojzN5Md0VkYnFfxKNoh5HHrmHwPI90IAIdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 05:22:52 GMT
age: 13726
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hQjtfheswJHTaBL6yZ9UoowbsfqvbNqzUb9EOzaAppGv-fHat8O1A==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:20 GMT
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
age: 36138
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d0dd6e84bd1708aec285a9153eafabc
2d2729ca550ecdca29a502eb76c68f4eed623032
3c0492fc05ab9a35cd8d833a031aa907a473f2ff22fed0732fa331a0c2939660
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4085
x-amzn-requestid: 444720ab-9a4d-40f7-a2e2-e574d4e2928d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBP0uEeToAMFepA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9f9b7-113188a040ff40ad479415cc;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 02:17:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wbZuUg06OrIyirTvHtsdGz2ux_OxhbBMbPHy_52LjsmknZIf6bLDBw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 10:24:16 GMT
age: 82042
etag: "2d2729ca550ecdca29a502eb76c68f4eed623032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e42f475b1e14cb9d0939ef39db8e1f91
dda57d67c7b5f32123d3c9956dec8f805138b3bf
ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: e80dab53-5137-4776-a105-b1933e9bda6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqu6GhZIAMFWSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f8-696c3a7f103b96a23ed4abec;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5bEvPaVPmareEYTNHUoTIEtCn0EKpBBafR11mjrvwPFVS_DLFKgm3w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 04:07:43 GMT
age: 18235
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R-9qgCHHj8iD9FEwYhzLoXAQvdrO6D6qRIWAvyQJyfB-LHDGUjvmzA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:59 GMT
age: 41019
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5401628b3bdd03eeee51f68177ac4d41
bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29
3e231ba2e44699d88ed1e28510dad0762a57e0854a11d40f752421bd41738944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10052
x-amzn-requestid: 10422f29-dc81-41f9-b03e-76fb2b0f4f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2vnHFT9oAMFbmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c62d-780503606bec4fff6e911fc8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:48:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQaGhmXW_zeKd-WXUxi_z0e3Ul1YrtBgIbPEEWRfQfG7d8C0JyZdXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:56:00 GMT
age: 40538
etag: "bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
222.186.17.193200 OK 895 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js
IP 222.186.17.193:0
Hash f8f676d38231dad63dfc1144b4739051
978c21f9675780eb755412efc1ddc8fe098c5d7f
2ab62b8459e616fbc36456facba7af14984e90a3a5522a317d46cdb6f133f871
GET /duoteimg/dtnew_assets/pc/js/searchCode/transcoding.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 895
date: Thu, 08 Dec 2022 06:30:46 GMT
x-oss-request-id: 63918496AFFD703338923AEB
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "4C7F46FF62D37B2CC7456F8F9EB96611"
last-modified: Thu, 10 Sep 2020 02:00:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13670043018340852857
x-oss-storage-class: Standard
x-oss-meta-mode: 33188
x-oss-meta-mtime: 1599017058
x-oss-expiration: expiry-date="Fri, 11 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
vary: Accept-Encoding
content-md5: TH9G/2LTeyzHRW+PnrlmEQ==
x-oss-server-time: 24
content-encoding: gzip
ali-swift-global-savetime: 1670481046
via: cache8.l2cn3037[0,0,200-0,H], cache8.l2cn3037[1,0], ens-vcache24.cn5274[0,0,200-0,H], ens-vcache21.cn5274[1,0]
age: 3984052
x-cache: HIT TCP_MEM_HIT dirn:12:413051096
x-swift-savetime: Sun, 01 Jan 2023 07:02:50 GMT
x-swift-cachetime: 13476476
timing-allow-origin: *
eagleid: deba11a816744650983128380e
X-Firefox-Spdy: h2
s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
180.97.251.250200 OK 20 B URL HTTP/2 s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
IP 180.97.251.250:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1277770517&web_id=1277770517 HTTP/1.1
Host: s5.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Mon, 23 Jan 2023 09:02:56 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Mon, 23 Jan 2023 09:02:56 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1674464576
via: cache20.l2cn1836[55,55,200-0,M], cache32.l2cn1836[56,0], cache9.cn2205[0,0,200-0,H], cache14.cn2205[1,0]
age: 522
x-cache: HIT TCP_MEM_HIT dirn:13:115275970
x-swift-savetime: Mon, 23 Jan 2023 09:02:56 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb2a16744650984656673e
X-Firefox-Spdy: h2
bdcode.2345.com/source/g/common/by/ht_jy_qx.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/source/g/common/by/ht_jy_qx.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5138), with no line terminators
Hash c8c6cce5ceeb45eb380a755f2496f967
9312c8a3e53065d605d60e1a9eecdd429c526947
8f725ddad5cdb21ced5950cdc741627327947d79d95712325e75ea03f53b968b
Analyzer Verdict Alert fortinet Malware
GET /source/g/common/by/ht_jy_qx.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2144
Connection: keep-alive
Cache-Control: max-age=14400
Content-Encoding: gzip
Expires: Mon, 23 Jan 2023 13:11:38 GMT
Last-Modified: Wed, 11 Jan 2023 16:31:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c16571e8748437e1-143
Server: yunjiasu
21155.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
154.218.151.71200 OK 738 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1755)
Hash 941e223b206b2f389ba88e5c62146e05
1ea47333441413a3afd2fbc6e335810513cd3b5f
c0034343dbd842fc5ba9dfae6be7145ec000eb017fc0ca9a7fd6e245811df660
GET /template/company/duote-xiazai/js/scrollbar.js HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9e-707"
Expires: Mon, 23 Jan 2023 21:11:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5137), with no line terminators
Hash 2c6b259bdbca8106d8f66bd00857a8bf
2da320d437ecc0606da878d8b4d376aefb0a55de
a6a517a0909bf60d88595c5cf7339ff566d3a6510d821f201196a334e996cdfb
Analyzer Verdict Alert fortinet Malware
GET /common/xsoa-r/openjs/pu/ao.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2138
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Mon, 23 Jan 2023 10:11:38 GMT
Last-Modified: Wed, 11 Jan 2023 16:31:43 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c16571e927a937e6-143
Server: yunjiasu
21155.url.tudown.com/uploads/images/921457.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/921457.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/921457.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2120074636,1043725802&fm=224&app=112&f=JPEG?w=500&h=500
21155.url.tudown.com/uploads/images/logo.png?n=4wjlr2mywps3raxixw2oncn742oit2mzsdsyllhfr64a&w=250
154.218.151.71200 OK 3.3 kB URL HTTP/1.1 21155.url.tudown.com/uploads/images/logo.png?n=4wjlr2mywps3raxixw2oncn742oit2mzsdsyllhfr64a&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash d366c4923a894ba961c2c20c64492466
c9039e67f53912c81db537c1df57c21102a63491
a96d3d515244a1feff10771164de3825634a8fcc3c83cf3ceb5988b0b3935401
GET /uploads/images/logo.png?n=4wjlr2mywps3raxixw2oncn742oit2mzsdsyllhfr64a&w=250 HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
21155.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
154.218.151.71200 OK 80 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32074), with CRLF line terminators
Hash e81ec1034a64ade1aa8b290326108e91
67aa74b0a4d0039f59acacca2ee6eee5ebaa312e
825cd708c0562c4b038d007351af36e0c4b34a32c0a1e8fd5852206417cbf94e
GET /template/company/duote-xiazai/js/jquery-ui.min.js HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-3def1"
Expires: Mon, 23 Jan 2023 21:11:38 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
21155.url.tudown.com/uploads/images/44750.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/44750.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/44750.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3078980196,456124062&fm=253&fmt=auto?w=1280&h=800
t14.baidu.com/it/u=2120074636,1043725802&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t14.baidu.com/it/u=2120074636,1043725802&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d1d3e452ed3fa4a11983f3293ffdd0d7
b8b03be2efacdefc1d66e0e828831fd7989dc047
f2c653f094235f988a45b11efb466c9d1c098d01470946ff3b7a1f4d324c5a06
GET /it/u=2120074636,1043725802&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/jpeg
Content-Length: 39276
Connection: keep-alive
Expires: Sun, 05 Feb 2023 00:59:39 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: d1d3e452ed3fa4a11983f3293ffdd0d7
Age: 992540
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 00:59:39 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache57 [2], czix75 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39276
X-Cache-Status: HIT
Timing-Allow-Origin: *
21155.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
154.218.151.71200 OK 409 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/images/soft-down.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/soft-down.png HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:32 GMT
Connection: keep-alive
ETag: "63676e8c-199"
Accept-Ranges: bytes
21155.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
154.218.151.71200 OK 409 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/images/softfastdownbtn.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/softfastdownbtn.png HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:33 GMT
Connection: keep-alive
ETag: "63676e8d-199"
Accept-Ranges: bytes
21155.url.tudown.com/uploads/images/170407.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/170407.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/170407.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4184062791,2720136017&fm=253&fmt=auto&app=138&f=GIF?w=334&h=500
21155.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/images/icon-sprites.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cc3e19fad8a144bf1e7bf400678f99cb
6ac3ec9a26fdec416640a98d24564ddee9886999
1725f9122ad4ec5075cd0967aef3ef5aff312d90e17a33b854d71434f7cbba4c
GET /template/company/duote-xiazai/images/icon-sprites.png HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/png
Content-Length: 1160
Last-Modified: Sun, 06 Nov 2022 08:21:18 GMT
Connection: keep-alive
ETag: "63676e7e-488"
Accept-Ranges: bytes
21155.url.tudown.com/template/company/duote-xiazai/images/like.png
154.218.151.71200 OK 409 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/images/like.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/like.png HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:22 GMT
Connection: keep-alive
ETag: "63676e82-199"
Accept-Ranges: bytes
img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
180.101.198.239200 OK 7.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 0dfec8a688ee97162d852f42a0fa2a23
a6bc13493b4f2471b72b9d9e8474a9889ad2f4cb
bfef5124ff15cc50ba2eb8e6c605541b642bb5c8c18a4c618ed248522f8d44e0
GET /duoteimg/zhuanti/comment/images/11.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 6979
date: Tue, 06 Dec 2022 22:52:39 GMT
x-oss-request-id: 638FC7B7AEF36B30351D8998
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0DFEC8A688EE97162D852F42A0FA2A23"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5501157311881781066
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Df7IpojulxYthS9CoPoqIw==
x-oss-server-time: 112
ali-swift-global-savetime: 1670367159
via: cache80.l2cn3037[87,86,304-0,M], cache20.l2cn3037[89,0], vcache15.cn4732[0,0,200-0,H], vcache22.cn4732[3,0]
age: 4097939
x-cache: HIT TCP_MEM_HIT dirn:9:272904946
x-swift-savetime: Tue, 06 Dec 2022 22:52:39 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62a16744650989588104e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
180.101.198.239200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 15c10a442a7bd8384cd17ed420cf21e9
477ba29d0b04ec0a2950d715b58abe2db4d68cdd
153b9c74c5a92e7ec480365537cd43c9973840f3b6c72dad3032f5aeb0a4d30e
GET /duoteimg/zhuanti/comment/images/8.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1788
date: Sun, 16 Oct 2022 07:04:46 GMT
x-oss-request-id: 634BAD0E0FAF34313397FCF8
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "15C10A442A7BD8384CD17ED420CF21E9"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10105978504471775518
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: FcEKRCp72DhM0X7UIM8h6Q==
x-oss-server-time: 132
ali-swift-global-savetime: 1665903886
via: cache52.l2cn3047[0,0,304-0,H], cache28.l2cn3047[1,0], vcache7.cn4732[0,0,200-0,H], vcache22.cn4732[3,0]
age: 8561212
x-cache: HIT TCP_MEM_HIT dirn:3:679167057
x-swift-savetime: Tue, 18 Oct 2022 05:04:17 GMT
x-swift-cachetime: 15386429
timing-allow-origin: *
eagleid: b465c62a16744650989588106e
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 5852d5089d4abcc108d275671a29c40c
3883c0c762e76511ee4cc8e8b3cececcf6db236c
6ee34b8a2d1cd69f498e065eee2471bc084257426b6433cb78a620de2c20d5c3
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Mon, 23 Jan 2023 09:11:18 GMT
last-modified: Sun, 22 Jan 2023 16:39:54 GMT
expires: Sun, 29 Jan 2023 16:39:53 GMT
etag: "3883c0c762e76511ee4cc8e8b3cececcf6db236c"
cache-control: max-age=593872,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 78df66b40b7890b2-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1674465078
via: cache9.l2de2[27,28,304-0,M], cache19.l2de2[29,0], cache8.se1[0,0,200-0,H], cache3.se1[1,0], cache8.se1[2,0]
age: 21
x-cache: HIT TCP_MEM_HIT dirn:11:358416810
x-swift-savetime: Mon, 23 Jan 2023 09:11:18 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9c16744650990732332e, 2ff62c9c16744650990732332e
21155.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
154.218.151.71200 OK 409 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/images/biaoq-icon.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/biaoq-icon.png HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/template/company/duote-xiazai/css/global.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:07 GMT
Connection: keep-alive
ETag: "63676e73-199"
Accept-Ranges: bytes
21155.url.tudown.com/template/company/duote-xiazai/images/dislike.png
154.218.151.71200 OK 295 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/images/dislike.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 16 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash a23e4dc6044953a149d0eb87aa9df5a4
48ab906d07b8d3265c0de7255d41d5352df29b9d
0342c264fcaac6c9fb4c0ea801d56145043dcd37613bddc633a6333c783eb2b9
GET /template/company/duote-xiazai/images/dislike.png HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/png
Content-Length: 295
Last-Modified: Sun, 06 Nov 2022 08:21:09 GMT
Connection: keep-alive
ETag: "63676e75-127"
Accept-Ranges: bytes
21155.url.tudown.com/template/company/duote-xiazai/images/left.png
154.218.151.71200 OK 409 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/images/left.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/left.png HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:20 GMT
Connection: keep-alive
ETag: "63676e80-199"
Accept-Ranges: bytes
21155.url.tudown.com/common/ipnotice/
154.218.151.71200 OK 17 kB URL HTTP/1.1 21155.url.tudown.com/common/ipnotice/
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash ebde9e9de14747d79b469a898704fce4
54fe0ed86f660668719462ce44167c56e904fa56
43a98d70fa824640be1d676ec1d938387afdfb7d932c12a3d274e40d0ce581e6
GET /common/ipnotice/ HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
180.101.198.239200 OK 2.1 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 8535863eee1ae5dfffa4f25a79cffa10
ae60588f804b611794c725429927f1a37c31a6e5
13fd5ae010e7d97dc637a2ec0537a28a8d74dac1f1480fa87279ae226e13e535
GET /duoteimg/zhuanti/comment/images/10.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2105
date: Wed, 07 Dec 2022 22:38:17 GMT
x-oss-request-id: 639115D9EBE1D337378BAB5F
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "8535863EEE1AE5DFFFA4F25A79CFFA10"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 720901678692586227
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: hTWGPu4a5d//pPJaec/6EA==
x-oss-server-time: 93
ali-swift-global-savetime: 1670452697
via: cache6.l2cn3037[0,0,304-0,H], cache22.l2cn3037[1,0], vcache17.cn4732[0,0,200-0,H], vcache22.cn4732[3,0]
age: 4012401
x-cache: HIT TCP_MEM_HIT dirn:11:198679929
x-swift-savetime: Wed, 07 Dec 2022 23:34:46 GMT
x-swift-cachetime: 15548611
timing-allow-origin: *
eagleid: b465c62a16744650989588108e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
180.101.198.239200 OK 3.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash eb575dd556470ae55acfa8350f63f3ab
5ded8852598c3cb4ff9130d24b1b7b03c558d14e
0be355d4a20f70a41fef403a817d2d27a1c5122fa1b58ef04dc884fb9a12ed7a
GET /duoteimg/zhuanti/comment/images/6.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3468
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E144616F52933834F154DF
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "EB575DD556470AE55ACFA8350F63F3AB"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17858666986198953545
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 61dd1VZHCuVaz6g1D2Pzqw==
x-oss-server-time: 86
ali-swift-global-savetime: 1658930273
via: cache39.l2cn3037[0,0,304-0,H], cache72.l2cn3037[1,0], vcache15.cn4732[0,0,200-0,H], vcache22.cn4732[2,0]
age: 15534825
x-cache: HIT TCP_MEM_HIT dirn:9:118507664
x-swift-savetime: Wed, 27 Jul 2022 14:00:56 GMT
x-swift-cachetime: 15551817
timing-allow-origin: *
eagleid: b465c62a16744650989608110e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
180.101.198.239200 OK 1.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 56bd697fdac1de3dbe8d4dd53e309a9b
215d4fead2dbf7bf6aeea1136749675cc5034f9e
7acdc1e69fd8d2c578ccf122054b7dab5a58a59caa255cd5585d45956136f4a3
GET /duoteimg/zhuanti/comment/images/7.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1495
date: Wed, 27 Jul 2022 14:00:56 GMT
x-oss-request-id: 62E1451844A24C3331B8E6EA
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "56BD697FDAC1DE3DBE8D4DD53E309A9B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6398064933782332215
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Vr1pf9rB3j2+jU3VPjCamw==
x-oss-server-time: 53
ali-swift-global-savetime: 1658930456
via: cache67.l2cn3037[164,164,304-0,M], cache39.l2cn3037[166,0], vcache3.cn4732[0,0,200-0,H], vcache22.cn4732[2,0]
age: 15534642
x-cache: HIT TCP_MEM_HIT dirn:11:172566713
x-swift-savetime: Wed, 27 Jul 2022 14:00:56 GMT
x-swift-cachetime: 15552000
timing-allow-origin: *
eagleid: b465c62a16744650989608109e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
180.101.198.239200 OK 3.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 2ea694cf637a163c094f4e88ae235ec7
8c80f708bc2b9ade2838743d1ec2f779662054e4
8824766f185db8f093dabd01f47636740f26f1a0340b8ed170e4268f36488a44
GET /duoteimg/zhuanti/comment/images/3.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3011
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E14461A70130303428621A
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "2EA694CF637A163C094F4E88AE235EC7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8455495457239003797
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: LqaUz2N6FjwJT06IriNexw==
x-oss-server-time: 40
ali-swift-global-savetime: 1658930273
via: cache74.l2cn3037[0,0,304-0,H], cache20.l2cn3037[1,0], vcache5.cn4732[0,0,200-0,H], vcache22.cn4732[7,0]
age: 15534825
x-cache: HIT TCP_MEM_HIT dirn:9:350917993
x-swift-savetime: Wed, 27 Jul 2022 14:00:56 GMT
x-swift-cachetime: 15551817
timing-allow-origin: *
eagleid: b465c62a16744650989588105e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
180.101.198.239200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 52c2ef213baaff54c731557b999a0bf7
804e7ac80e4255b27247350265bbc92ce8d075bb
6bc6cc4739fbf0b9257b84549097c06651f82bcb2edef386710f4bb88e5b1676
GET /duoteimg/zhuanti/comment/images/9.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1733
date: Fri, 09 Dec 2022 13:25:13 GMT
x-oss-request-id: 63933739960DF237391E4EA8
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "52C2EF213BAAFF54C731557B999A0BF7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7207152638915174298
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: UsLvITuq/1THMVV7mZoL9w==
x-oss-server-time: 46
ali-swift-global-savetime: 1670592313
via: cache35.l2cn3037[0,0,304-0,H], cache40.l2cn3037[1,0], vcache14.cn4732[0,0,200-0,H], vcache22.cn4732[7,0]
age: 3872785
x-cache: HIT TCP_MEM_HIT dirn:10:437594580
x-swift-savetime: Fri, 09 Dec 2022 14:08:59 GMT
x-swift-cachetime: 15549374
timing-allow-origin: *
eagleid: b465c62a16744650989588107e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
180.101.198.239200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 9429cb260cbf87e528d14cf6baaf2b5b
eb067540c3b93c515efbc46b5a1cb4c7bcb16ff7
4cce9443159a3c082fbf59610efbf5ef9b92d5422bce4bbe8ef43d1bcc8d0475
GET /duoteimg/zhuanti/comment/images/4.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1706
date: Tue, 18 Oct 2022 08:31:25 GMT
x-oss-request-id: 634E645DC8A4583832C601BC
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "9429CB260CBF87E528D14CF6BAAF2B5B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 875222251737355829
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: lCnLJgy/h+Uo0Uz2uq8rWw==
x-oss-server-time: 142
ali-swift-global-savetime: 1666081885
via: cache78.l2cn3037[0,0,304-0,H], cache49.l2cn3037[1,0], vcache17.cn4732[0,0,200-0,H], vcache22.cn4732[1,0]
age: 8383213
x-cache: HIT TCP_MEM_HIT dirn:11:255590486
x-swift-savetime: Tue, 18 Oct 2022 08:48:07 GMT
x-swift-cachetime: 15550998
timing-allow-origin: *
eagleid: b465c62a16744650989788121e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
180.101.198.239200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash daaa6d71e871eec644788b703b718bd8
8fadc0f0070931b2f807159e87b82bc2269b467a
6d31802a2485e9ff603aa0ec2528c96590e9d4c5ac8961ddf8a9c3fe3bb5c0b8
GET /duoteimg/zhuanti/comment/images/2.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1668
date: Wed, 27 Jul 2022 13:56:57 GMT
x-oss-request-id: 62E144290FAF3430362AB6AF
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "DAAA6D71E871EEC644788B703B718BD8"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17840225992830112301
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 2qptcehx7sZEeItwO3GL2A==
x-oss-server-time: 173
ali-swift-global-savetime: 1658930217
via: cache16.l2cn3037[0,0,304-0,H], cache75.l2cn3037[1,0], vcache7.cn4732[0,0,200-0,H], vcache22.cn4732[2,0]
age: 15534882
x-cache: HIT TCP_MEM_HIT dirn:9:164571178
x-swift-savetime: Wed, 27 Jul 2022 14:00:56 GMT
x-swift-cachetime: 15551761
timing-allow-origin: *
eagleid: b465c62a16744650991928213e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
180.101.198.239200 OK 2.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash a7bff4f63a973a68e2d98ee780d9e29e
4c87d92faf82347bb122c2ad0e74e166aec5c567
18e82892f579e1f63d003f7e8404754b775542d72ea2d677f61d8ed3c7dfd21c
GET /duoteimg/zhuanti/comment/images/5.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2768
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E14461DC81703736A9B209
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "A7BFF4F63A973A68E2D98EE780D9E29E"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11302870927342222426
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: p7/09jqXOmji2Y7ngNning==
x-oss-server-time: 33
ali-swift-global-savetime: 1658930273
via: cache19.l2cn3037[0,0,304-0,H], cache2.l2cn3037[0,0], vcache23.cn4732[0,0,200-0,H], vcache22.cn4732[2,0]
age: 15534826
x-cache: HIT TCP_MEM_HIT dirn:9:107405250
x-swift-savetime: Wed, 27 Jul 2022 14:00:56 GMT
x-swift-cachetime: 15551817
timing-allow-origin: *
eagleid: b465c62a16744650991928216e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
180.101.198.239200 OK 2.6 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 74dc1aa4f1e4f7219da7ad597c91b8e7
bfda85aaa1fd81b79b792ee83cd448cd2cde5005
733f3dc6aa38aaad278d72cbef942326c77b0f872727e5971cc8fb9b3b683efe
GET /duoteimg/zhuanti/comment/images/12.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2575
date: Sat, 10 Dec 2022 02:48:42 GMT
x-oss-request-id: 6393F38A28E01236303D13AE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "74DC1AA4F1E4F7219DA7AD597C91B8E7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17001896356624891276
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: dNwapPHk9yGdp61ZfJG45w==
x-oss-server-time: 48
ali-swift-global-savetime: 1670640522
via: cache34.l2cn3037[0,0,304-0,H], cache76.l2cn3037[0,0], vcache21.cn4732[0,0,200-0,H], vcache22.cn4732[2,0]
age: 3824577
x-cache: HIT TCP_MEM_HIT dirn:10:58877305
x-swift-savetime: Sat, 10 Dec 2022 03:04:45 GMT
x-swift-cachetime: 15551037
timing-allow-origin: *
eagleid: b465c62a16744650991928217e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
180.101.198.239200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
IP 180.101.198.239:0
ASN #23650 AS Number for CHINANET jiangsu province backbone
File type GIF image data, version 89a, 24 x 24\012- data
Hash 26df8be954a888cd2b29429bcc7d91de
2fa6246adde0616962ed672907c5da94893ce35e
9c73781c61d66f4af9043f08da67a47653fe9662e0aabd4cfa133cfbe55eaa76
GET /duoteimg/zhuanti/comment/images/1.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1771
date: Sat, 30 Jul 2022 05:24:34 GMT
x-oss-request-id: 62E4C092E38C983934309E2A
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "26DF8BE954A888CD2B29429BCC7D91DE"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7119512290700278717
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Jt+L6VSoiM0rKUKbzH2R3g==
x-oss-server-time: 25
ali-swift-global-savetime: 1659158674
via: cache2.l2cn2656[0,0,304-0,H], cache35.l2cn2656[0,0], vcache1.cn4732[0,0,200-0,H], vcache22.cn4732[2,0]
age: 15306425
x-cache: HIT TCP_MEM_HIT dirn:11:192894374
x-swift-savetime: Wed, 03 Aug 2022 04:14:12 GMT
x-swift-cachetime: 15210622
timing-allow-origin: *
eagleid: b465c62a16744650991928215e
X-Firefox-Spdy: h2
21155.url.tudown.com/template/company/duote-xiazai/images/right.png
154.218.151.71200 OK 409 B URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/images/right.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/right.png HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:30 GMT
Connection: keep-alive
ETag: "63676e8a-199"
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 96426b8d462171c1ea848ea196db325a
25b8fc5a23d0bf02a3809d59472cd972d8528ab6
6941e1fb273720cda3a858c32e07289afe914597d6f991523de4d318213daa37
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 27 Jan 2023 05:47:17 GMT
ETag: "25b8fc5a23d0bf02a3809d59472cd972d8528ab6"
Last-Modified: Mon, 23 Jan 2023 05:47:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2629
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78df6736fc900b3d-OSL
cpro.baidustatic.com/cpro/ui/pr.js
220.169.152.35200 OK 191 B URL HTTP/1.1 cpro.baidustatic.com/cpro/ui/pr.js
IP 220.169.152.35:0
File type ASCII text, with CRLF line terminators
Hash 48bbe750b892850b181762bf739e10dd
716574fe9afcde8faef513b16d6867cb07afe626
e538c894cae59538764a334e2cf2bc02e53fa6a9e4efebcd251bc5da82fa2158
GET /cpro/ui/pr.js HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 23 Jan 2023 10:10:44 GMT
Last-Modified: Tue, 30 Aug 2022 02:57:27 GMT
ETag: "630d7c97-ff"
Cache-Control: max-age=3600
Content-Encoding: gzip
Age: 55
Accept-Ranges: bytes
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 23 Jan 2023 09:10:44 GMT
Ohc-Cache-HIT: yy2ct64 [2], wzix64 [1]
Ohc-File-Size: 191
X-Cache-Status: HIT
21155.url.tudown.com/uploads/images/35134.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/35134.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/35134.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2188509748,103965460&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=716
21155.url.tudown.com/uploads/images/853228.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/853228.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/853228.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1982985269,3825089682&fm=224&app=112&f=JPEG?w=500&h=500
21155.url.tudown.com/uploads/images/490075.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/490075.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/490075.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1093527754,255265918&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
180.101.199.244404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 180.101.199.244:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Mon, 23 Jan 2023 09:11:39 GMT
ali-swift-global-savetime: 1674465099
via: cache78.l2cn3037[27,26,404-1280,M], cache3.l2cn3037[28,0], cache3.l2cn3037[29,0], vcache27.cn4733[30,30,404-1280,M], vcache30.cn4733[31,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Mon, 23 Jan 2023 09:11:39 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: b465c73216744650993992908e
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/683289.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/683289.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/683289.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3352499721,2503946627&fm=253&fmt=auto?w=800&h=1280
21155.url.tudown.com/uploads/images/304897.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/304897.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/304897.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=660712573,2266555466&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
21155.url.tudown.com/uploads/images/733817.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/733817.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/733817.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2065424154,615683571&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
bdcode.2345.com/swtqusc.js
42.81.8.130200 OK 4.0 kB URL HTTP/1.1 bdcode.2345.com/swtqusc.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (11438), with no line terminators
Hash 4927ec7cf61077c3cb553d1e91fbe407
81cecb6db2e670675c9bdac9c8c9225b987262cc
439bad0c6b3cec8c27d7bd369cf89917af4deec831c07836e4e1d265113a641c
Analyzer Verdict Alert fortinet Malware
GET /swtqusc.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 4034
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Mon, 23 Jan 2023 10:11:39 GMT
Last-Modified: Wed, 18 May 2022 01:48:47 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c16571f327b637e6-143
Server: yunjiasu
t13.baidu.com/it/u=1982985269,3825089682&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t13.baidu.com/it/u=1982985269,3825089682&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f54e3065016812e1788b7c25d4ac7e28
df21c1630a992df7851432614f11a78f087316a0
433b719bc8642085ffc271c8a7f6d340d8c66b791c4972b00b01850074b0fc8c
GET /it/u=1982985269,3825089682&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpeg
Content-Length: 40514
Connection: keep-alive
Expires: Thu, 26 Jan 2023 18:48:23 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: f54e3065016812e1788b7c25d4ac7e28
Age: 829168
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 27 Dec 2022 18:48:23 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache65 [1], czix80 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 40514
X-Cache-Status: HIT
Timing-Allow-Origin: *
img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
101.226.28.223200 OK 41 kB URL HTTP/1.1 img4.runjiapp.com/duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg
IP 101.226.28.223:0
ASN #4812 China Telecom Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 910x86, components 3\012- data
Hash f8f15f37c9961bc7463d1df83059d32c
7b4aa49eaed0106e8722fda960d4f397b78e7811
eb99269720c3ad25a285d1cae14a73f57a45ffe3e1f086f1e0a8351a83e62cc0
GET /duoteimg/dtnew_recom_img/202008/20200812163506_69310.jpg HTTP/1.1
Host: img4.runjiapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 41017
Connection: keep-alive
Date: Wed, 04 Jan 2023 09:53:50 GMT
x-oss-request-id: 63B54CAE8873C53939421D90
x-oss-cdn-auth: success
Accept-Ranges: bytes
ETag: "F8F15F37C9961BC7463D1DF83059D32C"
Last-Modified: Fri, 04 Sep 2020 08:59:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2768094505068467474
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Sat, 05 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
Content-MD5: +PFfN8mWG8dGPR34MFnTLA==
x-oss-server-time: 18
Ali-Swift-Global-Savetime: 1672826030
Via: cache45.l2cn1807[0,0,200-0,H], cache50.l2cn1807[0,0], vcache15.cn4757[0,0,200-0,H], vcache8.cn4757[2,0]
Age: 1639069
X-Cache: HIT TCP_MEM_HIT dirn:11:38740273
X-Swift-SaveTime: Wed, 04 Jan 2023 09:55:49 GMT
X-Swift-CacheTime: 15551881
Timing-Allow-Origin: *
EagleId: 65e21c9c16744650994257237e
21155.url.tudown.com/uploads/images/535545.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/535545.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/535545.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1916677248,2862597539&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
60.190.116.48200 OK 123 kB URL HTTP/1.1 sofire.bdstatic.com/js/dfxaf3-635b4cd6.js
IP 60.190.116.48:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 123 kB (123037 bytes)
Hash c39ed7d28cee6240d44cc5b5c2bbd686
eab7220ff1195b14d9c1c21ae4fcad33315549b5
cd5d1c61337dd6b5a3ddffdc95ed7da921b125c9911aa22eaef8f054a2345459
GET /js/dfxaf3-635b4cd6.js HTTP/1.1
Host: sofire.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 25 Jan 2023 08:39:29 GMT
Last-Modified: Fri, 06 Jan 2023 03:24:00 GMT
ETag: "6c8af00e14f394b624a4b374d18b9b7a"
Content-Encoding: gzip
Age: 88330
Accept-Ranges: bytes
Content-MD5: bIrwDhTzlLYkpLN00Yubeg==
x-bce-content-crc32: 1362413814
x-bce-debug-id: QjineMlAXhLG/PlsgM2X2uIKfsWp+HP3QbCjboYwAHuzbGpANStpwGzjEZ4OyAmfwap44giGyP+88Edrq3Apag==
x-bce-request-id: d5b3c661-6c66-459a-82f5-aba26c1b2d8f
x-bce-storage-class: STANDARD
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 08:39:29 GMT
Ohc-Cache-HIT: wz2ct50 [2], nb2ctcache51 [2]
Ohc-Response-Time: 1 0 0 0 0 0
21155.url.tudown.com/uploads/images/450399.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/450399.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/450399.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=132462895,311866095&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500
21155.url.tudown.com/uploads/images/653833.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/653833.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/653833.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2567070492,3151820801&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=250
21155.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 21155.url.tudown.com/template/company/duote-xiazai/images/newbtnbg.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 178 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e22e63af128066b4d249bec71934fa7
09313b9c9717d049883d7c82b3b87f1a4af28408
ea827b6f53f2f091eb1a9ab83c5f53c5f4215e5a14721037af0b50dc47ffe5b0
GET /template/company/duote-xiazai/images/newbtnbg.png HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/template/company/duote-xiazai/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/png
Content-Length: 1308
Last-Modified: Sun, 06 Nov 2022 08:21:23 GMT
Connection: keep-alive
ETag: "63676e83-51c"
Accept-Ranges: bytes
21155.url.tudown.com/uploads/images/143339.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/143339.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/143339.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3175854626,3337365601&fm=224&app=112&f=JPEG?w=500&h=500
bdcode.2345.com/xtvzuvo.js
42.81.8.130200 OK 38 kB URL HTTP/1.1 bdcode.2345.com/xtvzuvo.js
IP 42.81.8.130:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash ce38d2b5c83cae8301782a83b240927e
16df7d9834814abfc742a741f2d691694eeeee8e
0afb23848a758db307769b0f6e1cc4d56e895fde0c9570ff0ee412ac6427775c
Analyzer Verdict Alert fortinet Malware
GET /xtvzuvo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 38081
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Mon, 23 Jan 2023 10:11:39 GMT
Last-Modified: Wed, 21 Dec 2022 05:54:50 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c16571f3748537e1-143
Server: yunjiasu
21155.url.tudown.com/uploads/images/162315.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/162315.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/162315.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2535059407,4121047624&fm=253&app=120&f=JPEG?w=1280&h=800
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 23 Jan 2023 09:11:40 GMT
Etag: "4078521116"
Expires: Tue, 23 Jan 2024 09:11:40 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=F45E30683C198DFF1A05D92231CF7161:FG=1; max-age=31536000; expires=Tue, 23-Jan-24 09:11:40 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
21155.url.tudown.com/uploads/images/927615.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/927615.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/927615.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:39 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3732682816,2398565997&fm=224&app=112&f=JPEG?w=500&h=500
21155.url.tudown.com/uploads/images/282664.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/282664.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/282664.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4092138419,159749218&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=752
21155.url.tudown.com/uploads/images/750456.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/750456.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/750456.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467
21155.url.tudown.com/uploads/images/365884.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/365884.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/365884.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=69727992,2822017436&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
t14.baidu.com/it/u=3732682816,2398565997&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 54 kB URL HTTP/1.1 t14.baidu.com/it/u=3732682816,2398565997&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 482450ca1f3e681d37b483f1463c6ede
373bccc3dfe805ceb319d3e5f671c6c2239e0e5f
823f99e27429f5e0240546abf3db5eb64fe183cc092499989e419f5781a66f87
GET /it/u=3732682816,2398565997&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpeg
Content-Length: 53777
Connection: keep-alive
Expires: Thu, 02 Feb 2023 13:50:34 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 482450ca1f3e681d37b483f1463c6ede
Age: 200587
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 13:50:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache52 [1], csix87 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53777
X-Cache-Status: HIT
Timing-Allow-Origin: *
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash d9f72a682788d3c89b34fe2bfe976808
45d17c00afbb2d93833c049e09d91bea2eafee74
e4afa1af2375098fe6aca771db6159ca212c27ea64311a4b8320b5ca307268fd
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Mon, 23 Jan 2023 09:11:39 GMT
Etag: ee30c73e0e944df431a720ee166db3ff
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EDA922889C0315D7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img1.baidu.com/it/u=3078980196,456124062&fm=253&fmt=auto?w=1280&h=800
118.180.40.35200 OK 46 kB URL HTTP/2 img1.baidu.com/it/u=3078980196,456124062&fm=253&fmt=auto?w=1280&h=800
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cdab496140e6d4daf042a801f37a4bb3
19715a9b893eba1de7458263be14bcf5f9cf2f60
e05a2f6c3a9ec59b0cb36de14052c0124c92d7d3e3ddd5c7a2022e0ff701d77e
GET /it/u=3078980196,456124062&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:39 GMT
content-type: image/webp
content-length: 46516
expires: Thu, 02 Feb 2023 02:43:53 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: cdab496140e6d4daf042a801f37a4bb3
age: 21260
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 02:43:53 GMT
ohc-cache-hit: lz5ct74 [4], csix74 [4]
ohc-file-size: 46516
x-cache-status: HIT
X-Firefox-Spdy: h2
t13.baidu.com/it/u=3175854626,3337365601&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 30 kB URL HTTP/1.1 t13.baidu.com/it/u=3175854626,3337365601&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d81aad1b93c96ddd3e8367c6a2a42beb
15dbf6f6a2acfe7aff6e45cb6a5221104bca11cb
e19bbabb84c6894be288e16c62f411fec6d6f84de6707ff1e4ca5f0e1dd4095f
GET /it/u=3175854626,3337365601&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpeg
Content-Length: 30427
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:52:26 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: d81aad1b93c96ddd3e8367c6a2a42beb
Age: 978564
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:52:26 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache65 [1], csix84 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 30427
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3352499721,2503946627&fm=253&fmt=auto?w=800&h=1280
118.180.40.35200 OK 31 kB URL HTTP/2 img1.baidu.com/it/u=3352499721,2503946627&fm=253&fmt=auto?w=800&h=1280
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2af7d3f94000b4546a82696b52e5bb4
272f35ec47e5f23870bcaa8e6ed810d8cd9d490e
2bdccd842a09090084e97a914d0d484e6024217cbbb2000ef5c396ecfc4d0247
GET /it/u=3352499721,2503946627&fm=253&fmt=auto?w=800&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:39 GMT
content-type: image/webp
content-length: 30818
expires: Mon, 20 Feb 2023 17:27:56 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: d2af7d3f94000b4546a82696b52e5bb4
age: 16
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 17:27:56 GMT
ohc-cache-hit: lz5ct79 [2], czix189 [2]
ohc-file-size: 30818
x-cache-status: HIT
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/923199.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/923199.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/923199.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1099339887,639831898&fm=253&app=120&f=JPEG?w=1280&h=800
21155.url.tudown.com/uploads/images/751389.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/751389.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/751389.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2395695251,4145582447&fm=253&app=120&f=JPEG?w=800&h=1421
21155.url.tudown.com/uploads/images/252182.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/252182.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/252182.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1382961354,136679989&fm=253&fmt=auto&app=138&f=JPEG?w=678&h=500
21155.url.tudown.com/uploads/images/356258.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/356258.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/356258.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=92904435,537404104&fm=224&app=112&f=JPEG?w=375&h=500
21155.url.tudown.com/uploads/images/298713.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/298713.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/298713.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3485641464,171974055&fm=253&fmt=auto&app=120&f=JPEG?w=666&h=999
21155.url.tudown.com/uploads/images/139608.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/139608.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/139608.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3829630217,1912335658&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867
img1.baidu.com/it/u=660712573,2266555466&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
118.180.40.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=660712573,2266555466&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 668x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ba131ef9771451ffd350ba18089ce5a2
c7dd911fd276902b26e8f9dbae690f6bf98519b3
9e1b17a0d542f7d5bdec9484cc22348e19fb21a34303f28e46cf6583cfda32d8
GET /it/u=660712573,2266555466&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:39 GMT
content-type: image/webp
content-length: 27732
expires: Mon, 20 Feb 2023 10:52:39 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ba131ef9771451ffd350ba18089ce5a2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 10:52:39 GMT
ohc-cache-hit: lz5ct60 [2], czix82 [2]
ohc-file-size: 27732
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4184062791,2720136017&fm=253&fmt=auto&app=138&f=GIF?w=334&h=500
118.180.40.35200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=4184062791,2720136017&fm=253&fmt=auto&app=138&f=GIF?w=334&h=500
IP 118.180.40.35:0
File type GIF image data, version 89a, 334 x 500\012- data
Hash bedbea521a17c7ca6574634289ae5baf
950d3c6d237ce4a4bb9dfdd64c15079c544e4430
17f7e8d5afc11c7638e2eead8f040fc341d8c09425cf59945a183713748e2179
GET /it/u=4184062791,2720136017&fm=253&fmt=auto&app=138&f=GIF?w=334&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:39 GMT
content-type: image/gif
content-length: 22592
expires: Sun, 29 Jan 2023 10:59:08 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: bedbea521a17c7ca6574634289ae5baf
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 10:59:08 GMT
ohc-cache-hit: lz5ct67 [1], xiangyix67 [4]
ohc-file-size: 22592
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2065424154,615683571&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
118.180.40.35200 OK 12 kB URL HTTP/2 img1.baidu.com/it/u=2065424154,615683571&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 280x180, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b865e200840b7ff969ca694823e4633
722f483385e11b9ec1d6a760c273efc89e7ab42e
bdef328ba21c22f5a9a88d9a199fc53d96753cc63013cef4af1185cd60fd176b
GET /it/u=2065424154,615683571&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:39 GMT
content-type: image/webp
content-length: 12306
expires: Thu, 26 Jan 2023 18:48:14 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 2b865e200840b7ff969ca694823e4633
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 18:48:14 GMT
ohc-cache-hit: lz5ct55 [1], bdix55 [4]
ohc-file-size: 12306
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=907082942&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45849&r=0&ww=1280&u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&tt=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=907082942&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45849&r=0&ww=1280&u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&tt=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=907082942&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=45849&r=0&ww=1280&u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&tt=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 23 Jan 2023 09:11:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C5DCD5008D631F3F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
21155.url.tudown.com/uploads/images/959971.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/959971.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/959971.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2568969537,511856250&fm=224&app=112&f=JPEG?w=500&h=281
api.share.baidu.com/s.gif?l=http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 23 Jan 2023 09:11:40 GMT
t14.baidu.com/it/u=2568969537,511856250&fm=224&app=112&f=JPEG?w=500&h=281
185.10.104.124200 OK 8.4 kB URL HTTP/1.1 t14.baidu.com/it/u=2568969537,511856250&fm=224&app=112&f=JPEG?w=500&h=281
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x281, components 3\012- data
Hash 4d4059c1e344f68fb5c5e2919a1e700c
03bbd7abc684877a1a38e2c22e5bd2fc4ab749e2
68ba151593c473b7407cf2621d7d2161ef6867147092e05769d0276585c32cb7
GET /it/u=2568969537,511856250&fm=224&app=112&f=JPEG?w=500&h=281 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpeg
Content-Length: 8417
Connection: keep-alive
Expires: Fri, 17 Feb 2023 22:10:11 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 4d4059c1e344f68fb5c5e2919a1e700c
Age: 369289
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 18 Jan 2023 22:10:10 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache62 [1], xaix211 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 8417
X-Cache-Status: HIT
Timing-Allow-Origin: *
21155.url.tudown.com/uploads/images/676783.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/676783.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/676783.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1955076542,2150705797&fm=224&app=112&f=JPEG?w=500&h=500
21155.url.tudown.com/uploads/images/735763.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/735763.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/735763.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1008907890,2288278127&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=92904435,537404104&fm=224&app=112&f=JPEG?w=375&h=500
185.10.104.124200 OK 54 kB URL HTTP/1.1 t15.baidu.com/it/u=92904435,537404104&fm=224&app=112&f=JPEG?w=375&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x500, components 3\012- data
Hash edf4ad25ab65fa23ebe15f4bb984b34e
315d82965a037c56262a0977c2a0efd042a0f01c
e0d5c37c5dfe33e9bfa360eb720c7e6d8bd1e25f88d2b69a7cecc196bc1631a7
GET /it/u=92904435,537404104&fm=224&app=112&f=JPEG?w=375&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpeg
Content-Length: 53640
Connection: keep-alive
Expires: Wed, 15 Feb 2023 22:43:33 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: edf4ad25ab65fa23ebe15f4bb984b34e
Age: 539925
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 22:43:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache56 [1], qdix174 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53640
X-Cache-Status: HIT
Timing-Allow-Origin: *
21155.url.tudown.com/uploads/images/615124.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/615124.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/615124.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1360674153,181439400&fm=253&fmt=auto&app=138&f=JPEG?w=538&h=500
21155.url.tudown.com/uploads/images/116967.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/116967.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/116967.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3263708423,1002168037&fm=253&fmt=auto&app=138&f=JPEG?w=434&h=434
img1.baidu.com/it/u=132462895,311866095&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500
118.180.40.35200 OK 73 kB URL HTTP/2 img1.baidu.com/it/u=132462895,311866095&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 890x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1204dee3d658a4f70f14cb8c4772d3d5
62e877c1ac5342299d7c26bfbf5f69ab4c57b9b6
0770986791dcf2750409890fb67599d861fff3b6836956e9c76e93d7781baab1
GET /it/u=132462895,311866095&fm=253&fmt=auto&app=138&f=JPEG?w=890&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/webp
content-length: 73424
expires: Fri, 10 Feb 2023 09:00:04 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 1204dee3d658a4f70f14cb8c4772d3d5
age: 197191
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 09:00:04 GMT
ohc-cache-hit: lz5ct70 [4], suzix70 [4]
ohc-file-size: 73424
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2567070492,3151820801&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=250
118.180.40.35200 OK 10 kB URL HTTP/2 img0.baidu.com/it/u=2567070492,3151820801&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=250
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa117f9c842b60faadc79072b39588c1
ad5cd174292ec494a79dd2f30e9fa61fadf2cb98
936f2ef446323bf0c6853035b3b36e8cd8920913997558616815139ce92c3d62
GET /it/u=2567070492,3151820801&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=250 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/webp
content-length: 10502
expires: Tue, 07 Feb 2023 18:14:52 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: fa117f9c842b60faadc79072b39588c1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 18:14:52 GMT
ohc-cache-hit: lz5ct67 [1], czix179 [4]
ohc-file-size: 10502
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1916677248,2862597539&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.180.40.35200 OK 29 kB URL HTTP/2 img2.baidu.com/it/u=1916677248,2862597539&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cfbace915e446027b913a77c004bbd52
f3059a6f871478f2c617e6e0a06807603b95bd5f
31942675850fa1d773a85f6e5aa5fa191d8895ab09165c2cfe29bc59481126da
GET /it/u=1916677248,2862597539&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/webp
content-length: 29388
expires: Wed, 25 Jan 2023 07:31:51 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: cfbace915e446027b913a77c004bbd52
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 07:31:51 GMT
ohc-cache-hit: lz5ct51 [1], csix51 [2]
ohc-file-size: 29388
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/209364.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/209364.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/209364.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2406500684,3484020834&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
img0.baidu.com/it/u=2188509748,103965460&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=716
118.180.40.35200 OK 57 kB URL HTTP/2 img0.baidu.com/it/u=2188509748,103965460&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=716
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x716, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 42817ec80af18e996a2dbf5c1a89d31e
eea9914e5c6ed22b6216d81ad51478991eb4be73
18003e2f66389f1c6262f6e6dfcb913eadfb33837d504dc48045aa1ecfe8dfac
GET /it/u=2188509748,103965460&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=716 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/webp
content-length: 56826
expires: Mon, 06 Feb 2023 19:51:09 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 42817ec80af18e996a2dbf5c1a89d31e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 19:51:09 GMT
ohc-cache-hit: lz5ct55 [1], xaix142 [4]
ohc-file-size: 56826
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=1008907890,2288278127&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 57 kB URL HTTP/1.1 t13.baidu.com/it/u=1008907890,2288278127&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 20581f753e6c2082482dc83d21d55b32
a0ac42d2714d298ad54f4b7c5d8d05852a441980
b06542dec8ec8991a12262aae5d439ad185424d0f6f34250cdae14f2f999f7aa
GET /it/u=1008907890,2288278127&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpeg
Content-Length: 57301
Connection: keep-alive
Expires: Sun, 05 Feb 2023 20:21:16 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 20581f753e6c2082482dc83d21d55b32
Age: 992799
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 20:21:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache50 [4], suzix50 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57301
X-Cache-Status: HIT
Timing-Allow-Origin: *
21155.url.tudown.com/uploads/images/764150.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/764150.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/764150.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1856503022,3791914285&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=1093527754,255265918&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
118.180.40.35200 OK 106 kB URL HTTP/2 img0.baidu.com/it/u=1093527754,255265918&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 106 kB (106456 bytes)
Hash df89bba4bfbe5fb6d94a383cf70f480c
f404fdce2ffb872b27ccdc86937d7143eba00016
dc53b47dc2cb0988ec236b82d3c31fac949b69394a6f09343c9ee9939eb07f2f
GET /it/u=1093527754,255265918&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/webp
content-length: 106456
expires: Mon, 20 Feb 2023 13:00:29 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: df89bba4bfbe5fb6d94a383cf70f480c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 13:00:29 GMT
ohc-cache-hit: lz5ct74 [2], wzix74 [2]
ohc-file-size: 106456
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/391942.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/391942.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/391942.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=671213229,2198456729&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
21155.url.tudown.com/uploads/images/665140.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/665140.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/665140.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3870404214,1654223610&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
21155.url.tudown.com/uploads/images/196730.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/196730.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/196730.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=919719485,1616636353&fm=253&app=120&f=JPEG?w=1280&h=800
21155.url.tudown.com/uploads/images/716904.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/716904.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/716904.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=37567244,1573142340&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=624
t15.baidu.com/it/u=1856503022,3791914285&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 54 kB URL HTTP/1.1 t15.baidu.com/it/u=1856503022,3791914285&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 964c27c69f542fbbc3ea73f97c6549b3
4d60b436f0d64cb4d99ff6af20ac801d81b2ab78
95a2ca0e4d1719c2a5ceb4112562db021371fce9b45219777399de97c6d423b0
GET /it/u=1856503022,3791914285&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpeg
Content-Length: 53790
Connection: keep-alive
Expires: Fri, 10 Feb 2023 09:57:45 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 964c27c69f542fbbc3ea73f97c6549b3
Age: 989380
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 09:57:45 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [4], zhuzuncache56 [1], qdix180 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53790
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467
118.180.40.35200 OK 177 kB URL HTTP/2 img2.baidu.com/it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467
IP 118.180.40.35:0
File type GIF image data, version 89a, 640 x 467\012- data
Size 177 kB (176756 bytes)
Hash 78d856590b8f34140b86bbd2917d585a
55bcae5ff46d488361a69e454dff3f8628539220
4e6de07ab997c5e735ded37c27205c4b45fe5ea0afb65061ba38c3521764422a
GET /it/u=789303378,4063216615&fm=253&fmt=auto&app=138&f=GIF?w=640&h=467 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/gif
content-length: 176756
expires: Tue, 24 Jan 2023 00:52:59 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 78d856590b8f34140b86bbd2917d585a
age: 194971
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 00:52:59 GMT
ohc-cache-hit: lz5ct74 [4], qdix164 [1]
ohc-file-size: 176756
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4092138419,159749218&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=752
118.180.40.35200 OK 42 kB URL HTTP/2 img0.baidu.com/it/u=4092138419,159749218&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=752
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x752, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d40c7c2f3206463e97a8fdefeda38968
5f878bd50eaed52a83cb71ae4ec657025516626c
f9baf70765831dfa2ff7cbe1a6432a1eca5a57adaeea86ebc0e530561f6ce623
GET /it/u=4092138419,159749218&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=752 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/webp
content-length: 42396
expires: Sun, 19 Feb 2023 11:33:31 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: d40c7c2f3206463e97a8fdefeda38968
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 11:33:31 GMT
ohc-cache-hit: lz5ct69 [1], xaix136 [4]
ohc-file-size: 42396
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/154568.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/154568.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/154568.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=803326376,3234245814&fm=253&app=120&f=JPEG?w=800&h=1421
img2.baidu.com/it/u=69727992,2822017436&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.180.40.35200 OK 28 kB URL HTTP/2 img2.baidu.com/it/u=69727992,2822017436&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 59e5f88d28da961241d78e313593a1e6
ee7fafc8849cf790026ee79b569cc397dfc53c52
bcbee38304b51c8a6af3e4a43ec2d3d1398b229155faa1f631ba4c0bf7b8d78a
GET /it/u=69727992,2822017436&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/webp
content-length: 28188
expires: Fri, 10 Feb 2023 03:09:31 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 59e5f88d28da961241d78e313593a1e6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 03:09:31 GMT
ohc-cache-hit: lz5ct50 [1], qdix138 [4]
ohc-file-size: 28188
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1382961354,136679989&fm=253&fmt=auto&app=138&f=JPEG?w=678&h=500
118.180.40.35200 OK 45 kB URL HTTP/2 img2.baidu.com/it/u=1382961354,136679989&fm=253&fmt=auto&app=138&f=JPEG?w=678&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 678x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a135bdc0e0e437da6c3747fdefed6847
d1f6d7c616d40d53d6ab39453da5ed224fd80d2c
542277310f49a2bf06cbe78ffe816d2f841c1e5959dff6f8f8b9f8e4d6553176
GET /it/u=1382961354,136679989&fm=253&fmt=auto&app=138&f=JPEG?w=678&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/webp
content-length: 44806
expires: Mon, 20 Feb 2023 14:28:14 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a135bdc0e0e437da6c3747fdefed6847
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 14:28:14 GMT
ohc-cache-hit: lz5ct62 [1], qdix62 [4]
ohc-file-size: 44806
x-cache-status: MISS
X-Firefox-Spdy: h2
sofire.baidu.com/h5/e/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/e/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/e/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://21155.url.tudown.com/
Origin: http://21155.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://21155.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Mon, 23 Jan 2023 09:11:41 GMT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3829630217,1912335658&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867
118.180.40.35200 OK 35 kB URL HTTP/2 img1.baidu.com/it/u=3829630217,1912335658&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x867, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b52f26318be383026b885627a403737a
927154ea24eedc6fcc87344a4ea911e3f56f65bf
88998a392d5661742b1aa83176e690c3de2231cd8d02df9b9efc1902800d3b8c
GET /it/u=3829630217,1912335658&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=867 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/webp
content-length: 34880
expires: Tue, 21 Feb 2023 03:54:30 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: b52f26318be383026b885627a403737a
age: 21263
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:54:30 GMT
ohc-cache-hit: lz5ct80 [4], bdix80 [4]
ohc-file-size: 34880
x-cache-status: HIT
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/859613.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/859613.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/859613.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=241711362,4056847247&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=3485641464,171974055&fm=253&fmt=auto&app=120&f=JPEG?w=666&h=999
118.180.40.35200 OK 46 kB URL HTTP/2 img0.baidu.com/it/u=3485641464,171974055&fm=253&fmt=auto&app=120&f=JPEG?w=666&h=999
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 666x999, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2a8010cc861afe46f62604392140f8e3
2764bc422d47e3887eadfd09fe270da6c721787e
f81912957bc77f4471a1408439274ae8347a268a0b674694808c1f849b7778cf
GET /it/u=3485641464,171974055&fm=253&fmt=auto&app=120&f=JPEG?w=666&h=999 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:40 GMT
content-type: image/webp
content-length: 46526
expires: Fri, 17 Feb 2023 06:46:42 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 2a8010cc861afe46f62604392140f8e3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 06:46:42 GMT
ohc-cache-hit: lz5ct64 [1], suzix248 [4]
ohc-file-size: 46526
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1360674153,181439400&fm=253&fmt=auto&app=138&f=JPEG?w=538&h=500
118.180.40.35200 OK 7.3 kB URL HTTP/2 img1.baidu.com/it/u=1360674153,181439400&fm=253&fmt=auto&app=138&f=JPEG?w=538&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 538x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 07673a18038165e9f856652ed22c18bc
6362dc64b3ad582ea45897240a1e4c11e867c5ed
efb2ede6945ee1834001a9caf077725fc4f5421cd6e3345c43a64a0bda22d653
GET /it/u=1360674153,181439400&fm=253&fmt=auto&app=138&f=JPEG?w=538&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 7304
expires: Tue, 21 Feb 2023 13:16:48 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 07673a18038165e9f856652ed22c18bc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 13:16:47 GMT
ohc-cache-hit: lz5ct59 [1], wzix106 [4]
ohc-file-size: 7304
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3263708423,1002168037&fm=253&fmt=auto&app=138&f=JPEG?w=434&h=434
118.180.40.35200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=3263708423,1002168037&fm=253&fmt=auto&app=138&f=JPEG?w=434&h=434
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 434x434, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45fb0301977a9a22dfa6a99d22c9b54d
fd9ecb0a6a9e05973e5e80964a246def547a55ee
42f7ed6d6cf4dfb141f71936ce1aa7a7e29f04919be47be907cf4ce311fc31fc
GET /it/u=3263708423,1002168037&fm=253&fmt=auto&app=138&f=JPEG?w=434&h=434 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 20512
expires: Wed, 25 Jan 2023 09:42:53 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 45fb0301977a9a22dfa6a99d22c9b54d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 09:42:53 GMT
ohc-cache-hit: lz5ct56 [1], xiangyix157 [4]
ohc-file-size: 20512
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=1955076542,2150705797&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 53 kB URL HTTP/1.1 t15.baidu.com/it/u=1955076542,2150705797&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 219c5a38854f0bde9bafae89a58c43bc
2dc1b1af6701be2a9572de9804e7ebf93928e586
2e24e486cd64aff16fc652199f591a260911d2b1075247cc57c9d7e02b794a0e
GET /it/u=1955076542,2150705797&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpeg
Content-Length: 52663
Connection: keep-alive
Expires: Mon, 20 Feb 2023 11:49:35 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 219c5a38854f0bde9bafae89a58c43bc
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 11:49:35 GMT
Ohc-Upstream-Trace: 58.20.204.64
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache64 [1], czix119 [4]
Ohc-Response-Time: 1 0 0 0 380 381
Ohc-File-Size: 52663
X-Cache-Status: MISS
Timing-Allow-Origin: *
img2.baidu.com/it/u=2406500684,3484020834&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
118.180.40.35200 OK 48 kB URL HTTP/2 img2.baidu.com/it/u=2406500684,3484020834&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x667, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9947dbcfa4ba56daa9b77e70ab786e12
3419ca9eab99f2b36292ec8201dbcc55add228ae
e3197180144f7f93c26021389fe1a455d69144f63d19de2338846a624c911bdd
GET /it/u=2406500684,3484020834&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 47576
expires: Wed, 15 Feb 2023 03:09:35 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 9947dbcfa4ba56daa9b77e70ab786e12
age: 528051
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 03:09:35 GMT
ohc-cache-hit: lz5ct80 [4], xaix80 [4]
ohc-file-size: 47576
x-cache-status: HIT
X-Firefox-Spdy: h2
pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=3636620605&s2=2669465534<u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&dc=3&ti=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=1888x34&drs=1&pcs=1268x939&pss=1268x2644&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674465098&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674465099&dtm=HTML_POST&tpr=1674465098787&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=04fe2165b3a1a7a0&dft=0&ft=1
182.61.200.109200 OK 13 kB URL HTTP/2 pos.baidu.com/s?wid=910&hei=120&di=u4965894&s1=3636620605&s2=2669465534<u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&dc=3&ti=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=1888x34&drs=1&pcs=1268x939&pss=1268x2644&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674465098&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674465099&dtm=HTML_POST&tpr=1674465098787&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=04fe2165b3a1a7a0&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7273)
Hash 8621fece24786386581b7993c315c709
74670161c11e33b8f5c8a2fc9a51e90e18a80808
c39b62ccb16d482ec9ec36d7da6aae7fa8ff58ce328a15e755466c51150cd085
GET /s?wid=910&hei=120&di=u4965894&s1=3636620605&s2=2669465534<u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&dc=3&ti=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=1888x34&drs=1&pcs=1268x939&pss=1268x2644&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674465098&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674465099&dtm=HTML_POST&tpr=1674465098787&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=1221&ecd=1&psi=04fe2165b3a1a7a0&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 23 Jan 2023 09:11:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon Jan 23 17:11:41 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=7845B5A63632ABFB0238F5FAA82E46FB:FG=1; expires=Tue, 23-Jan-54 09:11:41 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 13231
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1099339887,639831898&fm=253&app=120&f=JPEG?w=1280&h=800
118.112.225.35200 OK 136 kB URL HTTP/1.1 img2.baidu.com/it/u=1099339887,639831898&fm=253&app=120&f=JPEG?w=1280&h=800
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 136 kB (136384 bytes)
Hash 7995f427f213ec528248b2284c4594c4
d1a7ba463ed650415621bca91f00f5baae7c535b
52dcee5b87daaff7ebd6466a6f065b4edceb42eddb0dab0bc617e1fa250f878f
GET /it/u=1099339887,639831898&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpeg
Content-Length: 136384
Connection: keep-alive
Expires: Thu, 16 Feb 2023 07:23:10 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 7995f427f213ec528248b2284c4594c4
Age: 5807
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 07:23:10 GMT
Ohc-Cache-HIT: cd6ct52 [4], suzix96 [4]
Ohc-File-Size: 136384
X-Cache-Status: HIT
21155.url.tudown.com/uploads/images/932351.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/932351.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/932351.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4044340467,2527411667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=665
img1.baidu.com/it/u=671213229,2198456729&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
118.180.40.35200 OK 3.6 kB URL HTTP/2 img1.baidu.com/it/u=671213229,2198456729&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 220x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash afb7f72012d656dcd925d27419b3ea1e
d023466001950e21b8e6eb82043b384779cf5412
755b246ed8e03c3c1f93783a7c131642667545e38a681a3cbae83f0ca6a40b83
GET /it/u=671213229,2198456729&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 3556
expires: Fri, 27 Jan 2023 04:24:13 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: afb7f72012d656dcd925d27419b3ea1e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 04:24:13 GMT
ohc-cache-hit: lz5ct83 [1], suzix215 [4]
ohc-file-size: 3556
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/398429.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/398429.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/398429.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2672142521,2451435716&fm=253&fmt=auto&app=138&f=JPEG?w=404&h=474
21155.url.tudown.com/uploads/images/655985.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/655985.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/655985.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3331896288,1622562876&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=626
img2.baidu.com/it/u=3870404214,1654223610&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
118.180.40.35200 OK 2.8 kB URL HTTP/2 img2.baidu.com/it/u=3870404214,1654223610&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 94de2499f0b7017f1e41fb0eeea82d55
f93978ddf0843b6d5e6c822774115931402640a1
019263b1e58e048cfbf3ae7c20f08f9f60ecd48e00cc61f80f398263d784b322
GET /it/u=3870404214,1654223610&fm=253&fmt=auto&app=138&f=JPEG?w=120&h=80 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 2776
expires: Mon, 20 Feb 2023 04:09:33 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 94de2499f0b7017f1e41fb0eeea82d55
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 04:09:33 GMT
ohc-cache-hit: lz5ct66 [2], xaix221 [4]
ohc-file-size: 2776
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=241711362,4056847247&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 57 kB URL HTTP/1.1 t15.baidu.com/it/u=241711362,4056847247&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9e09280900a768c18c495dc9a52e31ac
6b4a59411580f988bb45e9fe1c9626e872e3d8bb
6d944f59f9c9bb3a515c473be20f8b1851cf90b9098b3792f69b6aa3e83eed18
GET /it/u=241711362,4056847247&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpeg
Content-Length: 56787
Connection: keep-alive
Expires: Sat, 04 Feb 2023 13:29:40 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 9e09280900a768c18c495dc9a52e31ac
Age: 993938
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 13:29:40 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache53 [4], bdix158 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 56787
X-Cache-Status: HIT
Timing-Allow-Origin: *
21155.url.tudown.com/uploads/images/545176.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/545176.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/545176.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=177484040,1837081053&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=1109809466&s2=1728085616<u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&dc=3&ti=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=2222x34&drs=1&pcs=1268x939&pss=1268x2764&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674465098&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674465099&dtm=HTML_POST&tpr=1674465098787&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=04fe2165b3a1a7a0&dft=0&ft=1
182.61.200.109200 OK 15 kB URL HTTP/2 pos.baidu.com/s?wid=890&hei=200&di=u5039524&s1=1109809466&s2=1728085616<u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&dc=3&ti=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=2222x34&drs=1&pcs=1268x939&pss=1268x2764&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674465098&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674465099&dtm=HTML_POST&tpr=1674465098787&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=04fe2165b3a1a7a0&dft=0&ft=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39011)
Hash 7244641ccd138a93e547c42c8be965ac
58cd5e70ffa7ec40fbf12237183267ec6dca555a
55fa87a4cd9c1fe06e830fdac7736ff8d1b79322a3e8985721d87bce07a12284
GET /s?wid=890&hei=200&di=u5039524&s1=1109809466&s2=1728085616<u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&dc=3&ti=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ps=2222x34&drs=1&pcs=1268x939&pss=1268x2764&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674465098&psr=1280x1024&par=1280x1002&pis=-1x-1&ccd=24&cja=false&cmi=0&col=en-US&cdo=-1&tcn=1674465099&dtm=HTML_POST&tpr=1674465098787&ari=2&ant=0&exps=110277,110269,110257,110009,111000,110011&prot=2&dis=0&dai=2&dri=0&ver=1221&ecd=1&psi=04fe2165b3a1a7a0&dft=0&ft=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 23 Jan 2023 09:11:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon Jan 23 17:11:41 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=7845B5A63632ABFB64C4BD7ACB851815:FG=1; expires=Tue, 23-Jan-54 09:11:41 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 14870
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2395695251,4145582447&fm=253&app=120&f=JPEG?w=800&h=1421
118.180.40.35200 OK 102 kB URL HTTP/1.1 img1.baidu.com/it/u=2395695251,4145582447&fm=253&app=120&f=JPEG?w=800&h=1421
IP 118.180.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x1421, components 3\012- data
Size 102 kB (101514 bytes)
Hash 86274d847cf746a4e181a2534b2a2726
464b098c4504c00c52008f743384ac70d951300c
5c231425ace023e8bc372b9ffee1ce294c03f838dbe54a2f401618382ec85fbf
GET /it/u=2395695251,4145582447&fm=253&app=120&f=JPEG?w=800&h=1421 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpeg
Content-Length: 101514
Connection: keep-alive
Expires: Fri, 27 Jan 2023 13:20:51 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 86274d847cf746a4e181a2534b2a2726
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 13:20:51 GMT
Ohc-Cache-HIT: lz5ct73 [1], xiangyix189 [2]
Ohc-File-Size: 101514
X-Cache-Status: MISS
img2.baidu.com/it/u=2535059407,4121047624&fm=253&app=120&f=JPEG?w=1280&h=800
118.112.225.35200 OK 114 kB URL HTTP/1.1 img2.baidu.com/it/u=2535059407,4121047624&fm=253&app=120&f=JPEG?w=1280&h=800
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 114 kB (114182 bytes)
Hash ce2aa7d6039396e3d2ddfd9851152950
6d64f7ffb342ec77bb78d0edbec55958ea491b85
71cb8b870973c0816aea5cf3046b11800800f885c0a085afea492fce1c0f5905
GET /it/u=2535059407,4121047624&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:40 GMT
Content-Type: image/jpeg
Content-Length: 114182
Connection: keep-alive
Expires: Wed, 15 Feb 2023 02:15:21 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: ce2aa7d6039396e3d2ddfd9851152950
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 02:15:21 GMT
Ohc-Cache-HIT: cd6ct60 [1], wzix113 [4]
Ohc-File-Size: 114182
X-Cache-Status: MISS
img1.baidu.com/it/u=37567244,1573142340&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=624
118.180.40.35200 OK 42 kB URL HTTP/2 img1.baidu.com/it/u=37567244,1573142340&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=624
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x624, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5cc7c4f1008c7167e9e435aa2508fcae
c5173e63daab19fa1eef04f0ee71e38d87fcb06c
7bca2ee1a752910a58c3198dd98de63e1fdf5e2cd4f561ccc7d80fe6683f4da0
GET /it/u=37567244,1573142340&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=624 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 41476
expires: Wed, 22 Feb 2023 03:01:03 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 5cc7c4f1008c7167e9e435aa2508fcae
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:01:03 GMT
ohc-cache-hit: lz5ct54 [2], suzix98 [4]
ohc-file-size: 41476
x-cache-status: MISS
X-Firefox-Spdy: h2
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b5945938da850c97b595e17682f424db4bf141b1&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&t=1674465098743&r=init
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b5945938da850c97b595e17682f424db4bf141b1&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&t=1674465098743&r=init
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b5945938da850c97b595e17682f424db4bf141b1&9=0&10=1&11=0&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&t=1674465098743&r=init HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Mon, 23 Jan 2023 09:11:41 GMT
content-length: 0
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/639367.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/639367.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/639367.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2039500801,3149687525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
21155.url.tudown.com/uploads/images/831308.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/831308.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/831308.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=591653491,2550616752&fm=253&fmt=auto&app=138&f=JPEG?w=450&h=367
21155.url.tudown.com/uploads/images/626987.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/626987.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/626987.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4139232639,4042322656&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
img0.baidu.com/it/u=4044340467,2527411667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=665
118.180.40.35200 OK 19 kB URL HTTP/2 img0.baidu.com/it/u=4044340467,2527411667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=665
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x665, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8086b3358eb562775feca67cd52a661c
e59eaace3214a29a8fa4a58815e50b8317d018ef
6fc9b0417f2dd935974fa5f38348589d42e010c88e5a7fc560050329210944a8
GET /it/u=4044340467,2527411667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=665 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 19004
expires: Mon, 20 Feb 2023 06:15:14 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 8086b3358eb562775feca67cd52a661c
age: 163368
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:15:14 GMT
ohc-cache-hit: lz5ct59 [4], qdix59 [2]
ohc-file-size: 19004
x-cache-status: HIT
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/274830.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/274830.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/274830.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2668566734,1986309550&fm=253&fmt=auto&app=138&f=JPG?w=265&h=380
21155.url.tudown.com/uploads/images/202358.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/202358.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/202358.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=317805683,131693925&fm=253&app=120&f=JPEG?w=1422&h=800
img0.baidu.com/it/u=3331896288,1622562876&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=626
118.180.40.35200 OK 12 kB URL HTTP/2 img0.baidu.com/it/u=3331896288,1622562876&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=626
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x626, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c69761b3d19d78062b7cc16d0eb1310b
6e140a316591ec99410c2b411203acfdc10e3719
da58b6200adff1ee4474a8132366f171d247f9c47b19ce1238e945f065578aee
GET /it/u=3331896288,1622562876&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=626 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 12006
expires: Tue, 21 Feb 2023 03:22:56 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c69761b3d19d78062b7cc16d0eb1310b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:22:56 GMT
ohc-cache-hit: lz5ct61 [2], qdix85 [2]
ohc-file-size: 12006
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2672142521,2451435716&fm=253&fmt=auto&app=138&f=JPEG?w=404&h=474
118.180.40.35200 OK 12 kB URL HTTP/2 img2.baidu.com/it/u=2672142521,2451435716&fm=253&fmt=auto&app=138&f=JPEG?w=404&h=474
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 404x474, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c21f141de58218dfaf6560b30562e954
d322a315cc07eb634312ffaf6e4e88195fbcc534
b8a5544f1b9896aa6fb68bd53b3a898dc63d4fb26e35a2cc1214f53d5006ccfb
GET /it/u=2672142521,2451435716&fm=253&fmt=auto&app=138&f=JPEG?w=404&h=474 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 11678
expires: Mon, 30 Jan 2023 12:28:17 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: c21f141de58218dfaf6560b30562e954
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 31 Dec 2022 12:28:17 GMT
ohc-cache-hit: lz5ct52 [1], xiangyix121 [4]
ohc-file-size: 11678
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/388957.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/388957.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/388957.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1380837969,43607267&fm=253&fmt=auto?w=500&h=889
img0.baidu.com/it/u=177484040,1837081053&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.180.40.35200 OK 32 kB URL HTTP/2 img0.baidu.com/it/u=177484040,1837081053&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 978b89449245c8b9b506e375567a08f8
d83b49a399a265280cc03d15b48815b241a126d9
cf341db757b26488542a360f0b0673e82176c9abf5c0f52a16e21d41b3a0df2a
GET /it/u=177484040,1837081053&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 32158
expires: Fri, 10 Feb 2023 21:03:55 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 978b89449245c8b9b506e375567a08f8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:03:55 GMT
ohc-cache-hit: lz5ct50 [1], xiangyix100 [4]
ohc-file-size: 32158
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2039500801,3149687525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.180.40.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=2039500801,3149687525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44cba1300a94e30e9bb0ff2a1a0def82
29bfe6a8b6c6011ead84a66548ca56fb4fb79072
e56947d0d1262b382153e50ee9e0fd0f3a8b196223d54f1732289eba1947e96a
GET /it/u=2039500801,3149687525&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 14616
expires: Mon, 20 Feb 2023 18:29:25 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 44cba1300a94e30e9bb0ff2a1a0def82
age: 81259
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 18:29:25 GMT
ohc-cache-hit: lz5ct60 [4], xaix222 [2]
ohc-file-size: 14616
x-cache-status: HIT
X-Firefox-Spdy: h2
sofire.baidu.com/h5/e/8800
36.110.192.156200 OK 77 B URL HTTP/2 sofire.baidu.com/h5/e/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with no line terminators
Hash 66e4503ba3be3ba70403241a32c0edc0
42fe1d51c3d23e03fb85bcd27b9e192ce8060bd6
5213ef46df0da6dce5b41be64f3c3952ba1ad8db1870c8ce3f2a6f7e260d8ee8
POST /h5/e/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Bdh5-Pf: 1
Origin: http://21155.url.tudown.com
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://21155.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Mon, 23 Jan 2023 09:11:41 GMT
content-length: 77
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/484094.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/484094.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/484094.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1575221592,928984309&fm=253&fmt=auto?w=1280&h=800
21155.url.tudown.com/uploads/images/150465.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/150465.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/150465.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489
sofire.baidu.com/h5/t/8800
36.110.192.156204 No Content 0 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-bdh5-pf
Referer: http://21155.url.tudown.com/
Origin: http://21155.url.tudown.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://21155.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date: Mon, 23 Jan 2023 09:11:41 GMT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=591653491,2550616752&fm=253&fmt=auto&app=138&f=JPEG?w=450&h=367
118.180.40.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=591653491,2550616752&fm=253&fmt=auto&app=138&f=JPEG?w=450&h=367
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x367, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ba978b6901c085fa10655f62d41d5ec2
c8c8f182a0527c93e049f31ddd04b8a46c580436
d0a6dd9a6d46827865225b35109ae5d52fec2e1ff2e5a6f9d14e4a3617e93f87
GET /it/u=591653491,2550616752&fm=253&fmt=auto&app=138&f=JPEG?w=450&h=367 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 19470
expires: Sat, 18 Feb 2023 10:33:51 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ba978b6901c085fa10655f62d41d5ec2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 10:33:51 GMT
ohc-cache-hit: lz5ct64 [1], suzix98 [4]
ohc-file-size: 19470
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/784682.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/784682.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/784682.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2979636077,342955698&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=516
img0.baidu.com/it/u=919719485,1616636353&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.40.35200 OK 69 kB URL HTTP/1.1 img0.baidu.com/it/u=919719485,1616636353&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 1b9492f7eebeb68d7157e2b78825cf06
43c76422a68cc9ab0c8688545ffae5c73a5f01c3
d4edb05fb090644d61d9e14d4ff3106b1e7c62eb4067d945f4323570ad679ef6
GET /it/u=919719485,1616636353&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpeg
Content-Length: 69354
Connection: keep-alive
Expires: Tue, 31 Jan 2023 02:32:26 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 1b9492f7eebeb68d7157e2b78825cf06
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 02:32:26 GMT
Ohc-Cache-HIT: plct72 [1], bdix159 [4]
Ohc-File-Size: 69354
X-Cache-Status: MISS
img2.baidu.com/it/u=4139232639,4042322656&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
118.180.40.35200 OK 21 kB URL HTTP/2 img2.baidu.com/it/u=4139232639,4042322656&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fbebe229a1a65f708b819bfeb0727676
0e3debae8fc33d897b422bc4d514720309654919
bc772531f3524056f24cd17be05f46db2aacbc788bdcc906c6c6ef903fe9a004
GET /it/u=4139232639,4042322656&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 20610
expires: Mon, 23 Jan 2023 20:59:55 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: fbebe229a1a65f708b819bfeb0727676
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 20:59:55 GMT
ohc-cache-hit: lz5ct74 [1], suzix74 [4]
ohc-file-size: 20610
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/637754.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/637754.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/637754.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=917208500,354096089&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
img0.baidu.com/it/u=2668566734,1986309550&fm=253&fmt=auto&app=138&f=JPG?w=265&h=380
118.180.40.35200 OK 8.6 kB URL HTTP/2 img0.baidu.com/it/u=2668566734,1986309550&fm=253&fmt=auto&app=138&f=JPG?w=265&h=380
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 265x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 17fd221671bc49d7dc8e1e900cf5137f
2f4537a4cd4f228eafbf2aa36481fef9a2cdc2fc
2b42b1adb7ffec0c854ddf3df112ab57e8cb0fc53c9a5478332b7d4c98b5f927
GET /it/u=2668566734,1986309550&fm=253&fmt=auto&app=138&f=JPG?w=265&h=380 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:41 GMT
content-type: image/webp
content-length: 8562
expires: Tue, 07 Feb 2023 08:17:51 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 17fd221671bc49d7dc8e1e900cf5137f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 08:17:51 GMT
ohc-cache-hit: lz5ct71 [1], czix224 [4]
ohc-file-size: 8562
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/157576.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/157576.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/157576.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=870260011,167537644&fm=224&app=112&f=JPEG?w=500&h=500&s=EDE0A0565103F6E51B99C1CF0300E0A2
img2.baidu.com/it/u=803326376,3234245814&fm=253&app=120&f=JPEG?w=800&h=1421
118.112.225.35200 OK 103 kB URL HTTP/1.1 img2.baidu.com/it/u=803326376,3234245814&fm=253&app=120&f=JPEG?w=800&h=1421
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x1421, components 3\012- data
Size 103 kB (102893 bytes)
Hash 99675f47fe1c0717ef39aab47211f219
6b490dfb0cb1b9e499312cc9cd6fc16f87e6b52d
498e2e6a3d9a423f2fa2a4ec8fc24650ed2c76a1ec7e902da98336ab3840a899
GET /it/u=803326376,3234245814&fm=253&app=120&f=JPEG?w=800&h=1421 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:41 GMT
Content-Type: image/jpeg
Content-Length: 102893
Connection: keep-alive
Expires: Tue, 31 Jan 2023 18:16:58 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 99675f47fe1c0717ef39aab47211f219
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 18:16:58 GMT
Ohc-Cache-HIT: cd6ct61 [1], xaix95 [2]
Ohc-File-Size: 102893
X-Cache-Status: MISS
img0.baidu.com/it/u=1380837969,43607267&fm=253&fmt=auto?w=500&h=889
118.180.40.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=1380837969,43607267&fm=253&fmt=auto?w=500&h=889
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c04e59d249745bf5629df1c81526d05
0241911112d09f5f7435866f5875f0bba8278b70
352b3bc611a8905d293b3360bb3fbc6c24ddcdc89bcfd7eeb653abc53f6e43cc
GET /it/u=1380837969,43607267&fm=253&fmt=auto?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:42 GMT
content-type: image/webp
content-length: 16204
expires: Mon, 30 Jan 2023 06:55:19 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 4c04e59d249745bf5629df1c81526d05
age: 1041602
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 31 Dec 2022 06:55:19 GMT
ohc-cache-hit: lz5ct52 [4], xiangyix110 [4]
ohc-file-size: 16204
x-cache-status: HIT
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/686510.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/686510.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/686510.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=344767319,3990134758&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=565
21155.url.tudown.com/uploads/images/893264.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/893264.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/893264.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=754383408,4173477665&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489
118.180.40.35200 OK 14 kB URL HTTP/2 img0.baidu.com/it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x489, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa702f323f8834eac6cfebece1beccf8
b997043be231e731813715841cb00643b9fe4074
3743f1ab2ba6832312708a93c4683f6a48fe3458daa7268227448f63f8a8995b
GET /it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:42 GMT
content-type: image/webp
content-length: 13878
expires: Wed, 01 Feb 2023 23:29:16 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: fa702f323f8834eac6cfebece1beccf8
age: 195351
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 23:29:16 GMT
ohc-cache-hit: lz5ct71 [4], bdix151 [2]
ohc-file-size: 13878
x-cache-status: HIT
X-Firefox-Spdy: h2
sofire.baidu.com/h5/t/8800
36.110.192.156200 OK 591 B URL HTTP/2 sofire.baidu.com/h5/t/8800
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
File type JSON data\012- , ASCII text, with very long lines (591), with no line terminators
Hash e27f4b54417c3d3c715fd50ae44d6cde
007517d21a9dc8e42c8cd4d5d78eeb3812ebfd5b
db4871defd5248c1f3792c9e40e73fd0c3741cee93bc7209fe436ab21e0350f2
POST /h5/t/8800 HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
X-Bdh5-Pf: 1
Content-Length: 3414
Origin: http://21155.url.tudown.com
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,AccessToken,X-CSRF-Token,X-Bdh5-Pf,X-XSRF-TOKEN, Authorization
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://21155.url.tudown.com
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
content-type: application/json; charset=utf-8
date: Mon, 23 Jan 2023 09:11:42 GMT
content-length: 591
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/231787.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/231787.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/231787.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=872011132,3700339535&fm=253&fmt=auto&app=138&f=JPEG?w=919&h=500
t15.baidu.com/it/u=870260011,167537644&fm=224&app=112&f=JPEG?w=500&h=500&s=EDE0A0565103F6E51B99C1CF0300E0A2
185.10.104.124200 OK 52 kB URL HTTP/1.1 t15.baidu.com/it/u=870260011,167537644&fm=224&app=112&f=JPEG?w=500&h=500&s=EDE0A0565103F6E51B99C1CF0300E0A2
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a765867f3fc51a1648034d6f9b76eb0d
bfb079b86c23e0f50d10de1e3632d3828c3305f5
6e041c5e433b3550d76ed9e2701398bb3ce2d7bbbf613ec8b852ec64707b03ab
GET /it/u=870260011,167537644&fm=224&app=112&f=JPEG?w=500&h=500&s=EDE0A0565103F6E51B99C1CF0300E0A2 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpeg
Content-Length: 51767
Connection: keep-alive
Expires: Mon, 30 Jan 2023 14:18:33 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: a765867f3fc51a1648034d6f9b76eb0d
Age: 993728
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 31 Dec 2022 14:18:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache59 [4], qdix59 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51767
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1575221592,928984309&fm=253&fmt=auto?w=1280&h=800
118.180.40.35200 OK 88 kB URL HTTP/2 img0.baidu.com/it/u=1575221592,928984309&fm=253&fmt=auto?w=1280&h=800
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a0ea3cbfaa6641273c62f731ac6769d4
88f41b1ceab4ff499e399644cf5f136d50100f53
a02b4cf84bc75f8c8a4a045c7c375ab703c1e383e9a1e34050e52d6abe392023
GET /it/u=1575221592,928984309&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:42 GMT
content-type: image/webp
content-length: 88118
expires: Mon, 20 Feb 2023 18:29:15 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a0ea3cbfaa6641273c62f731ac6769d4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 18:29:15 GMT
ohc-cache-hit: lz5ct52 [1], qdix86 [4]
ohc-file-size: 88118
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/320736.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/320736.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/320736.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=4221168897,1647657919&fm=253&app=120&f=JPEG?w=1280&h=800
t13.baidu.com/it/u=754383408,4173477665&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 38 kB URL HTTP/1.1 t13.baidu.com/it/u=754383408,4173477665&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d71dd77c0ee5283dd2b6d3e0abcb2733
b0598779f0411b78862ec221c8287921ddb4ed63
cfad2f8b1f15679f5516dd4551e7d00b2c8c5e363cfaa5b66f5ab92cc8928471
GET /it/u=754383408,4173477665&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpeg
Content-Length: 37504
Connection: keep-alive
Expires: Mon, 20 Feb 2023 02:31:32 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: d71dd77c0ee5283dd2b6d3e0abcb2733
Age: 139350
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 02:31:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache57 [4], xaix199 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 37504
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2979636077,342955698&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=516
118.180.40.35200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=2979636077,342955698&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=516
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x516, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c4b82847441792ab5ed8a7c9bef96a51
e43ce15f52a5d8f271d0f3fcdc77d5631da31c63
a895b399ac8fdba6156709492b8865608c336f0a347518003e4116cd5e93861f
GET /it/u=2979636077,342955698&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=516 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:42 GMT
content-type: image/webp
content-length: 23172
expires: Tue, 31 Jan 2023 03:06:53 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: c4b82847441792ab5ed8a7c9bef96a51
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 03:06:53 GMT
ohc-cache-hit: lz5ct68 [1], wzix114 [4]
ohc-file-size: 23172
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/258400.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/258400.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/258400.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1893088694,1514510018&fm=253&app=120&f=JPEG?w=1280&h=800
img2.baidu.com/it/u=317805683,131693925&fm=253&app=120&f=JPEG?w=1422&h=800
118.112.225.35200 OK 201 kB URL HTTP/1.1 img2.baidu.com/it/u=317805683,131693925&fm=253&app=120&f=JPEG?w=1422&h=800
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 201 kB (200713 bytes)
Hash 93f67ed5cbdbfd7886ea68fd89a09dcf
7f63bfdb2684c7500b664b451ebc931ee32672ae
8d5c78b2c620a17bc20ef9f3b6944c317081ffe74bafafe6321cdd226bc18106
GET /it/u=317805683,131693925&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpeg
Content-Length: 200713
Connection: keep-alive
Expires: Sun, 29 Jan 2023 10:50:38 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 93f67ed5cbdbfd7886ea68fd89a09dcf
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 30 Dec 2022 10:50:37 GMT
Ohc-Cache-HIT: cd6ct68 [2], qdix92 [4]
Ohc-File-Size: 200713
X-Cache-Status: MISS
img1.baidu.com/it/u=917208500,354096089&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
118.180.40.35200 OK 54 kB URL HTTP/2 img1.baidu.com/it/u=917208500,354096089&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ddbd98455541953dcdcbaa419ceb88c8
f1f026b2d07a954fb88421a8cba5b52f074c5502
6adfe7d11278bdd1fa2ffa93eba2c00e9778f2a0765857338a2603aaa01a7ec7
GET /it/u=917208500,354096089&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:42 GMT
content-type: image/webp
content-length: 54462
expires: Tue, 21 Feb 2023 13:52:40 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: ddbd98455541953dcdcbaa419ceb88c8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 13:52:40 GMT
ohc-cache-hit: lz5ct72 [2], qdix99 [4]
ohc-file-size: 54462
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/72975.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/72975.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/72975.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4290138625,4255137351&fm=224&app=112&f=JPEG?w=500&h=500
wn.pos.baidu.com/adx.php?c=d25pZD02YTk4YjIyYzg0YTQ3NDk5AHM9NmE5OGIyMmM4NGE0NzQ5OQB0PTE2NzQ0NjUxMDEAc2U9MQBidT00AHByaWNlPVk4NVBUUUFCamhsN2pFcGdXNUlBOGtEYjRabUVQNHBZdXRvaGFBAGNoYXJnZV9wcmljZT0xAHNoYXJpbmdfcHJpY2U9MTAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MTQ2NjI3MjQ1AHR1PXU1MDM5NTI0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZODVQVFFBQmpobDdqRXBnVzVJQThrRGI0Wm1FUDRwWXV0b2hhQQBiY2htZD0wAHRtPTAAdj0xAGk9OTk1Mjk0OTU
182.61.62.32200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD02YTk4YjIyYzg0YTQ3NDk5AHM9NmE5OGIyMmM4NGE0NzQ5OQB0PTE2NzQ0NjUxMDEAc2U9MQBidT00AHByaWNlPVk4NVBUUUFCamhsN2pFcGdXNUlBOGtEYjRabUVQNHBZdXRvaGFBAGNoYXJnZV9wcmljZT0xAHNoYXJpbmdfcHJpY2U9MTAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MTQ2NjI3MjQ1AHR1PXU1MDM5NTI0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZODVQVFFBQmpobDdqRXBnVzVJQThrRGI0Wm1FUDRwWXV0b2hhQQBiY2htZD0wAHRtPTAAdj0xAGk9OTk1Mjk0OTU
IP 182.61.62.32:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD02YTk4YjIyYzg0YTQ3NDk5AHM9NmE5OGIyMmM4NGE0NzQ5OQB0PTE2NzQ0NjUxMDEAc2U9MQBidT00AHByaWNlPVk4NVBUUUFCamhsN2pFcGdXNUlBOGtEYjRabUVQNHBZdXRvaGFBAGNoYXJnZV9wcmljZT0xAHNoYXJpbmdfcHJpY2U9MTAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MTQ2NjI3MjQ1AHR1PXU1MDM5NTI0AGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAbG9jPTUAZWlkPTAAY2JpZD1ZODVQVFFBQmpobDdqRXBnVzVJQThrRGI0Wm1FUDRwWXV0b2hhQQBiY2htZD0wAHRtPTAAdj0xAGk9OTk1Mjk0OTU HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Mon, 23 Jan 2023 09:11:42 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=64638E767CE4359B42D370768E36F517:FG=1; expires=Tue, 23-Jan-24 09:11:42 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
21155.url.tudown.com/uploads/images/675575.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/675575.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/675575.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2895800096,243630456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=743
sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b5945938da850c97b595e17682f424db4bf141b1&9=0&10=1&11=2126&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&t=1674465100932&r=lo
36.110.192.156200 OK 0 B URL HTTP/2 sofire.baidu.com/abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b5945938da850c97b595e17682f424db4bf141b1&9=0&10=1&11=2126&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&t=1674465100932&r=lo
IP 36.110.192.156:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abot/api/v1/tpl/re/8800?v=1.1&0=1&1=0&2=0&3=0&4=0&5=0&6=0&7=1&8=v10-b5945938da850c97b595e17682f424db4bf141b1&9=0&10=1&11=2126&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&t=1674465100932&r=lo HTTP/1.1
Host: sofire.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Mon, 23 Jan 2023 09:11:42 GMT
content-length: 0
X-Firefox-Spdy: h2
img0.baidu.com/it/u=344767319,3990134758&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=565
118.180.40.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=344767319,3990134758&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=565
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x565, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f981133766f55b05707a97516a7b020
8823325d4fbe6255ae6bcc5460a04210f5bbb5ea
3790d0c3fb6cd1ba17f960bfd306e5e6b600290cef3d87d4383dd309dfe382a2
GET /it/u=344767319,3990134758&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=565 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:42 GMT
content-type: image/webp
content-length: 20254
expires: Fri, 17 Feb 2023 09:23:23 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 7f981133766f55b05707a97516a7b020
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 09:23:23 GMT
ohc-cache-hit: lz5ct52 [1], czix115 [2]
ohc-file-size: 20254
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/205277.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/205277.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/205277.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1653843692,628695332&fm=253&fmt=auto&app=138&f=JPEG?w=641&h=401
img0.baidu.com/it/u=872011132,3700339535&fm=253&fmt=auto&app=138&f=JPEG?w=919&h=500
118.180.40.35200 OK 35 kB URL HTTP/2 img0.baidu.com/it/u=872011132,3700339535&fm=253&fmt=auto&app=138&f=JPEG?w=919&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 919x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03decb7d802d9e4dbdf784304cc8125a
7d2ed4ea0bf5d910e086f659f1e7c3d9d4cf3530
c3186348270fdb5b67f4bae9e88c5961e7d9b741e8c292b018a2b93b330054f3
GET /it/u=872011132,3700339535&fm=253&fmt=auto&app=138&f=JPEG?w=919&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:42 GMT
content-type: image/webp
content-length: 35344
expires: Tue, 21 Feb 2023 05:58:25 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 03decb7d802d9e4dbdf784304cc8125a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:58:25 GMT
ohc-cache-hit: lz5ct66 [2], czix66 [4]
ohc-file-size: 35344
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=4290138625,4255137351&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 66 kB URL HTTP/1.1 t15.baidu.com/it/u=4290138625,4255137351&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 16a927a954fd754046879c951fe7053e
ea68b05c382c5e36b70bf2c8e4b5038d0990fd0b
d38b58796ee5af91156dd177669ac5e6fe404a7d5f4132243a903ffac87ac9fb
GET /it/u=4290138625,4255137351&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpeg
Content-Length: 66183
Connection: keep-alive
Expires: Sun, 05 Feb 2023 10:51:39 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 16a927a954fd754046879c951fe7053e
Age: 992242
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 10:51:39 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache56 [4], bdix131 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 66183
X-Cache-Status: HIT
Timing-Allow-Origin: *
21155.url.tudown.com/uploads/images/526822.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/526822.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/526822.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4280153194,99526256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
img2.baidu.com/it/u=4221168897,1647657919&fm=253&app=120&f=JPEG?w=1280&h=800
118.112.225.35200 OK 101 kB URL HTTP/1.1 img2.baidu.com/it/u=4221168897,1647657919&fm=253&app=120&f=JPEG?w=1280&h=800
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 101 kB (101021 bytes)
Hash a7f575339113dbb416fdbd79bc2e2cde
2f665d90ef0fa642721c3d510763e31f99e97ea4
e83fc3e566e62b20eccd678600298ed849ff551490ac3ae34a90d75e36fdcdd7
GET /it/u=4221168897,1647657919&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpeg
Content-Length: 101021
Connection: keep-alive
Expires: Mon, 06 Feb 2023 04:01:33 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: a7f575339113dbb416fdbd79bc2e2cde
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 04:01:33 GMT
Ohc-Cache-HIT: cd6ct85 [1], csix85 [4]
Ohc-File-Size: 101021
X-Cache-Status: MISS
img2.baidu.com/it/u=1893088694,1514510018&fm=253&app=120&f=JPEG?w=1280&h=800
118.112.225.35200 OK 87 kB URL HTTP/1.1 img2.baidu.com/it/u=1893088694,1514510018&fm=253&app=120&f=JPEG?w=1280&h=800
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash dc15aeab146435f771128c7389a32393
84c254bf57ae87d38cb4c4314253f250f21ecdf6
9dfe55ab0b2e76939ac0120fbdfd4e7970deca117a571315cb4d39c230bee188
GET /it/u=1893088694,1514510018&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpeg
Content-Length: 86897
Connection: keep-alive
Expires: Sat, 11 Feb 2023 17:23:57 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: dc15aeab146435f771128c7389a32393
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 17:23:57 GMT
Ohc-Cache-HIT: cd6ct63 [1], czix98 [4]
Ohc-File-Size: 86897
X-Cache-Status: MISS
eclick.baidu.com/rs.jpg?pageSearchId=1674465098396iyx9z1zqgal&content=%7BpgSacI%22%22646089ixzzgl%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F215ultdw.o%2Fizub.%2598%25AE%254A%259A%251E%25AAfrixwn03i7i879132.x%22%22aeerhd%3A1745936y91qa%22%5D%22aeerhd%3A1745936y91qa%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F15.r.uoncmxa%2Fs20E%2509%2579%258E%259B%2558%258ownpi20wnwn%401_176ee%2CpgSacI%22%22646089ixzzgl%7D%7D
111.206.208.190200 OK 0 B URL HTTP/1.1 eclick.baidu.com/rs.jpg?pageSearchId=1674465098396iyx9z1zqgal&content=%7BpgSacI%22%22646089ixzzgl%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F215ultdw.o%2Fizub.%2598%25AE%254A%259A%251E%25AAfrixwn03i7i879132.x%22%22aeerhd%3A1745936y91qa%22%5D%22aeerhd%3A1745936y91qa%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F15.r.uoncmxa%2Fs20E%2509%2579%258E%259B%2558%258ownpi20wnwn%401_176ee%2CpgSacI%22%22646089ixzzgl%7D%7D
IP 111.206.208.190:0
ASN #4808 China Unicom Beijing Province Network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rs.jpg?pageSearchId=1674465098396iyx9z1zqgal&content=%7BpgSacI%22%22646089ixzzgl%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2F215ultdw.o%2Fizub.%2598%25AE%254A%259A%251E%25AAfrixwn03i7i879132.x%22%22aeerhd%3A1745936y91qa%22%5D%22aeerhd%3A1745936y91qa%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2F15.r.uoncmxa%2Fs20E%2509%2579%258E%259B%2558%258ownpi20wnwn%401_176ee%2CpgSacI%22%22646089ixzzgl%7D%7D HTTP/1.1
Host: eclick.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: image/jpeg
Date: Mon, 23 Jan 2023 09:11:42 GMT
Etag: "628d8c2e-0"
Expires: Mon, 23 Jan 2023 09:11:42 GMT
Last-Modified: Wed, 25 May 2022 01:53:50 GMT
Server: nginx
img0.baidu.com/it/u=2895800096,243630456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=743
118.180.40.35200 OK 21 kB URL HTTP/2 img0.baidu.com/it/u=2895800096,243630456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=743
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x743, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 567fab235c019db244d6a66d20b639bd
810cd7d72cd4fbcc559f661b16c9d7f7f46ead80
e55e729fdf0ae84d1b653b88c6fb3f63148418ceb9d90beefe284ccc22b7d3a0
GET /it/u=2895800096,243630456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=743 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:42 GMT
content-type: image/webp
content-length: 20966
expires: Tue, 21 Feb 2023 04:35:07 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 567fab235c019db244d6a66d20b639bd
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 04:35:07 GMT
ohc-cache-hit: lz5ct54 [1], xaix54 [2]
ohc-file-size: 20966
x-cache-status: MISS
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/116211.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/116211.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/116211.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3967868277,1042618687&fm=253&app=138&f=JPEG?w=800&h=500
21155.url.tudown.com/uploads/images/954006.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/954006.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/954006.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2686110234,3143283253&fm=224&app=112&f=JPEG?w=500&h=500&s=30A796BA44464EEF90378D59030010E9
bdcode.2345.com/js/logo/css/logo-sm.css
42.81.8.130200 OK 783 B URL HTTP/2 bdcode.2345.com/js/logo/css/logo-sm.css
IP 42.81.8.130:0
File type ASCII text, with very long lines (2128), with no line terminators
Hash 621b3563f1231de3a058fa25980064be
c2575c8110cbaba0c87c543fabf7c592789ad67f
37944a5c3981b16d6a498a7dc9427edcd64c1752e6728c5323525bc400efc8d6
GET /js/logo/css/logo-sm.css HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: text/css
date: Mon, 23 Jan 2023 09:11:42 GMT
etag: W/"61d6a24a-850"
expires: Mon, 23 Jan 2023 10:11:42 GMT
last-modified: Thu, 06 Jan 2022 08:03:22 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c1657213ccb437e0-143
content-length: 783
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1653843692,628695332&fm=253&fmt=auto&app=138&f=JPEG?w=641&h=401
118.180.40.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=1653843692,628695332&fm=253&fmt=auto&app=138&f=JPEG?w=641&h=401
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 641x401, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a583cbae0ab0768a05dc2495670e174e
13fc1250a9ae958f638a7417d482deb9cb490e4b
d9a4c1b2a16ef5a65cf9b909f9e7e1bd862a4f0e70fe61d8308f30d353f4327e
GET /it/u=1653843692,628695332&fm=253&fmt=auto&app=138&f=JPEG?w=641&h=401 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:42 GMT
content-type: image/webp
content-length: 26624
expires: Mon, 06 Feb 2023 16:18:24 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: a583cbae0ab0768a05dc2495670e174e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 16:18:24 GMT
ohc-cache-hit: lz5ct64 [1], wzix64 [4]
ohc-file-size: 26624
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4280153194,99526256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
118.180.40.35200 OK 53 kB URL HTTP/2 img1.baidu.com/it/u=4280153194,99526256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08aa7435ba3c12ad58398ec3e2916b50
39d273eb2a1443ba2f02bd3f2b928745560a719b
663e8fcfa91d86fc68629e8f3606db3a2bc171081e77f2dc851b323226c71028
GET /it/u=4280153194,99526256&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:42 GMT
content-type: image/webp
content-length: 53388
expires: Wed, 22 Feb 2023 01:43:30 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 08aa7435ba3c12ad58398ec3e2916b50
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 01:43:30 GMT
ohc-cache-hit: lz5ct65 [1], suzix218 [2]
ohc-file-size: 53388
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=2686110234,3143283253&fm=224&app=112&f=JPEG?w=500&h=500&s=30A796BA44464EEF90378D59030010E9
185.10.104.124200 OK 71 kB URL HTTP/1.1 t15.baidu.com/it/u=2686110234,3143283253&fm=224&app=112&f=JPEG?w=500&h=500&s=30A796BA44464EEF90378D59030010E9
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c5369277a3985d0507de22ed1eb8a68e
fca891e56b722521fab9c8fe9b8799a69507591e
f2789265a2ef9d1f19e30c94c0009a1ace2722d71363b55437a6cd4aa25529a3
GET /it/u=2686110234,3143283253&fm=224&app=112&f=JPEG?w=500&h=500&s=30A796BA44464EEF90378D59030010E9 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpeg
Content-Length: 70752
Connection: keep-alive
Expires: Tue, 14 Feb 2023 04:31:16 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: c5369277a3985d0507de22ed1eb8a68e
Age: 706419
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 04:31:16 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache51 [1], czix85 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 70752
X-Cache-Status: HIT
Timing-Allow-Origin: *
union2.50bang.org/web/duoteall?uId2=UUTRSRUKWW&r=&fBL=1280*1024
180.101.190.124200 OK 0 B URL HTTP/1.1 union2.50bang.org/web/duoteall?uId2=UUTRSRUKWW&r=&fBL=1280*1024
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web/duoteall?uId2=UUTRSRUKWW&r=&fBL=1280*1024 HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: uidFlag=1; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uUid=889763CE4F4E000E48FB685F0004; path=/; domain=union2.50bang.org; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTL=1; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
uHTT=1674465102; path=/web/duoteall; expires=Sun,22-Feb-2099 00:00:00 GMT
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Length: 0
img0.baidu.com/it/u=3967868277,1042618687&fm=253&app=138&f=JPEG?w=800&h=500
125.74.40.35200 OK 36 kB URL HTTP/1.1 img0.baidu.com/it/u=3967868277,1042618687&fm=253&app=138&f=JPEG?w=800&h=500
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Hash bb09e0f8236eeada663dad517159af05
4df316bd9e2ff4b4f0453ee569075b535687c39d
ff67cd43ff7b556cc915ff7eb42742034aa19dec9bd955dffd12421f88b57558
GET /it/u=3967868277,1042618687&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:42 GMT
Content-Type: image/jpeg
Content-Length: 36485
Connection: keep-alive
Expires: Mon, 20 Feb 2023 01:06:03 GMT
Last-Modified: Sat, 17 Jan 1970 00:00:00 GMT
ETag: bb09e0f8236eeada663dad517159af05
Age: 22314
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 01:06:03 GMT
Ohc-Cache-HIT: plct56 [4], czix121 [4]
Ohc-File-Size: 36485
X-Cache-Status: HIT
pos.baidu.com/auto_dup?di=0&uuid=cfb4eb847039b365&dri=0&dis=0&dai=0&ps=0x0&enu=encoding&exps=110011&ant=0&psi=04fe2165b3a1a7a0&dcb=___baidu_union_callback&dtm=AUTO_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1674465098787&ti=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ari=2&ver=1221&dbv=0&drs=1&pcs=1268x939&pss=1268x2644&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674465098&prot=2&rw=939<u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&ecd=1&dft=0&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1674465099&dc=4&aa=1
182.61.200.109200 OK 59 B URL HTTP/2 pos.baidu.com/auto_dup?di=0&uuid=cfb4eb847039b365&dri=0&dis=0&dai=0&ps=0x0&enu=encoding&exps=110011&ant=0&psi=04fe2165b3a1a7a0&dcb=___baidu_union_callback&dtm=AUTO_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1674465098787&ti=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ari=2&ver=1221&dbv=0&drs=1&pcs=1268x939&pss=1268x2644&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674465098&prot=2&rw=939<u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&ecd=1&dft=0&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1674465099&dc=4&aa=1
IP 182.61.200.109:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash 5bcef7cee71bfb2b0786d22293dee112
337c0bc6f57f7e584d1a45818ae62d5911c8854e
58877d7fcb4d53c40b44e4ca8e692cc8324c2940c3f6b39590b5d920f4fe7846
GET /auto_dup?di=0&uuid=cfb4eb847039b365&dri=0&dis=0&dai=0&ps=0x0&enu=encoding&exps=110011&ant=0&psi=04fe2165b3a1a7a0&dcb=___baidu_union_callback&dtm=AUTO_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1674465098787&ti=%E4%BA%9A%E5%8D%9Aag%E6%97%97%E8%88%B0%E5%8E%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88&ari=2&ver=1221&dbv=0&drs=1&pcs=1268x939&pss=1268x2644&cfv=0&cpl=0&chi=1&cce=true&cec=UTF-8&tlm=1674465098&prot=2&rw=939<u=http%3A%2F%2F21155.url.tudown.com%2Fxiaz%2Fusb2.0%25E9%2580%259A%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A8forwinxpwin2003win7win8%40719_113726.exe&ecd=1&dft=0&uc=1280x1002&pis=-1x-1&sr=1280x1024&tcn=1674465099&dc=4&aa=1 HTTP/1.1
Host: pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: post-check=0, pre-check=0
content-type: application/javascript;charset=UTF-8
date: Mon, 23 Jan 2023 09:11:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon Jan 23 17:11:43 2023
p3p: CP=" OTI DSP COR IVA OUR IND COM "
pragma: no-cache
server: nginx
set-cookie: BAIDUID=50B1A9AB374C44532179CC64FCB47D0F:FG=1; expires=Tue, 23-Jan-54 09:11:43 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
x-xss-protection: 0
content-length: 59
X-Firefox-Spdy: h2
wn.pos.baidu.com/adx.php?c=d25pZD04NWQ5OThiZDYxMGU0M2I4AHM9ODVkOTk4YmQ2MTBlNDNiOAB0PTE2NzQ0NjUxMDEAc2U9MQBidT00AHByaWNlPVk4NVBUUUFBVEVON2pFcGdXNUlBOHVkci1pdTZ5bVZ6Wmh1RFBnAGNoYXJnZV9wcmljZT0xOABzaGFyaW5nX3ByaWNlPTE4MDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD05MjQ4MjQwMjEAdHU9dTQ5NjU4OTQAYWRjbGFzcz0wAHNyY3Q9MABwb3M9MABsb2M9NQBlaWQ9MABjYmlkPVk4NVBUUUFBVEVON2pFcGdXNUlBOHVkci1pdTZ5bVZ6Wmh1RFBnAGJjaG1kPTAAdG09MAB2PTEAaT05MWI5N2JjMw
182.61.62.32200 OK 49 B URL HTTP/1.1 wn.pos.baidu.com/adx.php?c=d25pZD04NWQ5OThiZDYxMGU0M2I4AHM9ODVkOTk4YmQ2MTBlNDNiOAB0PTE2NzQ0NjUxMDEAc2U9MQBidT00AHByaWNlPVk4NVBUUUFBVEVON2pFcGdXNUlBOHVkci1pdTZ5bVZ6Wmh1RFBnAGNoYXJnZV9wcmljZT0xOABzaGFyaW5nX3ByaWNlPTE4MDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD05MjQ4MjQwMjEAdHU9dTQ5NjU4OTQAYWRjbGFzcz0wAHNyY3Q9MABwb3M9MABsb2M9NQBlaWQ9MABjYmlkPVk4NVBUUUFBVEVON2pFcGdXNUlBOHVkci1pdTZ5bVZ6Wmh1RFBnAGJjaG1kPTAAdG09MAB2PTEAaT05MWI5N2JjMw
IP 182.61.62.32:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /adx.php?c=d25pZD04NWQ5OThiZDYxMGU0M2I4AHM9ODVkOTk4YmQ2MTBlNDNiOAB0PTE2NzQ0NjUxMDEAc2U9MQBidT00AHByaWNlPVk4NVBUUUFBVEVON2pFcGdXNUlBOHVkci1pdTZ5bVZ6Wmh1RFBnAGNoYXJnZV9wcmljZT0xOABzaGFyaW5nX3ByaWNlPTE4MDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD05MjQ4MjQwMjEAdHU9dTQ5NjU4OTQAYWRjbGFzcz0wAHNyY3Q9MABwb3M9MABsb2M9NQBlaWQ9MABjYmlkPVk4NVBUUUFBVEVON2pFcGdXNUlBOHVkci1pdTZ5bVZ6Wmh1RFBnAGJjaG1kPTAAdG09MAB2PTEAaT05MWI5N2JjMw HTTP/1.1
Host: wn.pos.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Mon, 23 Jan 2023 09:11:43 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: nginx
Set-Cookie: BAIDUID=03CDE6B201610360CCE289959C8350D9:FG=1; expires=Tue, 23-Jan-24 09:11:43 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
21155.url.tudown.com/uploads/images/847286.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/847286.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/847286.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=758744489,2866825540&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
21155.url.tudown.com/uploads/images/172587.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/172587.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/172587.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3066197043,2597542994&fm=224&app=112&f=JPEG?w=499&h=419
eclick.baidu.com/se.jpg?type=tc&di=u4965894&t2=2886&ft=pc&af=1&dis=0&fs=0&ver=1221&rdm=1674465101676
111.206.208.190200 OK 43 B URL HTTP/1.1 eclick.baidu.com/se.jpg?type=tc&di=u4965894&t2=2886&ft=pc&af=1&dis=0&fs=0&ver=1221&rdm=1674465101676
IP 111.206.208.190:0
ASN #4808 China Unicom Beijing Province Network
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /se.jpg?type=tc&di=u4965894&t2=2886&ft=pc&af=1&dis=0&fs=0&ver=1221&rdm=1674465101676 HTTP/1.1
Host: eclick.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 23 Jan 2023 09:11:43 GMT
Expires: Mon, 23 Jan 2023 09:11:43 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
t14.baidu.com/it/u=3066197043,2597542994&fm=224&app=112&f=JPEG?w=499&h=419
185.10.104.124200 OK 65 kB URL HTTP/1.1 t14.baidu.com/it/u=3066197043,2597542994&fm=224&app=112&f=JPEG?w=499&h=419
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 499x419, components 3\012- data
Hash bf230e583042ccc4d965965bba269af6
6e2be469504a3bb9076445038f1fd7fa1888f0e4
4b0e4d8852e4c6f61799ca8b378b90d2a35064a8ca8d9c17581a782dc0bce35d
GET /it/u=3066197043,2597542994&fm=224&app=112&f=JPEG?w=499&h=419 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpeg
Content-Length: 65269
Connection: keep-alive
Expires: Tue, 07 Feb 2023 12:45:32 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: bf230e583042ccc4d965965bba269af6
Age: 994026
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 12:45:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache55 [1], bdix226 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 65269
X-Cache-Status: HIT
Timing-Allow-Origin: *
21155.url.tudown.com/uploads/images/135983.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/135983.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/135983.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3479667951,549212761&fm=253&fmt=auto&app=138&f=GIF?w=150&h=290
21155.url.tudown.com/uploads/images/992847.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/992847.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/992847.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1745784859,3460907319&fm=253&app=120&f=JPEG?w=1280&h=800
img2.baidu.com/it/u=758744489,2866825540&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
118.112.225.35200 OK 43 kB URL HTTP/1.1 img2.baidu.com/it/u=758744489,2866825540&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3d0967a08f80d03bca168fe60a3de2b0
e44c8ece10721de4635122101fa873470e5eb677
985ea8776dfedcee79651f10f7379ade337d98c5eca1770293cf0c31f9162a3d
GET /it/u=758744489,2866825540&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/webp
Content-Length: 43212
Connection: keep-alive
Expires: Tue, 14 Feb 2023 03:41:38 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 3d0967a08f80d03bca168fe60a3de2b0
Age: 369491
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 03:41:38 GMT
Ohc-Cache-HIT: cd6ct64 [4], xiangyix139 [4]
Ohc-File-Size: 43212
X-Cache-Status: HIT
21155.url.tudown.com/uploads/images/654984.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/654984.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/654984.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3629306599,278441627&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 26d27425f3b3b28c293c532ed36a51fc
e91a3aba3f738ea0c9b759f171a661d3595ad134
f85142701680c43fe4c60498b534b1ff8a2b20e6a041eb0128690e2172016945
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 23 Jan 2023 09:11:43 GMT
Last-Modified: Sun, 22 Jan 2023 15:48:36 GMT
ETag: "63cd5ad4-1d7"
Expires: Tue, 24 Jan 2023 15:48:36 GMT
Cache-Control: max-age=110213
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674465103
Via: cache26.l2de2[3,2,200-0,M], cache26.l2de2[3,0], cache7.se1[24,23,200-0,M], cache7.se1[25,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 09:11:43 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16744651035662053e
21155.url.tudown.com/uploads/images/466323.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/466323.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/466323.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=536463524,2669164011&fm=253&app=120&f=JPEG?w=1280&h=800
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 26d27425f3b3b28c293c532ed36a51fc
e91a3aba3f738ea0c9b759f171a661d3595ad134
f85142701680c43fe4c60498b534b1ff8a2b20e6a041eb0128690e2172016945
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 23 Jan 2023 09:11:43 GMT
Ali-Swift-Global-Savetime: 1674465103
Via: cache25.l2de2[5,5,200-0,M], cache25.l2de2[6,0], cache1.se1[28,28,200-0,M], cache1.se1[29,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 09:11:43 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516744651035958201e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 26d27425f3b3b28c293c532ed36a51fc
e91a3aba3f738ea0c9b759f171a661d3595ad134
f85142701680c43fe4c60498b534b1ff8a2b20e6a041eb0128690e2172016945
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 23 Jan 2023 09:11:43 GMT
Ali-Swift-Global-Savetime: 1674465103
Via: cache12.l2de2[4,3,200-0,M], cache12.l2de2[4,0], cache5.se1[26,25,200-0,M], cache5.se1[28,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 09:11:43 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916744651035981412e
21155.url.tudown.com/uploads/images/51297.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/51297.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/51297.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800
img0.baidu.com/it/u=1745784859,3460907319&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.40.35200 OK 121 kB URL HTTP/1.1 img0.baidu.com/it/u=1745784859,3460907319&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 121 kB (121356 bytes)
Hash 7a5782fdaf3d4efd25a753faba5e1303
5afe77c920e11dd0e93676e03c059753a7321264
5856ac9b0f73b6537af2ba13b47969ebd203ffb5d8726f2274a2af8797873135
GET /it/u=1745784859,3460907319&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpeg
Content-Length: 121356
Connection: keep-alive
Expires: Mon, 06 Feb 2023 16:33:29 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 7a5782fdaf3d4efd25a753faba5e1303
Age: 21273
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 16:33:29 GMT
Ohc-Cache-HIT: plct68 [4], csix77 [4]
Ohc-File-Size: 121356
X-Cache-Status: HIT
21155.url.tudown.com/uploads/images/607342.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/607342.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/607342.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1142265779,631328382&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=3479667951,549212761&fm=253&fmt=auto&app=138&f=GIF?w=150&h=290
118.180.40.35200 OK 9.9 kB URL HTTP/2 img2.baidu.com/it/u=3479667951,549212761&fm=253&fmt=auto&app=138&f=GIF?w=150&h=290
IP 118.180.40.35:0
File type GIF image data, version 89a, 150 x 290\012- data
Hash 95f5a90f5d254160701f902997289194
b7f52fc489452ff7eb5c6beb3d3455273c6b369a
00ff0e23a007f325127149dfe93130db161f995be40a2ba2ebb7589b7f752c1d
GET /it/u=3479667951,549212761&fm=253&fmt=auto&app=138&f=GIF?w=150&h=290 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/gif
content-length: 9931
expires: Wed, 22 Feb 2023 08:32:43 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 95f5a90f5d254160701f902997289194
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 08:32:43 GMT
ohc-cache-hit: lz5ct62 [1], xaix130 [4]
ohc-file-size: 9931
x-cache-status: MISS
X-Firefox-Spdy: h2
cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
220.169.152.35200 OK 4.5 kB URL HTTP/2 cpro.baidustatic.com/cpro/ui/noexpire/img/2.0.0/native_ad.png
IP 220.169.152.35:0
File type PNG image data, 44 x 984, 8-bit colormap, non-interlaced\012- data
Hash 3e2d110dd13ae372eac3c04347687487
666c77091671206a1ee7202bfa821afa63dfed94
4b86aeb9d139835e6517cef965d3442d8efca774abc2d6befc580ec63aace62e
GET /cpro/ui/noexpire/img/2.0.0/native_ad.png HTTP/1.1
Host: cpro.baidustatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/png
content-length: 4514
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 01 Apr 2022 07:05:03 GMT
etag: "6246a41f-11a2"
cache-control: max-age=315360000
age: 544204
accept-ranges: bytes
timing-allow-origin: *
ohc-global-saved-time: Tue, 21 Jun 2022 04:49:12 GMT
ohc-cache-hit: yy2ct60 [2], wzix60 [2]
ohc-file-size: 4514
x-cache-status: HIT
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/956803.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/956803.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/956803.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2481906233,2768429225&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
21155.url.tudown.com/uploads/images/273312.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/273312.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/273312.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1371779515,53198364&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500
img2.baidu.com/it/u=3629306599,278441627&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
118.180.40.35200 OK 38 kB URL HTTP/2 img2.baidu.com/it/u=3629306599,278441627&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50bc02fce5116e2c8c0934e6020bb6bc
076fcf04bbd75d2a971f79dc64080d6b8041a737
29edd09b28169253b2d0f4fec371c6f704b63fb3cb53992bed6ac03cce78dfe3
GET /it/u=3629306599,278441627&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/webp
content-length: 38194
expires: Wed, 22 Feb 2023 02:06:58 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 50bc02fce5116e2c8c0934e6020bb6bc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:06:58 GMT
ohc-cache-hit: lz5ct60 [1], bdix145 [2]
ohc-file-size: 38194
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=1142265779,631328382&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t13.baidu.com/it/u=1142265779,631328382&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash feadba65347438c2b9b9fd30fc5d3311
76aad57382877afc6dd2188e4796addf7406226d
1eb36487613519222edc05193f0472118914abc7d6ad4897f0fd3439c9a8c6b5
GET /it/u=1142265779,631328382&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpeg
Content-Length: 43943
Connection: keep-alive
Expires: Thu, 02 Feb 2023 03:43:29 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: feadba65347438c2b9b9fd30fc5d3311
Age: 992854
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 03:43:29 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache63 [2], csix104 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43943
X-Cache-Status: HIT
Timing-Allow-Origin: *
lupic.cdn.bcebos.com/20191203/3017154272_14.jpg
125.64.104.35200 OK 32 kB URL HTTP/2 lupic.cdn.bcebos.com/20191203/3017154272_14.jpg
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x286, components 3\012- data
Hash bcc5b64c96a6e8f6458bc4ab5f693f9a
c6014adf636fa61ec1979cdc1e7f88f00957de26
bba7634817c698a5fcdda323c6c9b8aca75d22e0fb560f4aafae7231032ee129
GET /20191203/3017154272_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/jpeg
content-length: 31834
expires: Mon, 23 Jan 2023 23:33:14 GMT
last-modified: Tue, 03 Dec 2019 08:45:26 GMT
etag: "bcc5b64c96a6e8f6458bc4ab5f693f9a"
age: 206600
accept-ranges: bytes
content-md5: vMW2TJam6PZFi8SrX2k/mg==
x-bce-content-crc32: 609958593
x-bce-debug-id: kixkZUotojcfbZzARjX4zXSCytA5rg1weAw0RS01olCuHvKt33sp4jC/q94VsLjpFvQF3ckyc+iZtQ55rGH0Hg==
x-bce-request-id: 120e7a4f-615a-469f-9e65-30d87782e4bf
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 23:33:14 GMT
ohc-cache-hit: dy2ct75 [2], suzix220 [2]
ohc-file-size: 31834
x-cache-status: HIT
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/590074.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/590074.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/590074.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1969743145,2098174781&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
e2.2345.com/news/module2/js/newsModule-v2.js
222.186.17.195200 OK 12 kB URL HTTP/2 e2.2345.com/news/module2/js/newsModule-v2.js
IP 222.186.17.195:0
Hash f5d65c659a20287f41852b75e4095bed
26d4a32a98cd7f83a8b7bafc5badec0d5b391c62
84b1c7297a7dffc3af3375e352cecc21c491ffa77f7728a6f449eb9c4e575ba6
GET /news/module2/js/newsModule-v2.js HTTP/1.1
Host: e2.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://21155.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Mon, 23 Jan 2023 08:46:48 GMT
etag: W/"5f35e38f-cacf"
last-modified: Fri, 14 Aug 2020 01:06:23 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
ali-swift-global-savetime: 1674463608
via: cache59.l2cn3037[0,0,304-0,H], cache18.l2cn3037[0,0], cache18.l2cn3037[0,0], ens-vcache8.cn5274[0,0,200-0,H], ens-vcache23.cn5274[1,0]
age: 1490
x-cache: HIT TCP_MEM_HIT dirn:11:39985960
x-swift-savetime: Mon, 23 Jan 2023 09:00:22 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: deba11aa16744650985672719e
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 26d27425f3b3b28c293c532ed36a51fc
e91a3aba3f738ea0c9b759f171a661d3595ad134
f85142701680c43fe4c60498b534b1ff8a2b20e6a041eb0128690e2172016945
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 23 Jan 2023 09:11:44 GMT
Last-Modified: Sun, 22 Jan 2023 15:48:36 GMT
ETag: "63cd5ad4-1d7"
Expires: Tue, 24 Jan 2023 15:48:36 GMT
Cache-Control: max-age=110212
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1674465104
Via: cache4.l2de2[501,500,200-0,M], cache4.l2de2[502,0], cache5.se1[525,524,200-0,M], cache5.se1[526,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 23 Jan 2023 09:11:44 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916744651035841405e
img0.baidu.com/it/u=536463524,2669164011&fm=253&app=120&f=JPEG?w=1280&h=800
125.74.40.35200 OK 91 kB URL HTTP/1.1 img0.baidu.com/it/u=536463524,2669164011&fm=253&app=120&f=JPEG?w=1280&h=800
IP 125.74.40.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash ed6c1cf7cebdf0458e52e7d3a51be936
a63eafecc1ae8c0b6dba0bd724434fdce6dca330
bf551cb0a35f9b55d98674ac20b86f6681662973719eee92a7104ed3e6042f4b
GET /it/u=536463524,2669164011&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/jpeg
Content-Length: 90843
Connection: keep-alive
Expires: Wed, 08 Feb 2023 00:18:19 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: ed6c1cf7cebdf0458e52e7d3a51be936
Age: 368801
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 00:18:19 GMT
Ohc-Cache-HIT: plct74 [4], xaix52 [2]
Ohc-File-Size: 90843
X-Cache-Status: HIT
img0.baidu.com/it/u=2481906233,2768429225&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
118.180.40.35200 OK 26 kB URL HTTP/2 img0.baidu.com/it/u=2481906233,2768429225&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a0569f902129cf9d75beb5d30d222dd6
c35602875af4f5356fed61892ba4ad2cbe898fc0
3aa7c36b9f185b2623acec28d5f361609e4723d69b07f8e222cf8ada9fdea915
GET /it/u=2481906233,2768429225&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:44 GMT
content-type: image/webp
content-length: 26392
expires: Sat, 18 Feb 2023 04:11:37 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: a0569f902129cf9d75beb5d30d222dd6
age: 358588
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 04:11:37 GMT
ohc-cache-hit: lz5ct70 [4], bdix223 [2]
ohc-file-size: 26392
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1371779515,53198364&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500
118.180.40.35200 OK 58 kB URL HTTP/2 img2.baidu.com/it/u=1371779515,53198364&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d66eb979cb244e42da012a5c908dc501
30d5dbf786ee6e8386415c96fe8537e6d4b63bae
ca22bce8da220f71149971b77afa04c1cf4de3716a9bfa62eb33981d858fd9bf
GET /it/u=1371779515,53198364&fm=253&fmt=auto&app=138&f=PNG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:44 GMT
content-type: image/webp
content-length: 58180
expires: Tue, 21 Feb 2023 09:59:25 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d66eb979cb244e42da012a5c908dc501
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 09:59:25 GMT
ohc-cache-hit: lz5ct64 [2], czix196 [4]
ohc-file-size: 58180
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800
118.112.225.35200 OK 531 kB URL HTTP/1.1 img2.baidu.com/it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800
IP 118.112.225.35:0
File type PNG image data, 1422 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 531 kB (530895 bytes)
Hash c1fc233090e97e297d8132e74568465c
5f3d473ec63255cd6f954df0b191a5613c9b1530
b23ab16be1942307bcff953265de987ff99b54d0f121483896c072dbc25991c8
GET /it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:43 GMT
Content-Type: image/png
Content-Length: 530895
Connection: keep-alive
Expires: Wed, 01 Feb 2023 14:45:15 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: c1fc233090e97e297d8132e74568465c
Age: 906440
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 14:45:15 GMT
Ohc-Cache-HIT: cd6ct70 [3], csix70 [2]
Ohc-File-Size: 530895
X-Cache-Status: HIT
21155.url.tudown.com/uploads/images/203589.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/203589.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/203589.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=287844732,1379280611&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
img0.baidu.com/it/u=1969743145,2098174781&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
118.180.40.35200 OK 12 kB URL HTTP/2 img0.baidu.com/it/u=1969743145,2098174781&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d6cc0a4774fe703b2ef1eb3c41e26708
36ef9e0a74c7438113f29ea003e035af72b6b4fb
430533a08a612063992f0924dc3cf6d9360cd88be37163178fe01fe8c4891526
GET /it/u=1969743145,2098174781&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:44 GMT
content-type: image/webp
content-length: 12120
expires: Sat, 18 Feb 2023 09:51:41 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: d6cc0a4774fe703b2ef1eb3c41e26708
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 09:51:41 GMT
ohc-cache-hit: lz5ct62 [1], csix62 [4]
ohc-file-size: 12120
x-cache-status: MISS
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20200412/3048440661_14_800_572.jpg
125.64.104.35200 OK 68 kB URL HTTP/2 lupic.cdn.bcebos.com/20200412/3048440661_14_800_572.jpg
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x572, components 3\012- data
Hash 8a94b2f73ea810cdc0da1bcd19f8def1
7a7dac3fcb5959aa968acaa6b4f9934f660e3e65
1b294f3adb73e090160144ff690a3ba27381cf458b0f016e446b581064214485
GET /20200412/3048440661_14_800_572.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/jpeg
content-length: 67722
expires: Wed, 25 Jan 2023 13:40:31 GMT
last-modified: Mon, 13 Apr 2020 12:26:47 GMT
etag: "8a94b2f73ea810cdc0da1bcd19f8def1"
age: 70145
accept-ranges: bytes
content-md5: ipSy9z6oEM3A2hvNGfje8Q==
x-bce-content-crc32: 954598896
x-bce-debug-id: yf6AnTk1s8i2GbG9hwh+GymiW5FErfseMmbP5VoYs8xSzHUWB5n7M07rMUE+s4TPihUW2b9LlaXNM8zVyIEcIQ==
x-bce-request-id: a616788e-e9e7-4121-95e6-426a8da487e2
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 13:40:31 GMT
ohc-cache-hit: dy2ct113 [2], xiangyix113 [2]
ohc-file-size: 67722
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20191203/3018425820_14.jpg
125.64.104.35200 OK 44 kB URL HTTP/2 lupic.cdn.bcebos.com/20191203/3018425820_14.jpg
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 381x272, components 3\012- data
Hash 3c722206d21d6e4bbb293148d9c91e3f
6b8e8d99ddf294eb332d6412d47c584f5a9a6863
66446fa443f7af97dddd63924fa0ce5691c0c160c64adb5638c70a4ac7a59c38
GET /20191203/3018425820_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/jpeg
content-length: 43544
expires: Wed, 25 Jan 2023 03:17:59 GMT
last-modified: Tue, 03 Dec 2019 10:40:45 GMT
etag: "3c722206d21d6e4bbb293148d9c91e3f"
age: 27588
accept-ranges: bytes
content-md5: PHIiBtIdbku7KTFI2ckePw==
x-bce-content-crc32: 2947831683
x-bce-debug-id: dxvQuzm/4fX4IdmJBr/AABStazw1YXnQjWMcBP14GMcAp2vPPq2JvyvyW3W7uMdIiasGJ4dboDfi79phL31/Gg==
x-bce-request-id: c99bfbb2-d9e2-4a67-87c3-43df5729de98
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 03:17:59 GMT
ohc-cache-hit: dy2ct114 [2], suzix244 [2]
ohc-file-size: 43544
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/8427056_14.jpg
125.64.104.35200 OK 14 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/8427056_14.jpg
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash 036ad151e7906ec7ee8fc57fa31bd388
070ed32ad244f5e2c8d36fd3e4c8b7d47d7957fb
233d7223b9b705327e9666f9a0d0519227e115d3619c0e7e20b9edf2c450005e
GET /20210629/8427056_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/jpeg
content-length: 13529
expires: Thu, 26 Jan 2023 02:58:44 GMT
last-modified: Fri, 02 Jul 2021 17:26:36 GMT
etag: "036ad151e7906ec7ee8fc57fa31bd388"
age: 22133
accept-ranges: bytes
content-md5: A2rRUeeQbsfuj8V/oxvTiA==
x-bce-content-crc32: 0
x-bce-debug-id: kUsW6SoTH7kpRcL+l+1MCnQ3pQBnFL8dIpIwieFl3a4zN0gdPtC1H7WTzDeIDJztlzOfpsAboDKWd83UDKzLjQ==
x-bce-request-id: 1a9cd3ee-266d-4cfb-9f15-da3f556babaf
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:58:44 GMT
ohc-cache-hit: dy2ct75 [2], bdix75 [4]
ohc-file-size: 13529
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/1549516_14.jpg
125.64.104.35200 OK 20 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/1549516_14.jpg
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 280x200, components 3\012- data
Hash d68810ef64506e0c07b42977570e56dd
5ab6c876da3a6aaaa50c14484e9f6ab2dbf4becf
7c6f69a155b344858f36cafde7631422c5b5148b2cc6d09f0f3949cbb6a93337
GET /20210629/1549516_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/jpeg
content-length: 20127
expires: Tue, 24 Jan 2023 09:06:19 GMT
last-modified: Wed, 30 Jun 2021 18:21:52 GMT
etag: "d68810ef64506e0c07b42977570e56dd"
age: 173122
accept-ranges: bytes
content-md5: 1ogQ72RQbgwHtCl3Vw5W3Q==
x-bce-content-crc32: 0
x-bce-debug-id: Pzg4d1IRhgedxPM7QdCCh7Be+GkZOOrU2czNsULbZyBewKQliuw5oAokRpAqL5uDOzgGyc6/RMDetnCr76bJpQ==
x-bce-request-id: 9ad714cc-3873-47e9-aa73-8683399ea6fc
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 09:06:19 GMT
ohc-cache-hit: dy2ct65 [2], csix65 [4]
ohc-file-size: 20127
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=287844732,1379280611&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
118.180.40.35200 OK 13 kB URL HTTP/2 img1.baidu.com/it/u=287844732,1379280611&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6e905ed82df93f06db20785cef8db54d
f4513f2026d2fbedd1b8146e78c881d30c45fa54
c52d3c370b581a72105e0f514c99cc64fab2dc42f060057b7705b7c1d3639819
GET /it/u=287844732,1379280611&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:44 GMT
content-type: image/webp
content-length: 13216
expires: Sun, 05 Feb 2023 06:02:59 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 6e905ed82df93f06db20785cef8db54d
age: 271232
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 06:02:59 GMT
ohc-cache-hit: lz5ct55 [4], czix171 [2]
ohc-file-size: 13216
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20220719/3087089688_14_559_399.jpg
125.64.104.35200 OK 33 kB URL HTTP/2 lupic.cdn.bcebos.com/20220719/3087089688_14_559_399.jpg
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 559x399, components 3\012- data
Hash b01a9347d4a5ad412abb172220e075c1
51d8bdaf3283d60e4ee8940c43a5cddcc6358ebf
95223a3e9e7cf0903745c983f59bb48207e351b18bd02ca2f353c54c7c9e9f8d
GET /20220719/3087089688_14_559_399.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/jpeg
content-length: 32881
expires: Mon, 23 Jan 2023 09:45:17 GMT
last-modified: Wed, 20 Jul 2022 04:55:24 GMT
etag: "b01a9347d4a5ad412abb172220e075c1"
age: 202952
accept-ranges: bytes
content-md5: sBqTR9SlrUEquxciIOB1wQ==
x-bce-content-crc32: 374664137
x-bce-debug-id: ywsrxrcZSyh5auk5uU8QVyZ6fHJVoyXOPwUemhaIfGh6IqWXkp5OkIZGeTbO2nqudwRuXdbdRRwrXHBr8K5cbw==
x-bce-request-id: c8d0d33a-8cc6-4bbd-acd3-5b2aa630316f
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 09:45:17 GMT
ohc-cache-hit: dy2ct67 [4], xiangyix67 [2]
ohc-file-size: 32881
x-cache-status: HIT
X-Firefox-Spdy: h2
21155.url.tudown.com/uploads/images/491007.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/491007.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/491007.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2606486281,2089081943&fm=224&app=112&f=JPEG?w=500&h=500
21155.url.tudown.com/uploads/images/575696.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 21155.url.tudown.com/uploads/images/575696.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/575696.jpg HTTP/1.1
Host: 21155.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://21155.url.tudown.com/xiaz/usb2.0%E9%80%9A%E7%94%A8%E9%A9%B1%E5%8A%A8forwinxpwin2003win7win8@719_113726.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 23 Jan 2023 09:11:44 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1943610192,195637013&fm=253&fmt=auto&app=138&f=JPG?w=500&h=692
t14.baidu.com/it/u=2606486281,2089081943&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 49 kB URL HTTP/1.1 t14.baidu.com/it/u=2606486281,2089081943&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 73d38be5dd2e3595e3fc08021e2a7f9b
f4d7e836bfb938459c624720169ea9b959f3c8df
e201d6dc944df1dea1c65dde963c296836a15138a602424061247a192d935c23
GET /it/u=2606486281,2089081943&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://21155.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Mon, 23 Jan 2023 09:11:44 GMT
Content-Type: image/jpeg
Content-Length: 49217
Connection: keep-alive
Expires: Fri, 03 Feb 2023 13:32:35 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 73d38be5dd2e3595e3fc08021e2a7f9b
Age: 993356
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 13:32:35 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache65 [1], wzix70 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 49217
X-Cache-Status: HIT
Timing-Allow-Origin: *
lupic.cdn.bcebos.com/20191203/3015435591_14.jpg
125.64.104.35200 OK 68 kB URL HTTP/2 lupic.cdn.bcebos.com/20191203/3015435591_14.jpg
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 572x408, components 3\012- data
Hash c6af23089399187d29e30673f9882153
7598d437a753eaea243008b462e37e09db996e10
bed3ad8f37cb4243e2e2185a1dfcfadbcd089431faa15b82c23b2e29342168be
GET /20191203/3015435591_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/jpeg
content-length: 67561
expires: Tue, 24 Jan 2023 03:57:10 GMT
last-modified: Tue, 03 Dec 2019 02:12:45 GMT
etag: "c6af23089399187d29e30673f9882153"
age: 190749
accept-ranges: bytes
content-md5: xq8jCJOZGH0p4wZz+YghUw==
x-bce-content-crc32: 148761876
x-bce-debug-id: EeDt9sh4KNgZri6BNmxRDSXQvxK0/3bpwJWV/7rr+mS5oLo5BqRjF1gmOucv77gCXuWbdoIFf/gvd23J7o0IkQ==
x-bce-request-id: 2852a1e8-5c84-4679-b835-09d0b03ea88f
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 03:57:10 GMT
ohc-cache-hit: dy2ct87 [2], wzix87 [4]
ohc-file-size: 67561
x-cache-status: HIT
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20210629/3000004042_14.jpg
125.64.104.35200 OK 44 kB URL HTTP/2 lupic.cdn.bcebos.com/20210629/3000004042_14.jpg
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 400x267, components 3\012- data
Hash c1768649f926c3f7cdec8842b1805595
d5208635e08c5e0dd608441b75ef03154a070936
ad975001708fc6b442329affb7449f9042da26bfb5b1277938075e8be4af7806
GET /20210629/3000004042_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:43 GMT
content-type: image/jpeg
content-length: 43696
expires: Thu, 26 Jan 2023 07:45:56 GMT
last-modified: Fri, 02 Jul 2021 17:08:01 GMT
etag: "c1768649f926c3f7cdec8842b1805595"
accept-ranges: bytes
content-md5: wXaGSfkmw/fN7IhCsYBVlQ==
x-bce-content-crc32: 0
x-bce-debug-id: p8bWiJu2J39XPZWxaGYZoI8uOtzBBmUPpM9Vzmh/JIqIctSg1vMTZG9JXP3qlokkLzryzZaHDHpMpV2aSAKRzg==
x-bce-request-id: 6b7a97f1-3d7e-4d9d-b549-712712898b14
x-bce-restore-cache: -
x-bce-restore-tier: -
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 07:45:56 GMT
ohc-cache-hit: dy2ct66 [2], xiangyix130 [2]
ohc-file-size: 43696
x-cache-status: MISS
X-Firefox-Spdy: h2
bdcode.2345.com/js/logo/js/logo.js
42.81.8.130200 OK 34 kB URL HTTP/2 bdcode.2345.com/js/logo/js/logo.js
IP 42.81.8.130:0
Hash 4ad2545a1c86fc75974ceff46ab3bc8a
954cf5f10ee00eea3030377ef0ff3ac6e67ff635
a97075d1741fcb286c597744b31a7f807555f9b22d61a07f93c4cc846caa50aa
Analyzer Verdict Alert fortinet Malware
GET /js/logo/js/logo.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: application/x-javascript
date: Mon, 23 Jan 2023 09:11:42 GMT
etag: W/"639b0691-371a"
expires: Mon, 23 Jan 2023 10:11:42 GMT
last-modified: Thu, 15 Dec 2022 11:35:45 GMT
p3p: CP=" OTI DSP COR IVA OUR IND COM "
server: yunjiasu
yjs-id: c1657213b29f37e0-143
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1943610192,195637013&fm=253&fmt=auto&app=138&f=JPG?w=500&h=692
118.180.40.35200 OK 29 kB URL HTTP/2 img0.baidu.com/it/u=1943610192,195637013&fm=253&fmt=auto&app=138&f=JPG?w=500&h=692
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x692, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01a6c3f075982e7b367186edc2087ff3
c3b2b1a9dab470fe66094d32e06b3949e877045d
20451848744ba14479f0303bffccd4262b6acda4f97278dbdaeca237334fa872
GET /it/u=1943610192,195637013&fm=253&fmt=auto&app=138&f=JPG?w=500&h=692 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:45 GMT
content-type: image/webp
content-length: 29182
expires: Fri, 17 Feb 2023 06:18:39 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 01a6c3f075982e7b367186edc2087ff3
age: 365938
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 06:18:39 GMT
ohc-cache-hit: lz5ct59 [4], qdix150 [2]
ohc-file-size: 29182
x-cache-status: HIT
X-Firefox-Spdy: h2
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.207200 OK 0 B URL HTTP/2 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.207:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://21155.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
strict-transport-security: max-age=5184000
date: Mon, 23 Jan 2023 09:11:01 GMT
last-modified: Wed, 06 Nov 2019 08:19:39 GMT
etag: W/"5dc2821b-4c53"
vary: Accept-Encoding, Accept-Encoding
expires: Tue, 22 Nov 2022 14:45:06 GMT
cache-control: max-age=600
ali-swift-global-savetime: 1674465061
via: cache1.l2de2[432,432,304-0,M], cache3.l2de2[433,0], cache8.se1[0,0,200-0,H], cache7.se1[2,0]
age: 37
x-cache: HIT TCP_MEM_HIT dirn:11:365591927
x-swift-savetime: Mon, 23 Jan 2023 09:11:01 GMT
x-swift-cachetime: 600
content-encoding: br
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
timing-allow-origin: *
eagleid: 2ff62c9b16744650982256847e
X-Firefox-Spdy: h2
lupic.cdn.bcebos.com/20191203/3017144400_14.jpg
125.64.104.35200 OK 0 B URL HTTP/2 lupic.cdn.bcebos.com/20191203/3017144400_14.jpg
IP 125.64.104.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
GET /20191203/3017144400_14.jpg HTTP/1.1
Host: lupic.cdn.bcebos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.baidu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Mon, 23 Jan 2023 09:11:44 GMT
content-type: image/jpeg
content-length: 35147
expires: Mon, 23 Jan 2023 14:13:08 GMT
last-modified: Tue, 03 Dec 2019 08:44:31 GMT
etag: "b4ad3d67b568055df003e7b9927487d0"
age: 210243
accept-ranges: bytes
content-md5: tK09Z7VoBV3wA+e5knSH0A==
x-bce-content-crc32: 2264054822
x-bce-debug-id: R8e/MUd0rptdnThu4PmKajctC3QRLwDeAMybbqRRoC2Cb0oxA0TDDKa8RKqHmE/DksEUOKae+sH8y2sLegJVlQ==
x-bce-request-id: 743653fc-9ae9-4162-8b51-c4b24d86e536
x-bce-storage-class: STANDARD
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 14:13:08 GMT
ohc-cache-hit: dy2ct51 [4], qdix51 [2]
ohc-file-size: 35147
x-cache-status: HIT
X-Firefox-Spdy: h2