r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5266
Expires: Wed, 25 Jan 2023 04:29:49 GMT
Date: Wed, 25 Jan 2023 03:02:03 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18860
Expires: Wed, 25 Jan 2023 08:16:23 GMT
Date: Wed, 25 Jan 2023 03:02:03 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6237
Expires: Wed, 25 Jan 2023 04:46:00 GMT
Date: Wed, 25 Jan 2023 03:02:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 02:42:47 GMT
content-type: application/json
age: 1156
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FdNGLlHprNRrH54Dhi6osWwxdnkMKuswjE/LTGT/yRvOPjDtAGp6SAz5BBPWeZy5l2gbqb5Wy4E=
x-amz-request-id: DEKAEZQQCNPJPDBA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 02:48:24 GMT
age: 819
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 03:02:03 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 02:48:59 GMT
age: 784
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
154.218.151.71200 OK 7.9 kB URL HTTP/1.1 16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (478), with CRLF, LF line terminators
Hash 8cabe9f78a884d9191264725a5a97457
02461fafe590baccbea2528fe2c1f2d3e73745cd
31a7ae2d2c7f086e689c01030bca79cf91619b1ceb8fd687ee50463eb826a591
Analyzer Verdict Alert fortinet Malware
GET /xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18269
Expires: Wed, 25 Jan 2023 08:06:33 GMT
Date: Wed, 25 Jan 2023 03:02:04 GMT
Connection: keep-alive
16693.url.tudown.com/template/company/1014xiazai/css/base.css
154.218.151.71200 OK 3.2 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/css/base.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash b752c4d83249982bcbcd13a723247bc0
1ccb18e4440bb1209190670ad392ceb8418d6b01
cbdadd44ddee5bd601b32c82c1946469bb2fe3bb6f99167a0a59ed2d2ebb4d0d
GET /template/company/1014xiazai/css/base.css HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:04 GMT
Content-Type: text/css
Last-Modified: Wed, 14 Oct 2020 04:36:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86806a-29c1"
Expires: Wed, 25 Jan 2023 15:02:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 16693.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
44.228.217.71101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.217.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z1EN3pCV7eFfmhZznth+GA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e1xBexjdHkKZewO7800LP8fhvGY=
16693.url.tudown.com/template/company/1014xiazai/css/style3500.css
154.218.151.71200 OK 12 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/css/style3500.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (1113)
Hash caee2cfa3291c35837be265cfc3e168c
2abdd423b8b6351b26d52da1faa5517fc76c1730
0f7482f2f6732e4b7f55fdd2eb6e41acb5864a53f19c404728652eabe9923dea
GET /template/company/1014xiazai/css/style3500.css HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:04 GMT
Content-Type: text/css
Last-Modified: Wed, 14 Oct 2020 04:36:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86806a-c99c"
Expires: Wed, 25 Jan 2023 15:02:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/plugins.count.js
154.218.151.71200 OK 683 B URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/plugins.count.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (525), with CRLF line terminators
Hash 9279ffdda939f259cbd5bd201b72ab71
12395c3521b33935aee973d761bf424add3a1e36
76fb346f9b8c62f7da6a752511aa20e147069607a28eb98fb843b650a2c6c203
GET /template/company/1014xiazai/js/plugins.count.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:04 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868082-609"
Expires: Wed, 25 Jan 2023 15:02:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/screenshots.js
154.218.151.71200 OK 1.7 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/screenshots.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (3463), with CRLF line terminators
Hash 5f2d7d98f138edb321f4806bfcd16ca8
fac55732cfd8b6536b6ca8c257f3e1d11cfdf199
c9435192fb089165cfec52d7ab8f807a2b8a0fa533014bb9da0f659719e70d08
GET /template/company/1014xiazai/js/screenshots.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:04 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868072-1219"
Expires: Wed, 25 Jan 2023 15:02:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/jquery.uploadify.min.js
154.218.151.71200 OK 548 B URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/jquery.uploadify.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
GET /template/company/1014xiazai/js/jquery.uploadify.min.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:04 GMT
Content-Type: application/javascript
Content-Length: 548
Last-Modified: Wed, 14 Oct 2020 04:37:19 GMT
Connection: keep-alive
ETag: "5f86807f-224"
Expires: Wed, 25 Jan 2023 15:02:04 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
16693.url.tudown.com/template/company/1014xiazai/js/member.js
154.218.151.71200 OK 12 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/member.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, Unicode text, UTF-8 text, with very long lines (364), with CRLF line terminators
Hash a95b815530baa4c6efdad8929348d846
fb59238a8fa4c6e4b25dbd8956a7a4b4f8bdbff3
e0ac53257204eb74bc8c9c87b8fcbd55037c972324f10b1904d0610db932b555
GET /template/company/1014xiazai/js/member.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:04 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868082-ceda"
Expires: Wed, 25 Jan 2023 15:02:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/global.js
154.218.151.71200 OK 2.8 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (345), with CRLF line terminators
Hash 26b58b731bc22007a9514da5788e5639
ff7a2a214e6a44becf3dd6bc1f70cbf3272d0695
7fc9b78cfc935e6eed582efc9002a03bdabeccfa6be21925c960248083b86113
GET /template/company/1014xiazai/js/global.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:04 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86806e-1879"
Expires: Wed, 25 Jan 2023 15:02:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/jquery-1.8.2.min.js
154.218.151.71200 OK 38 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/jquery-1.8.2.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65480)
Hash e96252242dc7d419f1f3d2ca4a1dec5d
b16a288a9bdc1b1050c1bee256dde6de54166b83
f62af873d226a9a37ba6bc7385d50888f03a99785135547f03b4aeec63a81fa1
GET /template/company/1014xiazai/js/jquery-1.8.2.min.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:04 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868082-16e8c"
Expires: Wed, 25 Jan 2023 15:02:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/loading.js
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/loading.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, Unicode text, UTF-8 text, with very long lines (613), with CRLF line terminators
Hash 2422ef78f8b0e865bc47afdacbc60161
f3cb0bf96ba8a395b5587fd8d74243e7572894b7
8ebd398c983e3d9b329d44bcdd9be269243b9838e0fcdbfcd3a814bc1255b39b
GET /template/company/1014xiazai/js/loading.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:04 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86807e-1d0e"
Expires: Wed, 25 Jan 2023 15:02:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0c6a0dcd28b9e50bc813b8d067f6a74b
65b7850c6a51528bdde393c6789e30664773fbdd
8aa1ffed18b6d8689a9fdc4fd5e0c6abdd21d27eec4e24b37463bb64a790fd99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AA1FFED18B6D8689A9FDC4FD5E0C6ABDD21D27EEC4E24B37463BB64A790FD99"
Last-Modified: Tue, 24 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18537
Expires: Wed, 25 Jan 2023 08:11:02 GMT
Date: Wed, 25 Jan 2023 03:02:05 GMT
Connection: keep-alive
16693.url.tudown.com/uploads/images/171926.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/171926.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/171926.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2964727932,3345021713&fm=253&fmt=auto&app=138&f=JPEG?w=786&h=500
16693.url.tudown.com/uploads/images/761168.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/761168.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/761168.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3520885336,2242553181&fm=224&app=112&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/461068.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/461068.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/461068.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3240122246,1921865132&fm=224&app=112&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/794868.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/794868.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/794868.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1947393586,2998816175&fm=253&fmt=auto&app=120&f=JPEG?w=584&h=365
16693.url.tudown.com/uploads/images/208978.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/208978.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/208978.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2762925853,3960277089&fm=253&fmt=auto&app=138&f=PNG?w=800&h=500
16693.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec422jpzvwuttzjkhfsoa6llvc42oi3zfyvxs37ay&w=250
154.218.151.71200 OK 3.3 kB URL HTTP/1.1 16693.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec422jpzvwuttzjkhfsoa6llvc42oi3zfyvxs37ay&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 2e23879cea87bf50ba0c984232e7535a
a8bbcc867b30cdd2c97fb79cfa11b0c0a70c4f61
323a3172d08b78c88c828f0152309136263ce2c12321230e9a7e7f96b0e3e71a
GET /uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec422jpzvwuttzjkhfsoa6llvc42oi3zfyvxs37ay&w=250 HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
t14.baidu.com/it/u=3240122246,1921865132&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t14.baidu.com/it/u=3240122246,1921865132&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a38678a58fc6d092b6828e221c2147d4
7876455dcb8d1e8f530726a76389045c36673a1a
8de5ff55aecd83b311ac700efd3db7f1577019ba00af78d5a9cb9a8691878581
GET /it/u=3240122246,1921865132&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpeg
Content-Length: 44274
Connection: keep-alive
Expires: Thu, 02 Feb 2023 04:34:17 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: a38678a58fc6d092b6828e221c2147d4
Age: 1144690
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 04:34:16 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache51 [4], bdix156 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 44274
X-Cache-Status: HIT
Timing-Allow-Origin: *
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash e118b4aa46bb3e8a96489e01c5b9a753
0ee04028647671e48ad7e2104143d40f29035285
b36318c16c700bbb072f0476b8105cce4174af4c58b54e3c5c9cefb9258e018a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 28 Jan 2023 23:30:15 GMT
ETag: "0ee04028647671e48ad7e2104143d40f29035285"
Last-Modified: Tue, 24 Jan 2023 23:30:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 809
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78edc49cff83b524-OSL
16693.url.tudown.com/template/company/1014xiazai/images/icos.png
154.218.151.71200 OK 15 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/images/icos.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 166 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash a4e686563c8daf2f139cc5c6629d2730
ad2a8926a53aa4f3e6de38b4e63a017182f8b514
38b01bc71af931846808835315e85841cd7bd42c640b0656b276cc5aeff018c4
GET /template/company/1014xiazai/images/icos.png HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/template/company/1014xiazai/css/base.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/png
Content-Length: 15004
Last-Modified: Wed, 14 Oct 2020 05:48:52 GMT
Connection: keep-alive
ETag: "5f869144-3a9c"
Accept-Ranges: bytes
16693.url.tudown.com/uploads/images/399844.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/399844.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/399844.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3282216392,167525344&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500
16693.url.tudown.com/uploads/images/150233.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/150233.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/150233.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805
16693.url.tudown.com/uploads/images/776168.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/776168.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/776168.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3716701316,842787082&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6135
Expires: Wed, 25 Jan 2023 04:44:20 GMT
Date: Wed, 25 Jan 2023 03:02:05 GMT
Connection: keep-alive
16693.url.tudown.com/uploads/images/925435.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/925435.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/925435.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4167799717,3525246137&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6135
Expires: Wed, 25 Jan 2023 04:44:20 GMT
Date: Wed, 25 Jan 2023 03:02:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fa8338e574e2b8272ad3ca7cd9d1d63
298cafecdcac99de25fe5c2c4c993487f73ced6b
f75c20ebc4c0db2df40d958337cd87768714bdf53a48609ad0f97b7129b0b100
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6715
x-amzn-requestid: c808c9d9-bbbb-43ff-ab15-33074a760093
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BO5En_oAMFTzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648c5-67151eb46f5a10b0732fbd09;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0pvebF903zoRPgzBK2gxMlcYQTurylOzzCfOO07hYCG5aD7wX_fl9g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 09:51:11 GMT
age: 61854
etag: "298cafecdcac99de25fe5c2c4c993487f73ced6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3ceda828750acf5ac7c837612a6e0f
f6364de0805cf3cfe66d19293085da16a2c2f832
baa0cb6e3cec7f840477dfdcea518968f5b72a828dbd346abb09e2d3e3aa3bee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9091
x-amzn-requestid: c5849f51-8fc6-40c0-a1e3-9deb74e06c59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRE7TEzxoAMFmuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d04eae-22d80a0c3e6485dd62f420ef;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 21:33:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U8Pd9ECOLiB-ZaqU46162mJRnAYfNE3O5Zi_yaYTk_oNNm2xHNgQSQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:38:40 GMT
age: 19405
etag: "f6364de0805cf3cfe66d19293085da16a2c2f832"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6135
Expires: Wed, 25 Jan 2023 04:44:20 GMT
Date: Wed, 25 Jan 2023 03:02:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42c8799a-4bfb-409b-9789-78388344ffa6.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42c8799a-4bfb-409b-9789-78388344ffa6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd550f762800dcbbd86f599c1283050b
f003c2a8a841d70c0c77d28362aa855e5c4826ae
f5d669beac28d5dd73b7850b601b965d41a6192d8dc226c65a2eb85bdb5b77e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42c8799a-4bfb-409b-9789-78388344ffa6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7266
x-amzn-requestid: 97a4233c-38fc-461a-afb5-d89b3f25681b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFHVkGsmIAMFqEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb85bd-634989b11d1b5c7b0e047f57;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:27:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cgsCHmWkKtiMLK9_i-TqXW4dQB2AFgdkZ-U3-5Mpr7YcStQIpAaiGw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 19:56:36 GMT
age: 25529
etag: "f003c2a8a841d70c0c77d28362aa855e5c4826ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
t13.baidu.com/it/u=3520885336,2242553181&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 65 kB URL HTTP/1.1 t13.baidu.com/it/u=3520885336,2242553181&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6d90b3b823ac9ee222733e06736226e0
a1643e30a1672931ad760876aca82df910bfe13a
37edc99f85f4baaedbfa8608309a848e1f328b899ec980e8d6f7441d29978a52
GET /it/u=3520885336,2242553181&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpeg
Content-Length: 65055
Connection: keep-alive
Expires: Tue, 14 Feb 2023 19:30:35 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 6d90b3b823ac9ee222733e06736226e0
Age: 522133
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 19:30:35 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache55 [1], czix190 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 65055
X-Cache-Status: HIT
Timing-Allow-Origin: *
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6135
Expires: Wed, 25 Jan 2023 04:44:20 GMT
Date: Wed, 25 Jan 2023 03:02:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d10114508bd40d76f497fc5b9c064350
c9b86b2b27063e0a58b0f237d451f9cf05b2122d
a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8252
x-amzn-requestid: a5a39d22-de0e-4b2e-b3e2-aad1d0090881
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtiHo7oAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-0cd78ff23e91baf668276053;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s8JWGyQ0pTWcaGk0n2PQOpAhjKLuNlbI4wCZAidzoBR5RQreO2rh9g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 07:38:13 GMT
age: 69832
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6135
Expires: Wed, 25 Jan 2023 04:44:20 GMT
Date: Wed, 25 Jan 2023 03:02:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K73B093GBbsf85ny_o8fc9oE417nJBFlH0eEdhiifeQk3KG5Q-HHdg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 07:54:32 GMT
age: 68853
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/42297.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/42297.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/42297.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1961172537,857042196&fm=224&app=112&f=JPEG?w=500&h=500
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a73392615d623dc852bdab43c9f133
3a5ac9f9831aa4c735d335e7d24e9ccc5e1ee0d4
edc11bdc8b40a513dc62b32f7eff0ba1f80db27208bd80bd16235da3c369157b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5732
x-amzn-requestid: d59f1165-e5c8-4a43-a7be-32f0d9ef2ff1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFK9EFNjIAMF5hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb8b86-1f8d46827f84aa3119e4195c;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:51:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x0-Cy2E3bQp52z6h4jB6wQ4xAEM5vuuVBPc4A6ZNfv_zbgBsbWDbtA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 15:21:30 GMT
age: 42035
etag: "3a5ac9f9831aa4c735d335e7d24e9ccc5e1ee0d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/726263.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/726263.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/726263.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3232623703,2122411144&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=699
16693.url.tudown.com/uploads/images/895440.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/895440.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/895440.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3204007935,2412746479&fm=253&app=120&f=JPEG?w=1280&h=800
16693.url.tudown.com/uploads/images/126617.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/126617.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/126617.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3081687039,2677475859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
16693.url.tudown.com/uploads/images/946344.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/946344.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/946344.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1239744570,2671672510&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=1239744570,2671672510&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 58 kB URL HTTP/1.1 t14.baidu.com/it/u=1239744570,2671672510&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 8753c67fc388d73f5f304433b1444a7f
defffa1ef2684c2c7a36561c076b9605e4574699
4e18382c201ada3be60600402fffa3c553735cceed3282563a700b8741627aec
GET /it/u=1239744570,2671672510&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpeg
Content-Length: 58130
Connection: keep-alive
Expires: Tue, 21 Feb 2023 01:11:51 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 8753c67fc388d73f5f304433b1444a7f
Age: 150533
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 01:11:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache55 [1], xiangyix205 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 58130
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1961172537,857042196&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 27 kB URL HTTP/1.1 t15.baidu.com/it/u=1961172537,857042196&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 6fe24e19b0f6369fc494efe1fe0c2f77
9d8b029f2ce7d279c5c2bda71db6e1aad2dc44c0
c46ee8993e733ddf51921e6509761547689726477353b0540c7b929ba1a3cd51
GET /it/u=1961172537,857042196&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpeg
Content-Length: 26714
Connection: keep-alive
Expires: Mon, 30 Jan 2023 10:57:19 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 6fe24e19b0f6369fc494efe1fe0c2f77
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 31 Dec 2022 10:57:18 GMT
Ohc-Upstream-Trace: 121.228.171.187; 58.20.204.52
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [1], zhuzuncache52 [1], suzix187 [4]
Ohc-Response-Time: 1 0 0 0 272 272
Ohc-File-Size: 26714
X-Cache-Status: MISS
Timing-Allow-Origin: *
16693.url.tudown.com/uploads/images/424940.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/424940.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/424940.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=621734655,761967927&fm=253&fmt=auto&app=138&f=JPEG?w=498&h=500
16693.url.tudown.com/uploads/images/159249.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/159249.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/159249.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2117841259,1764709204&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=2117841259,1764709204&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 94 kB URL HTTP/1.1 t15.baidu.com/it/u=2117841259,1764709204&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 142701c38b7d10a7a0235b6fbf399933
cf73a22495f05d8d1625d0af26329187b4dcc378
d4a634c13f5668699f6163a22eb7a6fb0c06e3081f7dca39f5803a94c0b97698
GET /it/u=2117841259,1764709204&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpeg
Content-Length: 94379
Connection: keep-alive
Expires: Wed, 25 Jan 2023 09:44:26 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 142701c38b7d10a7a0235b6fbf399933
Age: 2246640
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 09:44:26 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache129 [1], suzix199 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 94379
X-Cache-Status: HIT
img0.baidu.com/it/u=1947393586,2998816175&fm=253&fmt=auto&app=120&f=JPEG?w=584&h=365
113.219.142.35200 OK 12 kB URL HTTP/2 img0.baidu.com/it/u=1947393586,2998816175&fm=253&fmt=auto&app=120&f=JPEG?w=584&h=365
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 584x365, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 83a4ef44eb6574b2b7ee602f3771e013
db53476d5b16ed7fa54ca537e202f3a3a785de5c
605b507573e5382e84281595f3db13748d624a7a8d0c5ed286fa9d694b3df1c4
GET /it/u=1947393586,2998816175&fm=253&fmt=auto&app=120&f=JPEG?w=584&h=365 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 12022
expires: Fri, 27 Jan 2023 07:05:48 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 83a4ef44eb6574b2b7ee602f3771e013
age: 931
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 07:05:48 GMT
ohc-cache-hit: chenzct56 [4], xiangyix136 [2]
ohc-file-size: 12022
x-cache-status: HIT
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/975307.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/975307.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/975307.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1362541264,1232285913&fm=253&fmt=auto&app=138&f=JPEG?w=356&h=500
16693.url.tudown.com/uploads/images/668574.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/668574.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/668574.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3053061917,372692374&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
16693.url.tudown.com/uploads/images/612791.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/612791.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/612791.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1690274892,2625327171&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=462
16693.url.tudown.com/uploads/images/367857.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/367857.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/367857.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3602790367,1542241447&fm=253&fmt=auto?w=1280&h=800
img2.baidu.com/it/u=3282216392,167525344&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500
58.216.66.35200 OK 29 kB URL HTTP/2 img2.baidu.com/it/u=3282216392,167525344&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be0c7956a8afd1cebce0c7e96d0c439a
2495e89748e890b85f9244377e4e614d6a2d5bbb
fec3577e351fe7851c53121c325a31f0558bae81d909fc0172620c2b0f7304a0
GET /it/u=3282216392,167525344&fm=253&fmt=auto&app=138&f=JPEG?w=750&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:05 GMT
content-type: image/webp
content-length: 28978
expires: Thu, 26 Jan 2023 08:03:01 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: be0c7956a8afd1cebce0c7e96d0c439a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 08:03:01 GMT
ohc-cache-hit: cz4ct59 [1], qdix154 [4]
ohc-file-size: 28978
x-cache-status: MISS
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/795048.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/795048.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/795048.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2631872643,539594493&fm=253&fmt=auto&app=138&f=JPEG?w=950&h=500
16693.url.tudown.com/uploads/images/750327.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/750327.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/750327.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4204260096,1923555828&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=539
img0.baidu.com/it/u=3081687039,2677475859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
113.219.142.35200 OK 36 kB URL HTTP/2 img0.baidu.com/it/u=3081687039,2677475859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec0cddedb1b7ac3d3f9e939b70fdac1f
d04ac53647809df0776171bdce6b9fdced4dd315
c71541d614ec600c60f3face200d0a77af7aca7eeadad09b3bc925ad8f9c22a6
GET /it/u=3081687039,2677475859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 35570
expires: Mon, 20 Feb 2023 14:09:41 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ec0cddedb1b7ac3d3f9e939b70fdac1f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 14:09:41 GMT
ohc-cache-hit: chenzct85 [1], czix238 [2]
ohc-file-size: 35570
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2964727932,3345021713&fm=253&fmt=auto&app=138&f=JPEG?w=786&h=500
111.225.213.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=2964727932,3345021713&fm=253&fmt=auto&app=138&f=JPEG?w=786&h=500
IP 111.225.213.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 786x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3ea3167b92017b6208f72fd72e72b69e
f1af1b69ef5a5e5ac26745495c45744000a73f44
8efc1acec0643c46b0ce67f94977d01ba6bd630c20b80121d2b51543186464bc
GET /it/u=2964727932,3345021713&fm=253&fmt=auto&app=138&f=JPEG?w=786&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 28450
expires: Wed, 22 Feb 2023 02:16:11 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 3ea3167b92017b6208f72fd72e72b69e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:16:11 GMT
ohc-cache-hit: lf6ct85 [1], wzix103 [4]
ohc-file-size: 28450
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3716701316,842787082&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
111.225.213.35200 OK 25 kB URL HTTP/2 img1.baidu.com/it/u=3716701316,842787082&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
IP 111.225.213.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f122651d252548a065af656750966246
ced946ac0ebd45ff05be51d40f0a2dfc45090648
514b2780faf2b100e422219bc8d6b335fee08c88402f16edc9167c641fff2c46
GET /it/u=3716701316,842787082&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 24708
expires: Thu, 02 Feb 2023 13:43:03 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: f122651d252548a065af656750966246
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 13:43:03 GMT
ohc-cache-hit: lf6ct86 [1], wzix86 [4]
ohc-file-size: 24708
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3232623703,2122411144&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=699
113.219.142.35200 OK 32 kB URL HTTP/2 img0.baidu.com/it/u=3232623703,2122411144&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=699
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x699, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 207f4100f22f0eef70acc60ddadbbe3e
1d4e6a66b109e3273a63461454a67440d3478fcf
d7e02ed22d7473bb9fd8349ec9aab673a52b2984ff83a33ea7aa80d53bd8491a
GET /it/u=3232623703,2122411144&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=699 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 32398
expires: Tue, 07 Feb 2023 19:50:53 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 207f4100f22f0eef70acc60ddadbbe3e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 19:50:53 GMT
ohc-cache-hit: chenzct51 [1], csix51 [4]
ohc-file-size: 32398
x-cache-status: MISS
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/16306.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/16306.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/16306.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3353001573,3703188798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=688
img1.baidu.com/it/u=621734655,761967927&fm=253&fmt=auto&app=138&f=JPEG?w=498&h=500
111.225.213.35200 OK 31 kB URL HTTP/2 img1.baidu.com/it/u=621734655,761967927&fm=253&fmt=auto&app=138&f=JPEG?w=498&h=500
IP 111.225.213.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 498x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 48ffa5a90f8f567e262131837de1de9a
939bc437e2d57129a29d08f1aabae58046d36e0e
3d90dc4c6b7c6938f8e8f544cf572907c14700a8f3975762c50115b4067ee149
GET /it/u=621734655,761967927&fm=253&fmt=auto&app=138&f=JPEG?w=498&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 30778
expires: Thu, 26 Jan 2023 10:31:48 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 48ffa5a90f8f567e262131837de1de9a
age: 130991
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 10:31:48 GMT
ohc-cache-hit: lf6ct68 [4], wzix68 [4]
ohc-file-size: 30778
x-cache-status: HIT
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/752788.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/752788.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/752788.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=170427542,2244280239&fm=253&app=120&f=JPEG?w=1280&h=800
16693.url.tudown.com/uploads/images/499153.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/499153.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/499153.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3324626083,3198221996&fm=253&app=120&f=JPEG?w=1280&h=800
16693.url.tudown.com/uploads/images/694803.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/694803.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/694803.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=968959547,2431699162&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=2762925853,3960277089&fm=253&fmt=auto&app=138&f=PNG?w=800&h=500
58.216.66.35200 OK 121 kB URL HTTP/2 img2.baidu.com/it/u=2762925853,3960277089&fm=253&fmt=auto&app=138&f=PNG?w=800&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 121 kB (121254 bytes)
Hash ba14fd72ae318e11cb88b546c117c21e
ed9a3c02274bb2ee853dbe8780467360b80a808f
93941c0d811bbdba3a24a2f189ee77e90434c79be61c57230e9252d2871cdf58
GET /it/u=2762925853,3960277089&fm=253&fmt=auto&app=138&f=PNG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:05 GMT
content-type: image/webp
content-length: 121254
expires: Wed, 22 Feb 2023 03:03:27 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: ba14fd72ae318e11cb88b546c117c21e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:03:27 GMT
ohc-cache-hit: cz4ct54 [1], xiangyix105 [2]
ohc-file-size: 121254
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1362541264,1232285913&fm=253&fmt=auto&app=138&f=JPEG?w=356&h=500
58.216.66.35200 OK 32 kB URL HTTP/2 img2.baidu.com/it/u=1362541264,1232285913&fm=253&fmt=auto&app=138&f=JPEG?w=356&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 356x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c77c4c53d5576de26308b06f9b96e095
ce7012511516905b7ab67cb28273edeb0cc07743
9d56d3f262f64cfda02977e8ccae1cf0e1ba735d6654ba83139a27051b2a101a
GET /it/u=1362541264,1232285913&fm=253&fmt=auto&app=138&f=JPEG?w=356&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 32374
expires: Mon, 06 Feb 2023 08:30:03 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: c77c4c53d5576de26308b06f9b96e095
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 08:30:03 GMT
ohc-cache-hit: cz4ct59 [1], suzix208 [4]
ohc-file-size: 32374
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=968959547,2431699162&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 28 kB URL HTTP/1.1 t15.baidu.com/it/u=968959547,2431699162&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 394971b8027d37036b26615cf8659243
f9cf1766231d40ca15f55a77a1c304c6d536ea6a
e4ed4dc5152e41c494afdeefb05f45fb33771197085fdad2f35671b0cb938061
GET /it/u=968959547,2431699162&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpeg
Content-Length: 28002
Connection: keep-alive
Expires: Wed, 08 Feb 2023 00:41:49 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 394971b8027d37036b26615cf8659243
Age: 1142718
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 00:41:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache51 [4], xiangyix182 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 28002
X-Cache-Status: HIT
Timing-Allow-Origin: *
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash f340976d19cec208c568e3569c54bb47
3d7baad74ffbf4b48e02ea2dbd98d4a877adf9e8
9b675700fb4bcfe69bd6137b6cb40a4e3f6fffb595da022adad42728243a43cf
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://16693.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Wed, 25 Jan 2023 03:02:06 GMT
Etag: 1f3dcbfa9d9def3a04e5a18e48fa52f2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=14A877B48198CAC6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img1.baidu.com/it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805
111.225.213.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805
IP 111.225.213.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x805, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 05043cf05c62c1a674a11424dcfe842b
46fc3edf8d33bf06f3d8c4bd0bd9dbd96c343c45
ec6e0580e59609bc9821acf6dd00c361b101d41c850449e74e87f42b9de4feec
GET /it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 26840
expires: Sat, 04 Feb 2023 08:11:42 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 05043cf05c62c1a674a11424dcfe842b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 08:11:42 GMT
ohc-cache-hit: lf6ct78 [1], wzix110 [2]
ohc-file-size: 26840
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4167799717,3525246137&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
113.219.142.35200 OK 29 kB URL HTTP/2 img0.baidu.com/it/u=4167799717,3525246137&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 375x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ccd89cac3843a72f75cb01e03acb1ced
950b28fd56220b98bbecd6f901a8a432976d40b0
b06c0406c860de692eee3263fca72fcf9ed9a46c58590b812ca79f5448c0383e
GET /it/u=4167799717,3525246137&fm=253&fmt=auto&app=138&f=JPEG?w=375&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 29436
expires: Mon, 20 Feb 2023 12:38:46 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ccd89cac3843a72f75cb01e03acb1ced
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 12:38:46 GMT
ohc-cache-hit: chenzct72 [1], czix72 [2]
ohc-file-size: 29436
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2631872643,539594493&fm=253&fmt=auto&app=138&f=JPEG?w=950&h=500
111.225.213.35200 OK 26 kB URL HTTP/2 img1.baidu.com/it/u=2631872643,539594493&fm=253&fmt=auto&app=138&f=JPEG?w=950&h=500
IP 111.225.213.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 950x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash abdb1cc083590be2fa9efb6975793925
adc1b843367052300c6c9191a0f90468c3a99aec
ed56ec61e1bce16f91a2818529a0ca60c07af7841e4a4b8094010e5cb068c68c
GET /it/u=2631872643,539594493&fm=253&fmt=auto&app=138&f=JPEG?w=950&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 25794
expires: Wed, 22 Feb 2023 03:01:14 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: abdb1cc083590be2fa9efb6975793925
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:01:14 GMT
ohc-cache-hit: lf6ct57 [1], czix119 [4]
ohc-file-size: 25794
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3053061917,372692374&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
113.219.142.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=3053061917,372692374&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c15a720f7109bc5dacbce07f946514c9
cabf3b7b1d9d53bdc67dcea34f3b54f2705567a7
bad362e4f967d3ac9172e2231f0ffa3a0878d0a9e78452302aa443315ce24e9f
GET /it/u=3053061917,372692374&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 20170
expires: Mon, 20 Feb 2023 08:17:48 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c15a720f7109bc5dacbce07f946514c9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 08:17:48 GMT
ohc-cache-hit: chenzct72 [1], czix115 [2]
ohc-file-size: 20170
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1690274892,2625327171&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=462
110.185.186.35200 OK 24 kB URL HTTP/1.1 img1.baidu.com/it/u=1690274892,2625327171&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=462
IP 110.185.186.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x462, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9665b076aa219b2a8d3f30ccc6ffe9bf
6e00177e534506da591ee67ebcd7a8340a6e7ab8
a869b1fe5f7a2bc2a35be666c9da699205a6bcf657ecbcc3550504eeb63fbfb0
GET /it/u=1690274892,2625327171&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=462 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/webp
Content-Length: 23810
Connection: keep-alive
Expires: Mon, 30 Jan 2023 14:19:56 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 9665b076aa219b2a8d3f30ccc6ffe9bf
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 31 Dec 2022 14:19:56 GMT
Ohc-Cache-HIT: cd2ct63 [1], csix63 [4]
Ohc-File-Size: 23810
X-Cache-Status: MISS
img2.baidu.com/it/u=3602790367,1542241447&fm=253&fmt=auto?w=1280&h=800
58.216.66.35200 OK 41 kB URL HTTP/2 img2.baidu.com/it/u=3602790367,1542241447&fm=253&fmt=auto?w=1280&h=800
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e11b8ae1ecec72a354bd4ef0fa48b5d
e51fce99e17ad33f0c801289a617bd92367e9195
1f553ea77a97f093cf8c7cf4c4d73f63b778df01dd334771919c330bb8022d18
GET /it/u=3602790367,1542241447&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 41106
expires: Wed, 08 Feb 2023 10:18:42 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1e11b8ae1ecec72a354bd4ef0fa48b5d
age: 517683
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 10:18:42 GMT
ohc-cache-hit: cz4ct67 [4], csix101 [2]
ohc-file-size: 41106
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4204260096,1923555828&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=539
58.216.66.35200 OK 45 kB URL HTTP/2 img2.baidu.com/it/u=4204260096,1923555828&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=539
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x539, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1d81cd779ad0c71f0e47fb96ea7f347b
1172c0e7247e5c345206f0352a6d4c2a2a188820
ff3a789b5beec7674b2c4fc04d4c85c5bbcd98ae1525d812ab77f403fad62084
GET /it/u=4204260096,1923555828&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=539 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 44782
expires: Wed, 22 Feb 2023 19:09:27 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 1d81cd779ad0c71f0e47fb96ea7f347b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 19:09:27 GMT
ohc-cache-hit: cz4ct68 [1], bdix183 [2]
ohc-file-size: 44782
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3353001573,3703188798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=688
113.219.142.35200 OK 39 kB URL HTTP/2 img0.baidu.com/it/u=3353001573,3703188798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=688
IP 113.219.142.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x688, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b34da9f1967d287640bc694e4ab8a586
d329d067bc17cfd87f77e2efeefb51c2fb6e1fe6
422f3018723bc1e6f81d9a9d5c66e2f12162a5b0eaf1168f522d49702a586097
GET /it/u=3353001573,3703188798&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=688 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 03:02:06 GMT
content-type: image/webp
content-length: 38608
expires: Sun, 19 Feb 2023 20:55:02 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b34da9f1967d287640bc694e4ab8a586
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 20:55:02 GMT
ohc-cache-hit: chenzct69 [1], suzix111 [4]
ohc-file-size: 38608
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3204007935,2412746479&fm=253&app=120&f=JPEG?w=1280&h=800
111.225.213.35200 OK 103 kB URL HTTP/1.1 img1.baidu.com/it/u=3204007935,2412746479&fm=253&app=120&f=JPEG?w=1280&h=800
IP 111.225.213.35:0
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 103 kB (103302 bytes)
Hash 49f6dd2074ee242bb0da96d5f61a6ecb
2413fcc31b6445827d274c083460d2a9c3c628fd
915a4bb2b07c576f8c15b5d381ec0030e01ff5c025ccecacb507205cbead59e1
GET /it/u=3204007935,2412746479&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpeg
Content-Length: 103302
Connection: keep-alive
Expires: Thu, 26 Jan 2023 07:16:14 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 49f6dd2074ee242bb0da96d5f61a6ecb
Age: 1219157
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 27 Dec 2022 07:16:14 GMT
Ohc-Cache-HIT: lf6ct82 [4], suzix232 [4]
Ohc-File-Size: 103302
X-Cache-Status: HIT
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=220566408&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=65405&r=0&ww=1280&u=http%3A%2F%2F16693.url.tudown.com%2Fxiaz%2F%25E8%25B6%2585%25E6%2598%259F%25E5%25AD%25A6%25E4%25B9%25A0%25E9%2580%259A%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588v3.0%40212_197675.exe&tt=%E5%8F%91%E5%BD%A9%E7%BD%91%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=220566408&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=65405&r=0&ww=1280&u=http%3A%2F%2F16693.url.tudown.com%2Fxiaz%2F%25E8%25B6%2585%25E6%2598%259F%25E5%25AD%25A6%25E4%25B9%25A0%25E9%2580%259A%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588v3.0%40212_197675.exe&tt=%E5%8F%91%E5%BD%A9%E7%BD%91%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=220566408&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=65405&r=0&ww=1280&u=http%3A%2F%2F16693.url.tudown.com%2Fxiaz%2F%25E8%25B6%2585%25E6%2598%259F%25E5%25AD%25A6%25E4%25B9%25A0%25E9%2580%259A%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588v3.0%40212_197675.exe&tt=%E5%8F%91%E5%BD%A9%E7%BD%91%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://16693.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 25 Jan 2023 03:02:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8F0450AC9B4C4EBF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img1.baidu.com/it/u=170427542,2244280239&fm=253&app=120&f=JPEG?w=1280&h=800
110.185.186.35200 OK 74 kB URL HTTP/1.1 img1.baidu.com/it/u=170427542,2244280239&fm=253&app=120&f=JPEG?w=1280&h=800
IP 110.185.186.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 69af2d29ce689edc06d3fd9650c24cf2
a88518fca1ceedf0f28de8a137e5f70a86cc9171
0f1301877495e34923a1dd930be87fc1a52c169052f9e4e63f15d39d6f6300a0
GET /it/u=170427542,2244280239&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpeg
Content-Length: 74151
Connection: keep-alive
Expires: Sat, 11 Feb 2023 11:09:57 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 69af2d29ce689edc06d3fd9650c24cf2
Age: 317586
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 11:09:57 GMT
Ohc-Cache-HIT: cd2ct62 [4], qdix236 [4]
Ohc-File-Size: 74151
X-Cache-Status: HIT
img2.baidu.com/it/u=3324626083,3198221996&fm=253&app=120&f=JPEG?w=1280&h=800
58.216.66.35200 OK 75 kB URL HTTP/1.1 img2.baidu.com/it/u=3324626083,3198221996&fm=253&app=120&f=JPEG?w=1280&h=800
IP 58.216.66.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 005afecc616978809d18332cbe82b358
59e3bf35fb072e2f4f76b352e1189d51e38106c7
f5813d9e99e6f30eef70d2445a6937f68f122b0196779fa608102794168c1879
GET /it/u=3324626083,3198221996&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 03:02:06 GMT
Content-Type: image/jpeg
Content-Length: 75055
Connection: keep-alive
Expires: Sun, 05 Feb 2023 07:16:06 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 005afecc616978809d18332cbe82b358
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 07:16:06 GMT
Ohc-Cache-HIT: cz4ct59 [1], qdix59 [2]
Ohc-File-Size: 75055
X-Cache-Status: MISS
16693.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 16693.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674615725; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1674615725
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 03:02:07 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes