r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3358
Expires: Wed, 25 Jan 2023 11:47:09 GMT
Date: Wed, 25 Jan 2023 10:51:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15922
Expires: Wed, 25 Jan 2023 15:16:33 GMT
Date: Wed, 25 Jan 2023 10:51:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5924
Expires: Wed, 25 Jan 2023 12:29:55 GMT
Date: Wed, 25 Jan 2023 10:51:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 10:42:49 GMT
content-type: application/json
age: 502
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d5H5dwFFem600XEi6Kh0IWBkzxwBdbzjQOym7A0dMJVfMWVFDzjk5QzjTPvBSbBiMDvpnMPmNxjEQiCPEw2P0w==
x-amz-request-id: ZFHVEZ5XX90J20S3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 10:48:32 GMT
age: 159
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 10:51:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 10:41:40 GMT
age: 572
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
154.218.151.71200 OK 7.9 kB URL HTTP/1.1 16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (476), with CRLF, LF line terminators
Hash f59d210bcba2cb3d58da650fbad2ad9d
7686fc0255ff2521cd88a073471cbf36b8b20436
5b9d3827be28afc4ffb07ec215c0fba6295cdc93b54d71e4e59d798b0afc95c5
Analyzer Verdict Alert fortinet Malware
GET /xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9561
Expires: Wed, 25 Jan 2023 13:30:33 GMT
Date: Wed, 25 Jan 2023 10:51:12 GMT
Connection: keep-alive
push.services.mozilla.com/
52.39.62.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.62.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1ItT1Xk5HKAP1zIfLkmlDg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: splOUsF1DV/oaPdeGsnp8RMBGgg=
16693.url.tudown.com/template/company/1014xiazai/css/base.css
154.218.151.71200 OK 3.2 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/css/base.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash b752c4d83249982bcbcd13a723247bc0
1ccb18e4440bb1209190670ad392ceb8418d6b01
cbdadd44ddee5bd601b32c82c1946469bb2fe3bb6f99167a0a59ed2d2ebb4d0d
GET /template/company/1014xiazai/css/base.css HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:12 GMT
Content-Type: text/css
Last-Modified: Wed, 14 Oct 2020 04:36:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86806a-29c1"
Expires: Wed, 25 Jan 2023 22:51:12 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 16693.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/css/style3500.css
154.218.151.71200 OK 12 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/css/style3500.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (1113)
Hash caee2cfa3291c35837be265cfc3e168c
2abdd423b8b6351b26d52da1faa5517fc76c1730
0f7482f2f6732e4b7f55fdd2eb6e41acb5864a53f19c404728652eabe9923dea
GET /template/company/1014xiazai/css/style3500.css HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:12 GMT
Content-Type: text/css
Last-Modified: Wed, 14 Oct 2020 04:36:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86806a-c99c"
Expires: Wed, 25 Jan 2023 22:51:12 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/plugins.count.js
154.218.151.71200 OK 683 B URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/plugins.count.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (525), with CRLF line terminators
Hash 9279ffdda939f259cbd5bd201b72ab71
12395c3521b33935aee973d761bf424add3a1e36
76fb346f9b8c62f7da6a752511aa20e147069607a28eb98fb843b650a2c6c203
GET /template/company/1014xiazai/js/plugins.count.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:12 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868082-609"
Expires: Wed, 25 Jan 2023 22:51:12 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/jquery.uploadify.min.js
154.218.151.71200 OK 548 B URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/jquery.uploadify.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
GET /template/company/1014xiazai/js/jquery.uploadify.min.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:12 GMT
Content-Type: application/javascript
Content-Length: 548
Last-Modified: Wed, 14 Oct 2020 04:37:19 GMT
Connection: keep-alive
ETag: "5f86807f-224"
Expires: Wed, 25 Jan 2023 22:51:12 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
16693.url.tudown.com/template/company/1014xiazai/js/screenshots.js
154.218.151.71200 OK 1.7 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/screenshots.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (3463), with CRLF line terminators
Hash 5f2d7d98f138edb321f4806bfcd16ca8
fac55732cfd8b6536b6ca8c257f3e1d11cfdf199
c9435192fb089165cfec52d7ab8f807a2b8a0fa533014bb9da0f659719e70d08
GET /template/company/1014xiazai/js/screenshots.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:12 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868072-1219"
Expires: Wed, 25 Jan 2023 22:51:12 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/loading.js
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/loading.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, Unicode text, UTF-8 text, with very long lines (613), with CRLF line terminators
Hash 2422ef78f8b0e865bc47afdacbc60161
f3cb0bf96ba8a395b5587fd8d74243e7572894b7
8ebd398c983e3d9b329d44bcdd9be269243b9838e0fcdbfcd3a814bc1255b39b
GET /template/company/1014xiazai/js/loading.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86807e-1d0e"
Expires: Wed, 25 Jan 2023 22:51:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/member.js
154.218.151.71200 OK 12 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/member.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, Unicode text, UTF-8 text, with very long lines (364), with CRLF line terminators
Hash a95b815530baa4c6efdad8929348d846
fb59238a8fa4c6e4b25dbd8956a7a4b4f8bdbff3
e0ac53257204eb74bc8c9c87b8fcbd55037c972324f10b1904d0610db932b555
GET /template/company/1014xiazai/js/member.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868082-ceda"
Expires: Wed, 25 Jan 2023 22:51:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/global.js
154.218.151.71200 OK 2.8 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (345), with CRLF line terminators
Hash 26b58b731bc22007a9514da5788e5639
ff7a2a214e6a44becf3dd6bc1f70cbf3272d0695
7fc9b78cfc935e6eed582efc9002a03bdabeccfa6be21925c960248083b86113
GET /template/company/1014xiazai/js/global.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86806e-1879"
Expires: Wed, 25 Jan 2023 22:51:13 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/jquery-1.8.2.min.js
154.218.151.71200 OK 38 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/jquery-1.8.2.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65480)
Hash e96252242dc7d419f1f3d2ca4a1dec5d
b16a288a9bdc1b1050c1bee256dde6de54166b83
f62af873d226a9a37ba6bc7385d50888f03a99785135547f03b4aeec63a81fa1
GET /template/company/1014xiazai/js/jquery-1.8.2.min.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:12 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868082-16e8c"
Expires: Wed, 25 Jan 2023 22:51:12 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c6a0dcd28b9e50bc813b8d067f6a74b
65b7850c6a51528bdde393c6789e30664773fbdd
8aa1ffed18b6d8689a9fdc4fd5e0c6abdd21d27eec4e24b37463bb64a790fd99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AA1FFED18B6D8689A9FDC4FD5E0C6ABDD21D27EEC4E24B37463BB64A790FD99"
Last-Modified: Tue, 24 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21534
Expires: Wed, 25 Jan 2023 16:50:07 GMT
Date: Wed, 25 Jan 2023 10:51:13 GMT
Connection: keep-alive
16693.url.tudown.com/uploads/images/199477.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/199477.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/199477.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1515663354,3513911221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
16693.url.tudown.com/uploads/images/284129.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/284129.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/284129.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
16693.url.tudown.com/uploads/images/811815.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/811815.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/811815.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3576490263,2354244943&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
16693.url.tudown.com/uploads/images/234046.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/234046.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/234046.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=607328087,988353537&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec422jpzvwuttzjkhfsoa6llvc42oi3zfyvxs37ay&w=250
154.218.151.71200 OK 3.3 kB URL HTTP/1.1 16693.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec422jpzvwuttzjkhfsoa6llvc42oi3zfyvxs37ay&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 2e23879cea87bf50ba0c984232e7535a
a8bbcc867b30cdd2c97fb79cfa11b0c0a70c4f61
323a3172d08b78c88c828f0152309136263ce2c12321230e9a7e7f96b0e3e71a
GET /uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec422jpzvwuttzjkhfsoa6llvc42oi3zfyvxs37ay&w=250 HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
16693.url.tudown.com/uploads/images/678470.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/678470.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/678470.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=4033385070,3090724868&fm=253&app=120&f=JPEG?w=800&h=800
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17012
Expires: Wed, 25 Jan 2023 15:34:45 GMT
Date: Wed, 25 Jan 2023 10:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17012
Expires: Wed, 25 Jan 2023 15:34:45 GMT
Date: Wed, 25 Jan 2023 10:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17012
Expires: Wed, 25 Jan 2023 15:34:45 GMT
Date: Wed, 25 Jan 2023 10:51:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17012
Expires: Wed, 25 Jan 2023 15:34:45 GMT
Date: Wed, 25 Jan 2023 10:51:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b458c619b07de23b3620f392b0f56f6
e45a3cfee589406e1ea0f1ebd6e8d321487474e1
9927c7a8e606180964b6e052e1eb2bacb007d05a46c1f04e28c48a74096d3c03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8736
x-amzn-requestid: 65bdef1c-0389-4d16-b5fd-931d4753d75d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuF_4oAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-1569aec44c54b7c87663feae;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3fzmJ8iZrVvBDurLOdAJXB6uuvk6KHvIBuKzMKAMSjKUzWICg1cCjQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:47:09 GMT
age: 18244
etag: "e45a3cfee589406e1ea0f1ebd6e8d321487474e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05ff19472d4870833d7c6b495099a86c
6ad7424d14301c62a93ea71843238d2ff0699a02
1f2c62b3be1147d1ed12d1e28caa86c97684d5c5da87ebe3a709ce01cd878abb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: eaa1dff1-44ea-47ff-b211-1dd709d9b259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLP5IGAHIAMFm9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdf9d3-3ccb4f9322744f546fff8a9a;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:06:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3ImH7pi4LZOZo6IqNquoa5C97jI9U0LdwbEKSDU1Cf4R9pITWYhyAw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:04:43 GMT
age: 24390
etag: "6ad7424d14301c62a93ea71843238d2ff0699a02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 946d8485d39fbe598dc6af86e735061d
4934319819697b4c89466949cd4ef93bb8b9c8b2
7bd130762bfaa189b24e3620e4a54b8e0cc7046ea2d917c37d11a8f248803840
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0e7609-9fe9-4d8e-8e5d-d900bbac3bcf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9343
x-amzn-requestid: 5786e270-1aae-45e2-b406-ad9ce4e90c20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHH8hEcBIAMFyjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5383-3b3fb6220035b4e34db73fee;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:05:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ffDYSL3N0ZZ2vGX3d94Evnu0SeEkLWwv4HRHdyUYXQ19MstDR4jROA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 09:04:06 GMT
age: 6427
etag: "4934319819697b4c89466949cd4ef93bb8b9c8b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbbcba4403c1ea4e45ff47894d66e984
8555e8d6a38b78829a7dd2f10eb99bdbb254d89a
c9acd732889f9a58b085ceee3ceb8040fedb1e85ddb9f5b933960472c2f8d147
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59be5df3-0d3c-4611-9b91-9ce5041a7a57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3109
x-amzn-requestid: 89df621b-47d8-4127-8e4f-8e57f3244419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKV9hFNKIAMFtlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cd9d23-0b4c0b5d2bf8c22b2ada0e9c;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 20:31:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: B62xY4rlFNdJGd5ethwkCIwQTsegDVJy6s7OptIr1g_E8GvwttW2sQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 10:03:05 GMT
age: 2888
etag: "8555e8d6a38b78829a7dd2f10eb99bdbb254d89a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:33:54 GMT
age: 11839
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 22:06:36 GMT
age: 45877
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
16693.url.tudown.com/template/company/1014xiazai/images/icos.png
154.218.151.71200 OK 15 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/images/icos.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 166 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash a4e686563c8daf2f139cc5c6629d2730
ad2a8926a53aa4f3e6de38b4e63a017182f8b514
38b01bc71af931846808835315e85841cd7bd42c640b0656b276cc5aeff018c4
GET /template/company/1014xiazai/images/icos.png HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/template/company/1014xiazai/css/base.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/png
Content-Length: 15004
Last-Modified: Wed, 14 Oct 2020 05:48:52 GMT
Connection: keep-alive
ETag: "5f869144-3a9c"
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 87377a4714ff6d2aef3c4572d2f2a02a
6ed0aa6fd03c0a598f154180b74935f95085c0f9
8a2021df681aac6732de7cf0a2e247a83445eab9a831efa5eb3e340eddeb2a38
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 29 Jan 2023 08:30:36 GMT
ETag: "6ed0aa6fd03c0a598f154180b74935f95085c0f9"
Last-Modified: Wed, 25 Jan 2023 08:30:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 75
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f073d3ae42b523-OSL
16693.url.tudown.com/uploads/images/89903.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/89903.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/89903.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=866879960,2738345718&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
16693.url.tudown.com/uploads/images/858568.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/858568.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/858568.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3843192246,3518770030&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/763492.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/763492.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/763492.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1249218434,3820470187&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
16693.url.tudown.com/uploads/images/213401.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/213401.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/213401.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3679914108,2734153451&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1078
16693.url.tudown.com/uploads/images/226445.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/226445.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/226445.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:13 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1043417095,771915572&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=300
16693.url.tudown.com/uploads/images/72865.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/72865.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/72865.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1777944571,2985575495&fm=224&app=112&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/767951.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/767951.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/767951.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=458567645,3602348150&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/598926.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/598926.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/598926.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1093338166,4042514506&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=310
16693.url.tudown.com/uploads/images/694532.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/694532.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/694532.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=595396733,2458101750&fm=253&fmt=auto&app=138&f=JPEG?w=502&h=500
16693.url.tudown.com/uploads/images/521996.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/521996.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/521996.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2648304919,2782804796&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=600
16693.url.tudown.com/uploads/images/143934.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/143934.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/143934.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3292858192,280417652&fm=253&fmt=auto&app=138&f=GIF?w=583&h=500
t14.baidu.com/it/u=1777944571,2985575495&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 36 kB URL HTTP/1.1 t14.baidu.com/it/u=1777944571,2985575495&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c7047b7063d34564474c70fa510e962e
1123739cc679675a5ad77f9acfbaf72c1dbf991b
a77cfe489a1fc33c3c970c206d1e3718ba2ae94f514fcd13ac92d3709e5a6ee7
GET /it/u=1777944571,2985575495&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpeg
Content-Length: 35824
Connection: keep-alive
Expires: Fri, 03 Feb 2023 07:11:37 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: c7047b7063d34564474c70fa510e962e
Age: 1172681
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 07:11:36 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache57 [1], suzix210 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 35824
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3576490263,2354244943&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
118.180.40.35200 OK 13 kB URL HTTP/2 img1.baidu.com/it/u=3576490263,2354244943&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 92b833212adb8cc053f0aac84f92b4aa
ad676d7c28d3f89454a9f2642d05772a01d23f6e
6ecd7632432ac14964e41283710585bb1153172e7aa07ccf42c1a9477e4fdae9
GET /it/u=3576490263,2354244943&fm=253&fmt=auto&app=138&f=JPEG?w=360&h=360 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 12720
expires: Thu, 26 Jan 2023 16:49:57 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 92b833212adb8cc053f0aac84f92b4aa
age: 348886
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 16:49:57 GMT
ohc-cache-hit: lz5ct79 [4], czix248 [4]
ohc-file-size: 12720
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4033385070,3090724868&fm=253&app=120&f=JPEG?w=800&h=800
118.112.225.35200 OK 83 kB URL HTTP/1.1 img0.baidu.com/it/u=4033385070,3090724868&fm=253&app=120&f=JPEG?w=800&h=800
IP 118.112.225.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=0, orientation=[*0*], width=0], baseline, precision 8, 800x800, components 3\012- data
Hash 5412770575f8eddc62a23a2fb687d4d0
4c2f239ba351e87a96e57c00da4b29e101944ad0
22c4b896db45a5857879c9443c8019096f24ce29b0690e711a765291c3498b27
GET /it/u=4033385070,3090724868&fm=253&app=120&f=JPEG?w=800&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpeg
Content-Length: 82919
Connection: keep-alive
Expires: Sat, 11 Feb 2023 16:29:02 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 5412770575f8eddc62a23a2fb687d4d0
Age: 196515
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 16:29:02 GMT
Ohc-Cache-HIT: cd6ct55 [4], wzix94 [2]
Ohc-File-Size: 82919
X-Cache-Status: HIT
img1.baidu.com/it/u=1043417095,771915572&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=300
118.180.40.35200 OK 16 kB URL HTTP/2 img1.baidu.com/it/u=1043417095,771915572&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=300
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 260bde16380cb04e8b99a693c137c1fa
95ef480315b8c9023bddfb53e2776e3bb7db2ac5
b99b5cbcaccbb52d0e63eadd7c69596add9c29357c2d0f5c8b3afdd73a6d2892
GET /it/u=1043417095,771915572&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=300 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 16256
expires: Fri, 24 Feb 2023 02:34:46 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 260bde16380cb04e8b99a693c137c1fa
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 02:34:46 GMT
ohc-cache-hit: lz5ct68 [1], bdix92 [4]
ohc-file-size: 16256
x-cache-status: MISS
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/466102.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/466102.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/466102.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1245685064,2644990480&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
16693.url.tudown.com/uploads/images/150233.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/150233.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/150233.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805
16693.url.tudown.com/uploads/images/117539.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/117539.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/117539.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2858881226,3364858545&fm=224&app=112&f=JPEG?w=470&h=500
16693.url.tudown.com/uploads/images/72970.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/72970.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/72970.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2711064852,2523079085&fm=253&app=120&f=JPEG?w=1280&h=800
16693.url.tudown.com/uploads/images/228259.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/228259.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/228259.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3205047672,2089214067&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/603962.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/603962.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/603962.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=463757055,436601431&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img1.baidu.com/it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
118.180.40.35200 OK 38 kB URL HTTP/2 img1.baidu.com/it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66ada9292d240b59d68b307647bd49fa
9fa61a1d9bfaf0dbd4b878a24ef0fa2e0c2c9367
d591e5bfca293eb899821a18de26e06a1c00365055e95dc3c30362ce7d60c36a
GET /it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 38406
expires: Thu, 23 Feb 2023 10:22:27 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 66ada9292d240b59d68b307647bd49fa
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 10:22:27 GMT
ohc-cache-hit: lz5ct76 [2], xiangyix86 [2]
ohc-file-size: 38406
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=595396733,2458101750&fm=253&fmt=auto&app=138&f=JPEG?w=502&h=500
118.180.40.35200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=595396733,2458101750&fm=253&fmt=auto&app=138&f=JPEG?w=502&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 502x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 967a8aec4840ab47a16c9ce5003f069f
cc207b25fbde9b61ca7e9405f29a5e19a1f6bdbb
80a9770bc2b3c25aa263b19ae0bac8be7d8b405866b2e8da8041aba5016df597
GET /it/u=595396733,2458101750&fm=253&fmt=auto&app=138&f=JPEG?w=502&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 19206
expires: Thu, 26 Jan 2023 20:18:27 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 967a8aec4840ab47a16c9ce5003f069f
age: 398284
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 27 Dec 2022 20:18:27 GMT
ohc-cache-hit: lz5ct66 [4], czix111 [4]
ohc-file-size: 19206
x-cache-status: HIT
X-Firefox-Spdy: h2
t13.baidu.com/it/u=2858881226,3364858545&fm=224&app=112&f=JPEG?w=470&h=500
185.10.104.124200 OK 44 kB URL HTTP/1.1 t13.baidu.com/it/u=2858881226,3364858545&fm=224&app=112&f=JPEG?w=470&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 470x500, components 3\012- data
Hash 8bfbc4d44ce96c4ad070aee8fe8245c6
88cf5224569a6ff941028330a14591b4b7c11017
0b67de3b3d45a3ed15ce9bf4c29f8a465d93cf956fef8bb3f1304b6c2b5a7ce0
GET /it/u=2858881226,3364858545&fm=224&app=112&f=JPEG?w=470&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpeg
Content-Length: 43841
Connection: keep-alive
Expires: Mon, 20 Feb 2023 08:56:09 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 8bfbc4d44ce96c4ad070aee8fe8245c6
Age: 178742
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 08:56:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache55 [1], bdix85 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 43841
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1515663354,3513911221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
118.112.225.35200 OK 34 kB URL HTTP/2 img0.baidu.com/it/u=1515663354,3513911221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d1aa55e2260a9caf3334ed034802f0ad
b4b519dac76c316ad633f47e362a9ea4842d3076
5022e19dff551409c07ebb823baa6f32362683943988c7d005f50ee734b58593
GET /it/u=1515663354,3513911221&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 34542
expires: Mon, 20 Feb 2023 07:29:47 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d1aa55e2260a9caf3334ed034802f0ad
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 07:29:47 GMT
ohc-cache-hit: cd6ct51 [1], xaix232 [4]
ohc-file-size: 34542
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=458567645,3602348150&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
118.180.40.35200 OK 22 kB URL HTTP/2 img1.baidu.com/it/u=458567645,3602348150&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0faef3a4010363f5e8e991c971979e56
f1a84b914ed68ba7a610bff5b3f672f67b625365
9c4c8587afd9834cd16f22c9441c2afd275c4f92ff8db0666ed928ce103e0d32
GET /it/u=458567645,3602348150&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 22486
expires: Fri, 03 Feb 2023 13:21:35 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 0faef3a4010363f5e8e991c971979e56
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 13:21:35 GMT
ohc-cache-hit: lz5ct64 [1], wzix64 [4]
ohc-file-size: 22486
x-cache-status: MISS
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/909973.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/909973.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/909973.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=162696442,3853437345&fm=253&fmt=auto?w=120&h=80
16693.url.tudown.com/uploads/images/940253.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/940253.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/940253.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2938852569,3694825020&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=259
16693.url.tudown.com/uploads/images/601670.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/601670.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/601670.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3109460795,2218838070&fm=224&app=112&f=JPEG?w=382&h=500
16693.url.tudown.com/uploads/images/826107.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/826107.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/826107.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3290530127,480329609&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 96fff9cd1e79204d18ec9343a8a27ee7
cea69e37f9de2c33691e620cc71723c7faa4db94
f232bbe2437afd69a192df13e3ddf0f9013210a4e11e36193cf28ce33536d06a
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://16693.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Wed, 25 Jan 2023 10:51:14 GMT
Etag: 04ed6db5443dc37efbbea91cf63c0faf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5A524B88BBFE2045; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
t15.baidu.com/it/u=3109460795,2218838070&fm=224&app=112&f=JPEG?w=382&h=500
185.10.104.124200 OK 28 kB URL HTTP/1.1 t15.baidu.com/it/u=3109460795,2218838070&fm=224&app=112&f=JPEG?w=382&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 382x500, components 3\012- data
Hash 449b5758b1bc05bf6d723db2585d60e1
183ad3b873a30e6788a2049ea29afc3179f2976a
7d142bc488a3fe6a929cbe7e1b191d6505831aab832da3c8802c61e08c4de2c8
GET /it/u=3109460795,2218838070&fm=224&app=112&f=JPEG?w=382&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpeg
Content-Length: 28421
Connection: keep-alive
Expires: Sat, 18 Feb 2023 00:56:19 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 449b5758b1bc05bf6d723db2585d60e1
Age: 477557
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 00:56:18 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache53 [4], wzix114 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 28421
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3843192246,3518770030&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.112.225.35200 OK 28 kB URL HTTP/2 img0.baidu.com/it/u=3843192246,3518770030&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2bbd7d9e4bfd6560844a5b694fd8a492
7f1b56e3f89689324796f1c4b19c1c3814eb0481
ff0feb98b004b8f676b6c8b7049378cc45d19ccfd2890f24ffe57eadd5d83f35
GET /it/u=3843192246,3518770030&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 28044
expires: Fri, 27 Jan 2023 04:07:00 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 2bbd7d9e4bfd6560844a5b694fd8a492
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 04:07:00 GMT
ohc-cache-hit: cd6ct52 [1], xiangyix86 [2]
ohc-file-size: 28044
x-cache-status: MISS
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/433782.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/433782.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/433782.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 25 Jan 2023 10:51:14 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
t14.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 57 kB URL HTTP/1.1 t14.baidu.com/it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash cdc24465d02cef5dbf5ff3f9eef95822
f688d3e1c68427475d43888b4821ba4fef52f4ef
c4ee317b1038f857654f2dcb1be0f0d7db69fbf10751dd157e32314b6dd26caa
GET /it/u=3223960187,763883613&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:51:15 GMT
Content-Type: image/jpeg
Content-Length: 56665
Connection: keep-alive
Expires: Sun, 05 Feb 2023 11:31:22 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: cdc24465d02cef5dbf5ff3f9eef95822
Age: 1402327
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 11:31:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache57 [1], xaix200 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 56665
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=607328087,988353537&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.112.225.35200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=607328087,988353537&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4dff305a1ea2b4a54fca4888697522a1
64cc446907100c3acb21a0122dcc214745bb040f
201df28a0c58e72162b1573dbf99036082f27694a97aa6030ef095ef1f886977
GET /it/u=607328087,988353537&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 22934
expires: Sun, 12 Feb 2023 14:08:14 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 4dff305a1ea2b4a54fca4888697522a1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 13 Jan 2023 14:08:14 GMT
ohc-cache-hit: cd6ct60 [1], bdix108 [4]
ohc-file-size: 22934
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3292858192,280417652&fm=253&fmt=auto&app=138&f=GIF?w=583&h=500
118.180.40.35200 OK 152 kB URL HTTP/2 img1.baidu.com/it/u=3292858192,280417652&fm=253&fmt=auto&app=138&f=GIF?w=583&h=500
IP 118.180.40.35:0
File type GIF image data, version 89a, 583 x 500\012- data
Size 152 kB (152404 bytes)
Hash 98926807d4bd24543dbba06e46ecf4e8
c39797b145ac76e2db19633c485067bba5de521f
a07c6f7045010a2edb8e9c96179318f3d5c4e97705b564e01dc96b26878c76b0
GET /it/u=3292858192,280417652&fm=253&fmt=auto&app=138&f=GIF?w=583&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/gif
content-length: 152404
expires: Mon, 20 Feb 2023 08:21:15 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 98926807d4bd24543dbba06e46ecf4e8
age: 265486
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 08:21:15 GMT
ohc-cache-hit: lz5ct51 [4], czix51 [4]
ohc-file-size: 152404
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2648304919,2782804796&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=600
118.180.40.35200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=2648304919,2782804796&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=600
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0b2c6982ee4dcfddc9357c821eda8645
0cc27ce824c28ba27fcd8bbe82dad03f9a9bb5ff
8413a369dd204cbb0c770512658446147d3946c3a81507cdd8057718270790cd
GET /it/u=2648304919,2782804796&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=600 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 19588
expires: Sun, 19 Feb 2023 11:04:29 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 0b2c6982ee4dcfddc9357c821eda8645
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 11:04:29 GMT
ohc-cache-hit: lz5ct73 [1], suzix179 [4]
ohc-file-size: 19588
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1093338166,4042514506&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=310
118.112.225.35200 OK 10 kB URL HTTP/2 img0.baidu.com/it/u=1093338166,4042514506&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=310
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 310x310, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f95047d42b47c4631c66056744c2c9d5
56f2e3b921e119c7477d5eaeb27992ecd67a5860
fd8ee2f7afe3ea81106d40a687e4a0a9ad23a772e474d0fea7aa365127e4c18a
GET /it/u=1093338166,4042514506&fm=253&fmt=auto&app=138&f=JPEG?w=310&h=310 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 10236
expires: Fri, 17 Feb 2023 17:02:11 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: f95047d42b47c4631c66056744c2c9d5
age: 324
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 18 Jan 2023 17:02:11 GMT
ohc-cache-hit: cd6ct55 [4], czix146 [4]
ohc-file-size: 10236
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=866879960,2738345718&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
118.112.225.35200 OK 3.4 kB URL HTTP/2 img0.baidu.com/it/u=866879960,2738345718&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 280x180, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 27bace2082433ba9842a87fdc8f9c5cb
bb30e7e64396b7d9eff7e712a426cfda77bcfddd
c7f7fe71d117f3223c49f69a4e727ade8c2a3f0c6a61d7e1b16903594b36c338
GET /it/u=866879960,2738345718&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 3442
expires: Wed, 08 Feb 2023 22:16:31 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 27bace2082433ba9842a87fdc8f9c5cb
age: 457192
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 22:16:31 GMT
ohc-cache-hit: cd6ct67 [4], csix67 [4]
ohc-file-size: 3442
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1249218434,3820470187&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
118.112.225.35200 OK 4.4 kB URL HTTP/2 img0.baidu.com/it/u=1249218434,3820470187&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 220x220, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd9b711166b15a6d4f5a84a282d01387
962ecd3b3feae8ac57678a9e1fedecc7866a07b0
a6cb57b8a8c5332b0657410757a3f9bb67965670cb0ac44f530266fc5eb23b27
GET /it/u=1249218434,3820470187&fm=253&fmt=auto&app=138&f=JPEG?w=220&h=220 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 4416
expires: Sun, 05 Feb 2023 02:10:50 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: dd9b711166b15a6d4f5a84a282d01387
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 02:10:50 GMT
ohc-cache-hit: cd6ct66 [1], wzix66 [4]
ohc-file-size: 4416
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3679914108,2734153451&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1078
118.180.40.35200 OK 40 kB URL HTTP/2 img2.baidu.com/it/u=3679914108,2734153451&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1078
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1078, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 975182b1ac05577be7c98669c6e88398
962eb0e265bc99a124a9a648e8ffe90fed5b9075
dacb488d5d34862693b0b8ae77120c0ae0f6b5719c49aa0cc5fbf05791bae2d9
GET /it/u=3679914108,2734153451&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1078 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 39498
expires: Wed, 08 Feb 2023 09:20:18 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 975182b1ac05577be7c98669c6e88398
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 09:20:18 GMT
ohc-cache-hit: lz5ct55 [1], wzix118 [4]
ohc-file-size: 39498
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1245685064,2644990480&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
118.180.40.35200 OK 39 kB URL HTTP/2 img1.baidu.com/it/u=1245685064,2644990480&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e46c98da103e30a5afef5c56e2d1c77a
264296b009977ef6d231b6ce7bd8fb24935b0005
db45d7754d3bae7c1bb4abc5687ebb5e874afc848981e6502f0073a3c3c779d4
GET /it/u=1245685064,2644990480&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 38894
expires: Fri, 24 Feb 2023 04:17:42 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: e46c98da103e30a5afef5c56e2d1c77a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 04:17:42 GMT
ohc-cache-hit: lz5ct54 [1], xiangyix244 [2]
ohc-file-size: 38894
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=463757055,436601431&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.112.225.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=463757055,436601431&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 06e32e2cbccfeb9507286a2dff20a232
a7bc9ed8ae3e59eccb78c1eb85880a442fbf2d83
3231614da221c93f6eab7012d150e60f6f67cdd7ee71676fa02e0e2916bddec1
GET /it/u=463757055,436601431&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 15968
expires: Fri, 24 Feb 2023 00:44:38 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 06e32e2cbccfeb9507286a2dff20a232
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 00:44:38 GMT
ohc-cache-hit: cd6ct81 [1], bdix192 [4]
ohc-file-size: 15968
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805
118.180.40.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x805, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 05043cf05c62c1a674a11424dcfe842b
46fc3edf8d33bf06f3d8c4bd0bd9dbd96c343c45
ec6e0580e59609bc9821acf6dd00c361b101d41c850449e74e87f42b9de4feec
GET /it/u=57841799,4260223041&fm=253&fmt=auto?w=500&h=805 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 26840
expires: Sat, 04 Feb 2023 08:11:42 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 05043cf05c62c1a674a11424dcfe842b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 08:11:42 GMT
ohc-cache-hit: lz5ct78 [1], wzix110 [4]
ohc-file-size: 26840
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3205047672,2089214067&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
118.180.40.35200 OK 21 kB URL HTTP/2 img1.baidu.com/it/u=3205047672,2089214067&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5510d928024a8f879fd063741ca4a951
b97916da49c49cf4680e1521417c612744e67117
099c74de3af876e0319792a454c61e666e6e39421beee25a632759c5bad62531
GET /it/u=3205047672,2089214067&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:14 GMT
content-type: image/webp
content-length: 20814
expires: Sun, 29 Jan 2023 02:22:28 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 5510d928024a8f879fd063741ca4a951
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 02:22:28 GMT
ohc-cache-hit: lz5ct61 [1], bdix82 [4]
ohc-file-size: 20814
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3290530127,480329609&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
118.180.40.35200 OK 32 kB URL HTTP/2 img2.baidu.com/it/u=3290530127,480329609&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 118.180.40.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 586efb8fc8af45bea1f92150e8304d6b
ce759ff2ad4fd1f9654a386e6abf785d2b8bd83f
00ba0b675d3d81e680bbc05f483ebd175270d48834a0621f5cbde744a30223a1
GET /it/u=3290530127,480329609&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:15 GMT
content-type: image/webp
content-length: 32386
expires: Sun, 05 Feb 2023 05:33:26 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 586efb8fc8af45bea1f92150e8304d6b
age: 618065
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 05:33:26 GMT
ohc-cache-hit: lz5ct51 [4], czix145 [2]
ohc-file-size: 32386
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2938852569,3694825020&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=259
118.112.225.35200 OK 14 kB URL HTTP/2 img0.baidu.com/it/u=2938852569,3694825020&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=259
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 499x259, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 947a16619d50b0326dc9fdbef7c0d8b4
d6463df889b276ea5c4a221c18b1f67c28caaedf
dc27a231c241291acc34a8a217f9fd81adc1045b285897eefe269b444135167d
GET /it/u=2938852569,3694825020&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=259 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:15 GMT
content-type: image/webp
content-length: 14190
expires: Sun, 19 Feb 2023 03:03:04 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 947a16619d50b0326dc9fdbef7c0d8b4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 03:03:04 GMT
ohc-cache-hit: cd6ct63 [1], xaix152 [4]
ohc-file-size: 14190
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=162696442,3853437345&fm=253&fmt=auto?w=120&h=80
118.112.225.35200 OK 2.0 kB URL HTTP/2 img0.baidu.com/it/u=162696442,3853437345&fm=253&fmt=auto?w=120&h=80
IP 118.112.225.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x80, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec2d83dc128aa1dc0b3773b4d6783a85
9c617f83021f7124792778aa91fccf87e48d0f2a
88f62fa2140758fb81a89af474a69e46791f2226e18cde023b3e306d4d46f3c8
GET /it/u=162696442,3853437345&fm=253&fmt=auto?w=120&h=80 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 25 Jan 2023 10:51:15 GMT
content-type: image/webp
content-length: 2046
expires: Wed, 22 Feb 2023 20:48:49 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ec2d83dc128aa1dc0b3773b4d6783a85
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 20:48:49 GMT
ohc-cache-hit: cd6ct51 [1], bdix152 [4]
ohc-file-size: 2046
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=691699371&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=28018&r=0&ww=1280&u=http%3A%2F%2F16693.url.tudown.com%2Fxiaz%2F%25E8%25B6%2585%25E6%2598%259F%25E5%25AD%25A6%25E4%25B9%25A0%25E9%2580%259A%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588v3.0%40212_197675.exe&tt=%E5%8F%91%E5%BD%A9%E7%BD%91%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=691699371&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=28018&r=0&ww=1280&u=http%3A%2F%2F16693.url.tudown.com%2Fxiaz%2F%25E8%25B6%2585%25E6%2598%259F%25E5%25AD%25A6%25E4%25B9%25A0%25E9%2580%259A%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588v3.0%40212_197675.exe&tt=%E5%8F%91%E5%BD%A9%E7%BD%91%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=691699371&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=28018&r=0&ww=1280&u=http%3A%2F%2F16693.url.tudown.com%2Fxiaz%2F%25E8%25B6%2585%25E6%2598%259F%25E5%25AD%25A6%25E4%25B9%25A0%25E9%2580%259A%25E7%2594%25B5%25E8%2584%2591%25E7%2589%2588v3.0%40212_197675.exe&tt=%E5%8F%91%E5%BD%A9%E7%BD%91%E5%BF%AB%E4%B8%89(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%2F%E6%89%8B%E6%9C%BA%E6%9C%80%E6%96%B0%E7%89%88%E4%B8%8B%E8%BD%BD HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://16693.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 25 Jan 2023 10:51:15 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=52A3AA9577A93880; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img2.baidu.com/it/u=2711064852,2523079085&fm=253&app=120&f=JPEG?w=1280&h=800
119.96.52.35200 OK 67 kB URL HTTP/1.1 img2.baidu.com/it/u=2711064852,2523079085&fm=253&app=120&f=JPEG?w=1280&h=800
IP 119.96.52.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 4420f0d224d5c25ad3fbe05ef55eaeb7
0f69566078db62639a08b18504c5211c51314c53
2e0cbe6120d3ef7bab1e0ff8db4f1027b2b2b8b58072d8575990a16a0cfa6ca8
GET /it/u=2711064852,2523079085&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 25 Jan 2023 10:51:15 GMT
Content-Type: image/jpeg
Content-Length: 67118
Connection: keep-alive
Expires: Wed, 08 Feb 2023 09:50:22 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 4420f0d224d5c25ad3fbe05ef55eaeb7
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 09:50:22 GMT
Ohc-Cache-HIT: wh4ct63 [1], xaix63 [4]
Ohc-File-Size: 67118
X-Cache-Status: MISS
16693.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 16693.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/%E8%B6%85%E6%98%9F%E5%AD%A6%E4%B9%A0%E9%80%9A%E7%94%B5%E8%84%91%E7%89%88v3.0@212_197675.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1674643873; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1674643873
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 10:51:15 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes