r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4421
Expires: Sun, 15 Jan 2023 07:07:37 GMT
Date: Sun, 15 Jan 2023 05:53:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13490
Expires: Sun, 15 Jan 2023 09:38:46 GMT
Date: Sun, 15 Jan 2023 05:53:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7bd85a261739c122eefb74ffddaec99
e2e059b0740592e8591d432249aafe5fcb8af23c
71bdd130b8d143f228542f678e91c98ab4e5844fb9f47b036e15372660be25fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71BDD130B8D143F228542F678E91C98AB4E5844FB9F47B036E15372660BE25FD"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9580
Expires: Sun, 15 Jan 2023 08:33:36 GMT
Date: Sun, 15 Jan 2023 05:53:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 05:42:05 GMT
content-type: application/json
age: 711
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: or/W8iysP1G/pJfUsNZ9tz9zA0k0no/+t4g3PEe9HaGoz8TNpzOSEIjlq8BgddqSfUv6ESfNnH0=
x-amz-request-id: BVAD88ZDM3TVED5Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 05:44:02 GMT
age: 594
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 05:53:56 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 05:33:45 GMT
age: 1211
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c01ec61f7ca77158f474b3ab519c12fa
fc82ae0fcd73a83a980b75709a08e65239894e4a
f533e0fac9b92e79d4fbd6e70b42a83067de95f0a13cc737d7e5fa459baa4c54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6569
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 05:53:57 GMT
Last-Modified: Sun, 15 Jan 2023 04:04:28 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
16693.url.tudown.com/xiaz/2@382_17291.exe
154.218.151.71200 OK 7.9 kB URL HTTP/1.1 16693.url.tudown.com/xiaz/2@382_17291.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (482), with CRLF, LF line terminators
Hash 75248cac485a392e432ba23628e5e556
28e5d0d9d8529bc574edae920724373f18833ab0
97284dbbadf175851898878b1de42f080e9350fe609a340c46876dfb11cba049
GET /xiaz/2@382_17291.exe HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.10.73.188101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.10.73.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cEBjMKCQ1pFyo4sMBTn1iw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9CCmcN1F92iXWZ7xYsCZgN0nXPw=
16693.url.tudown.com/template/company/1014xiazai/css/style3500.css
154.218.151.71200 OK 12 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/css/style3500.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (1113)
Hash caee2cfa3291c35837be265cfc3e168c
2abdd423b8b6351b26d52da1faa5517fc76c1730
0f7482f2f6732e4b7f55fdd2eb6e41acb5864a53f19c404728652eabe9923dea
GET /template/company/1014xiazai/css/style3500.css HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:57 GMT
Content-Type: text/css
Last-Modified: Wed, 14 Oct 2020 04:36:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86806a-c99c"
Expires: Sun, 15 Jan 2023 17:53:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/css/base.css
154.218.151.71200 OK 3.2 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/css/base.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash b752c4d83249982bcbcd13a723247bc0
1ccb18e4440bb1209190670ad392ceb8418d6b01
cbdadd44ddee5bd601b32c82c1946469bb2fe3bb6f99167a0a59ed2d2ebb4d0d
GET /template/company/1014xiazai/css/base.css HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:57 GMT
Content-Type: text/css
Last-Modified: Wed, 14 Oct 2020 04:36:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86806a-29c1"
Expires: Sun, 15 Jan 2023 17:53:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 16693.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/member.js
154.218.151.71200 OK 12 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/member.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, Unicode text, UTF-8 text, with very long lines (364), with CRLF line terminators
Hash a95b815530baa4c6efdad8929348d846
fb59238a8fa4c6e4b25dbd8956a7a4b4f8bdbff3
e0ac53257204eb74bc8c9c87b8fcbd55037c972324f10b1904d0610db932b555
GET /template/company/1014xiazai/js/member.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868082-ceda"
Expires: Sun, 15 Jan 2023 17:53:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/global.js
154.218.151.71200 OK 2.8 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (345), with CRLF line terminators
Hash 26b58b731bc22007a9514da5788e5639
ff7a2a214e6a44becf3dd6bc1f70cbf3272d0695
7fc9b78cfc935e6eed582efc9002a03bdabeccfa6be21925c960248083b86113
GET /template/company/1014xiazai/js/global.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86806e-1879"
Expires: Sun, 15 Jan 2023 17:53:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/screenshots.js
154.218.151.71200 OK 1.7 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/screenshots.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (3463), with CRLF line terminators
Hash 5f2d7d98f138edb321f4806bfcd16ca8
fac55732cfd8b6536b6ca8c257f3e1d11cfdf199
c9435192fb089165cfec52d7ab8f807a2b8a0fa533014bb9da0f659719e70d08
GET /template/company/1014xiazai/js/screenshots.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868072-1219"
Expires: Sun, 15 Jan 2023 17:53:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/loading.js
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/loading.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, Unicode text, UTF-8 text, with very long lines (613), with CRLF line terminators
Hash 2422ef78f8b0e865bc47afdacbc60161
f3cb0bf96ba8a395b5587fd8d74243e7572894b7
8ebd398c983e3d9b329d44bcdd9be269243b9838e0fcdbfcd3a814bc1255b39b
GET /template/company/1014xiazai/js/loading.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f86807e-1d0e"
Expires: Sun, 15 Jan 2023 17:53:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/plugins.count.js
154.218.151.71200 OK 683 B URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/plugins.count.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (525), with CRLF line terminators
Hash 9279ffdda939f259cbd5bd201b72ab71
12395c3521b33935aee973d761bf424add3a1e36
76fb346f9b8c62f7da6a752511aa20e147069607a28eb98fb843b650a2c6c203
GET /template/company/1014xiazai/js/plugins.count.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868082-609"
Expires: Sun, 15 Jan 2023 17:53:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16693.url.tudown.com/template/company/1014xiazai/js/jquery.uploadify.min.js
154.218.151.71200 OK 548 B URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/jquery.uploadify.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
NIDS Severity Alert suricata medium ETPRO HUNTING HTTP 200 Stat Code with 404 in Body
GET /template/company/1014xiazai/js/jquery.uploadify.min.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: application/javascript
Content-Length: 548
Last-Modified: Wed, 14 Oct 2020 04:37:19 GMT
Connection: keep-alive
ETag: "5f86807f-224"
Expires: Sun, 15 Jan 2023 17:53:58 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
16693.url.tudown.com/template/company/1014xiazai/js/jquery-1.8.2.min.js
154.218.151.71200 OK 38 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/js/jquery-1.8.2.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65480)
Hash e96252242dc7d419f1f3d2ca4a1dec5d
b16a288a9bdc1b1050c1bee256dde6de54166b83
f62af873d226a9a37ba6bc7385d50888f03a99785135547f03b4aeec63a81fa1
GET /template/company/1014xiazai/js/jquery-1.8.2.min.js HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: application/javascript
Last-Modified: Wed, 14 Oct 2020 04:37:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f868082-16e8c"
Expires: Sun, 15 Jan 2023 17:53:58 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 20d9e4f0b4e51b8961205c9e238c4b5c
e13f89532d54746a24013eecb3ab09601fd37a7f
f8474c9e35289106392de1f86df2636f1af5b01cf925015ee8d0217fdbf22157
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8474C9E35289106392DE1F86DF2636F1AF5B01CF925015EE8D0217FDBF22157"
Last-Modified: Sat, 14 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5147
Expires: Sun, 15 Jan 2023 07:19:45 GMT
Date: Sun, 15 Jan 2023 05:53:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20612
Expires: Sun, 15 Jan 2023 11:37:30 GMT
Date: Sun, 15 Jan 2023 05:53:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20612
Expires: Sun, 15 Jan 2023 11:37:30 GMT
Date: Sun, 15 Jan 2023 05:53:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20612
Expires: Sun, 15 Jan 2023 11:37:30 GMT
Date: Sun, 15 Jan 2023 05:53:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20612
Expires: Sun, 15 Jan 2023 11:37:30 GMT
Date: Sun, 15 Jan 2023 05:53:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20612
Expires: Sun, 15 Jan 2023 11:37:30 GMT
Date: Sun, 15 Jan 2023 05:53:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91a664271b9042ab5a34c1259df6ab93
7ce177939ceed31dbe137996cace3f71eaab3cf4
08b872b4c8dc8d4b5e26d7c5e7985c144dcf45623737e6daf7813b2add8ab013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d821e79-af3a-4b67-a79e-90cdf9701001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11285
x-amzn-requestid: 46c0b124-5916-4067-99af-2fa9812dfb2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ev-1zHc4oAMFV6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c311be-3ffbee9348f4351459ed0099;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 20:34:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xvBnmF39Og8Zbf9xZ0IjC0Kd5cIYRc4ONYqolYdxxmzS8i-K2REYSA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 04:40:16 GMT
age: 4422
etag: "7ce177939ceed31dbe137996cace3f71eaab3cf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc3d9c-c641-44bc-8984-14b267d61d21.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc3d9c-c641-44bc-8984-14b267d61d21.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15d27349999654cef859ce88c7667481
9fff393bf1bfa3b7343f38377e8c8ba62f1c0330
86cb634ee11bcffc4f3ee27a2296391ef30db42fad0ff4175e972f326874f0a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc3d9c-c641-44bc-8984-14b267d61d21.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10853
x-amzn-requestid: a70e2432-7d3e-444e-af26-660f15ef8fe7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaXlBGe5oAMFqww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba6c86-183d9b5f5c3e966225f0057e;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 07:11:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tLCxB4qEwDjOsl8MS0ijD_-lB_ejZKF4rRTEcSpszSnBooFTH4E17w==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 11:54:02 GMT
age: 64796
etag: "9fff393bf1bfa3b7343f38377e8c8ba62f1c0330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e68a8bb-322d-4bae-b7c5-1119e3ee275e.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e68a8bb-322d-4bae-b7c5-1119e3ee275e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12751079fc17bca8630a1ea2b4334a75
0d0bb45beee28e37376cfc3de11074c6f981ff99
15b949a3524291d6c8bd8ef759d3cdb29d6fafd43f3ffba408f6aa7be7c14e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e68a8bb-322d-4bae-b7c5-1119e3ee275e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6024
x-amzn-requestid: 0c4e6a89-2fbc-42c8-ae1b-0cf608c134cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewH9tFrJoAMFsVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c32057-0731faff3ab762d4793376e7;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pWzVYiC2sHEVtlZzGN8FfxB1K3i14JfYzRn60x18gNP01nzlsEve9A==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:46:07 GMT
age: 29271
etag: "0d0bb45beee28e37376cfc3de11074c6f981ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: eb427fd6-c342-4a22-af45-ecc528cf4a8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: epfDqEAZIAMFudQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0787d-4f61ecd2422081224869da76;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 21:15:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RRMRT2BC5p1x0Vh20ut0Kjbz2mnaNToUIbzIg9oczduvzYCckvFORA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 05:58:29 GMT
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
age: 86129
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f9fdd3-2b09-4fe5-a079-daa82adc1d39.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f9fdd3-2b09-4fe5-a079-daa82adc1d39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 807e309c0c704608186f4f0be4f40d94
1eadbf6f305c19b86e83e570cd94133ff4bf33c1
e96f690e1fa5b1e54986a02cba764b4e965891553197a6decbea64a91c5dccaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7f9fdd3-2b09-4fe5-a079-daa82adc1d39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4986
x-amzn-requestid: 19aa397e-1b5c-4c3e-be88-a429ca3d2f77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enenaH5YoAMF6TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfaafc-210871f97c1c327e73fc25e0;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 06:38:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bthAkm0KtTHW9QVgchZF-TWemX9R9BsA7N1LMRQbQyD0wCkk2Io9ag==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 19:56:42 GMT
age: 35836
etag: "1eadbf6f305c19b86e83e570cd94133ff4bf33c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f82c507da28e1b4557ea7f2bdf0f7fc
4be269ad35497a42bf7fce03d711ddf9496abbb4
f51879b87cb99b4883f320fe4abe44032968c42e32b88dc5f788b40ddc6494db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10558
x-amzn-requestid: 46ac11b3-d99b-4dbf-bc92-8ad5d6664669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enjB8Hb1oAMF3xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb20c-2e6a19716318b0650102ba96;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:09:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ihSFjnrsza9aXOhc74WW1VVVigtrhg5xOvTLj_k831G0WOFcXxUZBw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 14:55:32 GMT
age: 53906
etag: "4be269ad35497a42bf7fce03d711ddf9496abbb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/251482.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/251482.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/251482.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2315929503,23136767&fm=224&app=112&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/455132.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/455132.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/455132.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4204260096,1923555828&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=539
16693.url.tudown.com/uploads/images/570131.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/570131.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/570131.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2310677512,1696958302&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
16693.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec422jpzvwuttzjkhfsoa6llvc42oi3zfyvxs37ay&w=250
154.218.151.71200 OK 3.3 kB URL HTTP/1.1 16693.url.tudown.com/uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec422jpzvwuttzjkhfsoa6llvc42oi3zfyvxs37ay&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 2e23879cea87bf50ba0c984232e7535a
a8bbcc867b30cdd2c97fb79cfa11b0c0a70c4f61
323a3172d08b78c88c828f0152309136263ce2c12321230e9a7e7f96b0e3e71a
GET /uploads/images/logo.png?n=4wi3zzf4u3uljhpfwckoloec422jpzvwuttzjkhfsoa6llvc42oi3zfyvxs37ay&w=250 HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
16693.url.tudown.com/uploads/images/596289.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/596289.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/596289.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3490233329,1549012678&fm=224&app=112&f=JPEG?w=500&h=500
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 9ce4764064dfc4132c9b5b65ff46d445
515726da268cba9df79ac2442e827ba7373ffd65
004829357c2fb14a12a2b99b925119ff44014bf4ae7284b6c617b507a27ad0e2
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 19 Jan 2023 04:58:19 GMT
ETag: "515726da268cba9df79ac2442e827ba7373ffd65"
Last-Modified: Sun, 15 Jan 2023 04:58:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1446
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 789c5aa8bd08b517-OSL
16693.url.tudown.com/template/company/1014xiazai/images/icos.png
154.218.151.71200 OK 15 kB URL HTTP/1.1 16693.url.tudown.com/template/company/1014xiazai/images/icos.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 166 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash a4e686563c8daf2f139cc5c6629d2730
ad2a8926a53aa4f3e6de38b4e63a017182f8b514
38b01bc71af931846808835315e85841cd7bd42c640b0656b276cc5aeff018c4
GET /template/company/1014xiazai/images/icos.png HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/template/company/1014xiazai/css/base.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:53:58 GMT
Content-Type: image/png
Content-Length: 15004
Last-Modified: Wed, 14 Oct 2020 05:48:52 GMT
Connection: keep-alive
ETag: "5f869144-3a9c"
Accept-Ranges: bytes
16693.url.tudown.com/uploads/images/812608.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/812608.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/812608.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=163779587,1738005204&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
16693.url.tudown.com/uploads/images/515359.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/515359.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/515359.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2055498959,3403277062&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=611
16693.url.tudown.com/uploads/images/648825.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/648825.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/648825.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2612005732,22377236&fm=253&fmt=auto?w=130&h=170
16693.url.tudown.com/uploads/images/125719.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/125719.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/125719.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3158772427,3240491733&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
16693.url.tudown.com/uploads/images/697019.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/697019.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/697019.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3352499721,2503946627&fm=253&fmt=auto?w=800&h=1280
16693.url.tudown.com/uploads/images/725044.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/725044.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/725044.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3583748342,3312993036&fm=224&app=112&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/675948.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/675948.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/675948.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=151741367,2801046133&fm=253&app=120&f=JPEG?w=1280&h=800
16693.url.tudown.com/uploads/images/942936.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/942936.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/942936.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3067189094,2073885791&fm=253&app=138&f=JPEG?w=500&h=800
16693.url.tudown.com/uploads/images/782492.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/782492.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/782492.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=518278225,3610822463&fm=224&app=112&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/784837.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/784837.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/784837.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=468511496,3426447145&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=834
16693.url.tudown.com/uploads/images/307053.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/307053.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/307053.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=4198915791,560694034&fm=253&app=120&f=JPEG?w=1280&h=800
t14.baidu.com/it/u=2330892267,1431909854&fm=224&app=112&f=JPEG?w=500&h=500&s=CB116486585743FF003768690300E06A
185.10.104.124200 OK 63 kB URL HTTP/1.1 t14.baidu.com/it/u=2330892267,1431909854&fm=224&app=112&f=JPEG?w=500&h=500&s=CB116486585743FF003768690300E06A
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b30fdb2a5b91212d1d46a99962f693dd
e5823ad1e7d65cce0fe734019abf7abff9609f2a
8caee6381f3723af8426f5c71b7c087513e81e606ed79f80dd00f429f84e7dc6
GET /it/u=2330892267,1431909854&fm=224&app=112&f=JPEG?w=500&h=500&s=CB116486585743FF003768690300E06A HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpeg
Content-Length: 62764
Connection: keep-alive
Expires: Wed, 01 Feb 2023 03:13:01 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: b30fdb2a5b91212d1d46a99962f693dd
Age: 289531
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 03:13:01 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache58 [1], bdix163 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 62764
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=3583748342,3312993036&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 56 kB URL HTTP/1.1 t15.baidu.com/it/u=3583748342,3312993036&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 021edbf896dad2f216fb766f18867926
2720ae79bb9eeb16205c470511224f783e79c3a6
3178cc403033a54afd9d82d0cda6f73dcf54ddd0531489db73c66888f2ca760e
GET /it/u=3583748342,3312993036&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpeg
Content-Length: 55829
Connection: keep-alive
Expires: Sun, 12 Feb 2023 18:59:50 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 021edbf896dad2f216fb766f18867926
Age: 125649
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 18:59:50 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache53 [1], xaix213 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 55829
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=2315929503,23136767&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 35 kB URL HTTP/1.1 t15.baidu.com/it/u=2315929503,23136767&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5a750085f8599b73619b7ace0ef830c3
836aef1dbf41b4164201932531cc616a8237bd90
cbdbb0fe75cbf0d8ff76ce37d0f9c828ed8c543a682d19b41811ae9e3ea3715d
GET /it/u=2315929503,23136767&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpeg
Content-Length: 35213
Connection: keep-alive
Expires: Sat, 11 Feb 2023 06:22:08 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 5a750085f8599b73619b7ace0ef830c3
Age: 127195
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 06:22:08 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache51 [4], suzix149 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 35213
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=163779587,1738005204&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
220.169.152.35200 OK 22 kB URL HTTP/2 img2.baidu.com/it/u=163779587,1738005204&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x313, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 072de68dcb2c45a487d6e26728868894
3913c3f2eceeffe4b16485e71fb74530b47591b6
d414931a5d7bb452fb52a41a404391d80fd3591ad485943e68d545c6b0f5a772
GET /it/u=163779587,1738005204&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=313 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:53:59 GMT
content-type: image/webp
content-length: 21630
expires: Sat, 11 Feb 2023 06:57:36 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 072de68dcb2c45a487d6e26728868894
age: 143015
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 06:57:36 GMT
ohc-cache-hit: yy2ct65 [4], xaix100 [2]
ohc-file-size: 21630
x-cache-status: HIT
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/783891.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/783891.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/783891.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2137717646,3305891250&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=3490233329,1549012678&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t15.baidu.com/it/u=3490233329,1549012678&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash e403d35b03ff99dd3e08407dfbcd8328
4ecf26baf1009dba1755d0e00ff92a4f937f9593
74d52b7c5295b52cb7df25b630b5dcdda554c6cbea70bb56db5242b2404dc991
GET /it/u=3490233329,1549012678&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:53:59 GMT
Content-Type: image/jpeg
Content-Length: 38937
Connection: keep-alive
Expires: Mon, 06 Feb 2023 14:55:46 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: e403d35b03ff99dd3e08407dfbcd8328
Age: 548415
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 14:55:46 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache62 [1], csix83 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 38937
X-Cache-Status: HIT
Timing-Allow-Origin: *
16693.url.tudown.com/uploads/images/252538.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/252538.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/252538.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3371953013,4294219548&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
16693.url.tudown.com/uploads/images/519307.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/519307.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/519307.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=182644270,3544475859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img1.baidu.com/it/u=2612005732,22377236&fm=253&fmt=auto?w=130&h=170
183.136.216.35200 OK 6.4 kB URL HTTP/2 img1.baidu.com/it/u=2612005732,22377236&fm=253&fmt=auto?w=130&h=170
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 795809581c3e41e6b39638f9c0cd06d8
1bac53719dd0aa4e4b7cb7ee3a33ba77861272ee
ef705bad5a8a2b1ef0e4a226ad6316ab81ff165551154e5a10478ad2fa21d948
GET /it/u=2612005732,22377236&fm=253&fmt=auto?w=130&h=170 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:00 GMT
content-type: image/webp
content-length: 6426
expires: Tue, 24 Jan 2023 09:11:49 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 795809581c3e41e6b39638f9c0cd06d8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 09:11:49 GMT
ohc-cache-hit: shaoxct74 [1], czix243 [2]
ohc-file-size: 6426
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=518278225,3610822463&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 69 kB URL HTTP/1.1 t13.baidu.com/it/u=518278225,3610822463&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4cbd13f08689eb9dde8edc34c98843fe
8dec1358a878a2d00ba0ce335dbce91c53a515bb
4d67b3045182feab551ced72a4bd81e20140b83a6d4dacf7edf750079d317780
GET /it/u=518278225,3610822463&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpeg
Content-Length: 68730
Connection: keep-alive
Expires: Sun, 05 Feb 2023 06:47:27 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 4cbd13f08689eb9dde8edc34c98843fe
Age: 290737
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 06:47:26 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache62 [1], suzix62 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 68730
X-Cache-Status: HIT
Timing-Allow-Origin: *
16693.url.tudown.com/uploads/images/368763.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/368763.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/368763.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3656983722,4047756460&fm=253&app=120&f=JPEG?w=1280&h=800
t13.baidu.com/it/u=2137717646,3305891250&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 51 kB URL HTTP/1.1 t13.baidu.com/it/u=2137717646,3305891250&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1f4dd4b253cdeb26b1c1e9f61a016942
8339bdedf6f589572e86f0ec52efb42c9c2e859e
ee010185dbd43e8fe275a64dd4a95c62fcb27c7e884a48a140753e9d39f43340
GET /it/u=2137717646,3305891250&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpeg
Content-Length: 51071
Connection: keep-alive
Expires: Sun, 05 Feb 2023 12:51:49 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 1f4dd4b253cdeb26b1c1e9f61a016942
Age: 290925
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 12:51:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache53 [4], bdix246 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 51071
X-Cache-Status: HIT
Timing-Allow-Origin: *
16693.url.tudown.com/uploads/images/367670.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/367670.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/367670.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4115944612,1702036461&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1082
16693.url.tudown.com/uploads/images/692012.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/692012.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/692012.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2130627561,1956693105&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash e9a7db301a22a2446731411dc7aa29ce
883bc9a8109eafcb09238aeb7ef1ef79eb5a691f
73bd2497cf14747f355a08a0d99574eeb8f4288e6c100135ebddecd483217808
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://16693.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sun, 15 Jan 2023 05:53:59 GMT
Etag: af11be369a62409de878638bd64e903a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=24EAF9BA19982DDD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img2.baidu.com/it/u=468511496,3426447145&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=834
220.169.152.35200 OK 47 kB URL HTTP/2 img2.baidu.com/it/u=468511496,3426447145&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=834
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x834, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eda17e7c429bc0e90da34c8242c1ed44
79492e4dfecf5adf6f4776dee308bd2ec9d32346
19bfca240bcfa2360770ab8290b998ad8b5ebe04c8fb9fb8402fca348028b8c8
GET /it/u=468511496,3426447145&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=834 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:53:59 GMT
content-type: image/webp
content-length: 46596
expires: Wed, 08 Feb 2023 16:05:26 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: eda17e7c429bc0e90da34c8242c1ed44
age: 142374
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 09 Jan 2023 16:05:26 GMT
ohc-cache-hit: yy2ct66 [2], csix85 [4]
ohc-file-size: 46596
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3352499721,2503946627&fm=253&fmt=auto?w=800&h=1280
183.136.216.35200 OK 31 kB URL HTTP/2 img1.baidu.com/it/u=3352499721,2503946627&fm=253&fmt=auto?w=800&h=1280
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2af7d3f94000b4546a82696b52e5bb4
272f35ec47e5f23870bcaa8e6ed810d8cd9d490e
2bdccd842a09090084e97a914d0d484e6024217cbbb2000ef5c396ecfc4d0247
GET /it/u=3352499721,2503946627&fm=253&fmt=auto?w=800&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:00 GMT
content-type: image/webp
content-length: 30818
expires: Sat, 21 Jan 2023 15:25:35 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d2af7d3f94000b4546a82696b52e5bb4
age: 10479
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 15:25:35 GMT
ohc-cache-hit: shaoxct59 [4], czix189 [4]
ohc-file-size: 30818
x-cache-status: HIT
X-Firefox-Spdy: h2
16693.url.tudown.com/uploads/images/904797.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/904797.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/904797.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=962805961,4097730926&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=334
img1.baidu.com/it/u=182644270,3544475859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
183.136.216.35200 OK 41 kB URL HTTP/2 img1.baidu.com/it/u=182644270,3544475859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 17649b50fc3e48910fcfc322db5eb8a0
29609376c4ac38159cb3084ca659c087f4a7746e
3430a2979ddd118b7551157ac0515bde98dfef0ad324bd11e7777c868b5a8f02
GET /it/u=182644270,3544475859&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:00 GMT
content-type: image/webp
content-length: 41428
expires: Wed, 01 Feb 2023 11:00:48 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 17649b50fc3e48910fcfc322db5eb8a0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 11:00:48 GMT
ohc-cache-hit: shaoxct74 [1], csix74 [4]
ohc-file-size: 41428
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3067189094,2073885791&fm=253&app=138&f=JPEG?w=500&h=800
183.136.216.35200 OK 64 kB URL HTTP/1.1 img1.baidu.com/it/u=3067189094,2073885791&fm=253&app=138&f=JPEG?w=500&h=800
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x800, components 3\012- data
Hash b69b48d0e168a252a2b465b6f10b373e
91431b5cf6a8fe621dd19356492ee854506fef44
a9fbf363f382e914ed1c2a513b58068c253ee422f24be079db82722ff4d3de34
GET /it/u=3067189094,2073885791&fm=253&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpeg
Content-Length: 64229
Connection: keep-alive
Expires: Fri, 10 Feb 2023 16:10:22 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: b69b48d0e168a252a2b465b6f10b373e
Age: 29052
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 16:10:22 GMT
Ohc-Cache-HIT: shaoxct69 [4], wzix94 [4]
Ohc-File-Size: 64229
X-Cache-Status: HIT
16693.url.tudown.com/uploads/images/106851.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/106851.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/106851.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1602637317,2040556932&fm=253&app=120&f=JPEG?w=720&h=1280
16693.url.tudown.com/uploads/images/505361.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/505361.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/505361.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2625600525,2422034691&fm=224&app=112&f=JPEG?w=500&h=500
16693.url.tudown.com/uploads/images/534501.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 16693.url.tudown.com/uploads/images/534501.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/534501.jpg HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=813657210,2152085310&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=2055498959,3403277062&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=611
220.169.152.35200 OK 24 kB URL HTTP/2 img2.baidu.com/it/u=2055498959,3403277062&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=611
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 440x611, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 61a2b59b4fa1889c6b8bcf0e3b966958
0c33663caec2a79dd2866e2563603089e5879804
9136fb6ba22853a43aa90ab0efb4d92b926eb797ccd4d6bb347285547b585649
GET /it/u=2055498959,3403277062&fm=253&fmt=auto&app=138&f=JPEG?w=440&h=611 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:00 GMT
content-type: image/webp
content-length: 24214
expires: Sun, 22 Jan 2023 00:29:13 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 61a2b59b4fa1889c6b8bcf0e3b966958
age: 287338
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 00:29:13 GMT
ohc-cache-hit: yy2ct65 [4], bdix160 [2]
ohc-file-size: 24214
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4204260096,1923555828&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=539
220.169.152.35200 OK 45 kB URL HTTP/2 img2.baidu.com/it/u=4204260096,1923555828&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=539
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x539, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1d81cd779ad0c71f0e47fb96ea7f347b
1172c0e7247e5c345206f0352a6d4c2a2a188820
ff3a789b5beec7674b2c4fc04d4c85c5bbcd98ae1525d812ab77f403fad62084
GET /it/u=4204260096,1923555828&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=539 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:00 GMT
content-type: image/webp
content-length: 44782
expires: Mon, 23 Jan 2023 06:52:01 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 1d81cd779ad0c71f0e47fb96ea7f347b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 06:52:01 GMT
ohc-cache-hit: yy2ct68 [1], bdix183 [2]
ohc-file-size: 44782
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3371953013,4294219548&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
220.169.152.35200 OK 31 kB URL HTTP/2 img2.baidu.com/it/u=3371953013,4294219548&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 667x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7b8069a921bfa89cb9382ebbc4727fb4
c3ceb7c8653ae14230c1314ffcb45116d49ce4b4
b3b6064c928ebd5438b60dfd22a900bfd196ffd1347a3102f04c4e728ce6de0d
GET /it/u=3371953013,4294219548&fm=253&fmt=auto&app=138&f=JPEG?w=667&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:00 GMT
content-type: image/webp
content-length: 31100
expires: Wed, 18 Jan 2023 09:52:43 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 7b8069a921bfa89cb9382ebbc4727fb4
age: 8587
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 09:52:43 GMT
ohc-cache-hit: yy2ct69 [4], xaix210 [2]
ohc-file-size: 31100
x-cache-status: HIT
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2625600525,2422034691&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 48 kB URL HTTP/1.1 t14.baidu.com/it/u=2625600525,2422034691&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f9376a5c50cef4edd820bdd748484018
b4b39c12d558cbc373e8ede53b6c8e5f0f66dd3d
24cdfeede4f076b5a83093244a57a3869501977ea87379044bb5f8f42870ae14
GET /it/u=2625600525,2422034691&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpeg
Content-Length: 47835
Connection: keep-alive
Expires: Fri, 10 Feb 2023 21:07:13 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: f9376a5c50cef4edd820bdd748484018
Age: 290807
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 21:07:13 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache53 [4], xaix175 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 47835
X-Cache-Status: HIT
Timing-Allow-Origin: *
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1051412354&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=63676&r=0&ww=1280&u=http%3A%2F%2F16693.url.tudown.com%2Fxiaz%2F2%40382_17291.exe&tt=%E4%BB%BFag%E7%9C%9F%E4%BA%BA%E5%B9%B3%E5%8F%B0%E5%BC%80%E5%8F%91%E7%BD%91%E5%9D%80(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1051412354&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=63676&r=0&ww=1280&u=http%3A%2F%2F16693.url.tudown.com%2Fxiaz%2F2%40382_17291.exe&tt=%E4%BB%BFag%E7%9C%9F%E4%BA%BA%E5%B9%B3%E5%8F%B0%E5%BC%80%E5%8F%91%E7%BD%91%E5%9D%80(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1051412354&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=63676&r=0&ww=1280&u=http%3A%2F%2F16693.url.tudown.com%2Fxiaz%2F2%40382_17291.exe&tt=%E4%BB%BFag%E7%9C%9F%E4%BA%BA%E5%B9%B3%E5%8F%B0%E5%BC%80%E5%8F%91%E7%BD%91%E5%9D%80(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://16693.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 15 Jan 2023 05:54:00 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=576C17556230AEF9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
t14.baidu.com/it/u=813657210,2152085310&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 55 kB URL HTTP/1.1 t14.baidu.com/it/u=813657210,2152085310&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 048c8033b7788f145f433316bd178c47
3e6f529839cb2a223aed7b288ae909a7f5e6d861
51090e1a830bd5f1b8c2c011cc4ee38fcaceafa1b2980ef29a9a2185c33c5089
GET /it/u=813657210,2152085310&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpeg
Content-Length: 54574
Connection: keep-alive
Expires: Mon, 06 Feb 2023 09:41:13 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 048c8033b7788f145f433316bd178c47
Age: 287265
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 09:41:13 GMT
Ohc-Cache-HIT: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache50 [2], xaix187 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 54574
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=2130627561,1956693105&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
183.136.216.35200 OK 43 kB URL HTTP/2 img1.baidu.com/it/u=2130627561,1956693105&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d88d5d0448d1fb76b4ead3062c2dcf6e
ed47a8682919480de02dfb31f2fc97f3ac1fd1c2
432bdbd2c5b27e46f9a982201fa4f48287dd3ebd3633928346a232098f52954c
GET /it/u=2130627561,1956693105&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:00 GMT
content-type: image/webp
content-length: 42932
expires: Tue, 24 Jan 2023 20:57:33 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: d88d5d0448d1fb76b4ead3062c2dcf6e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 20:57:33 GMT
ohc-cache-hit: shaoxct72 [1], czix197 [4]
ohc-file-size: 42932
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4198915791,560694034&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 117 kB URL HTTP/1.1 img2.baidu.com/it/u=4198915791,560694034&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 117 kB (117416 bytes)
Hash aca8a45af1cbd76ebb8b3de4fb880463
be6b3eafff5e554c501de6e52645edd4f187e156
9723e3e4684816edbb74c2e4808fa7b6260f73bf02fb26b485d77d40e228d63a
GET /it/u=4198915791,560694034&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpeg
Content-Length: 117416
Connection: keep-alive
Expires: Sat, 04 Feb 2023 13:56:08 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: aca8a45af1cbd76ebb8b3de4fb880463
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 13:56:08 GMT
Ohc-Cache-HIT: yy2ct78 [1], xaix211 [2]
Ohc-File-Size: 117416
X-Cache-Status: MISS
img1.baidu.com/it/u=1602637317,2040556932&fm=253&app=120&f=JPEG?w=720&h=1280
183.136.216.35200 OK 98 kB URL HTTP/1.1 img1.baidu.com/it/u=1602637317,2040556932&fm=253&app=120&f=JPEG?w=720&h=1280
IP 183.136.216.35:0
ASN #58461 CT-HangZhou-IDC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 720x1280, components 3\012- data
Hash f5aa8e68619acfe881aec499da616285
ba86805d99c61c0b069b990f5d212e75e36fc3ce
1e1443914921299c2d12e76760de0b9e9ad418282c92fc84cb2fb3acc0a2d020
GET /it/u=1602637317,2040556932&fm=253&app=120&f=JPEG?w=720&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpeg
Content-Length: 98272
Connection: keep-alive
Expires: Wed, 08 Feb 2023 07:37:12 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: f5aa8e68619acfe881aec499da616285
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 07:37:12 GMT
Ohc-Cache-HIT: shaoxct52 [1], wzix88 [2]
Ohc-File-Size: 98272
X-Cache-Status: MISS
img1.baidu.com/it/u=3656983722,4047756460&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 154 kB URL HTTP/1.1 img1.baidu.com/it/u=3656983722,4047756460&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 154 kB (153493 bytes)
Hash cb40c82ebfc789ed642d9606b996109f
969dd23e8fbeff3ebe73d09cfa026bb1ec4e1a28
5aa6f98926d4a10e82ede028ac85a22a36717fcd5826e7f506107ad147a2470e
GET /it/u=3656983722,4047756460&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpeg
Content-Length: 153493
Connection: keep-alive
Expires: Thu, 26 Jan 2023 20:43:19 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: cb40c82ebfc789ed642d9606b996109f
Age: 273744
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 27 Dec 2022 20:43:19 GMT
Ohc-Cache-HIT: yy2ct52 [3], czix231 [3]
Ohc-File-Size: 153493
X-Cache-Status: HIT
img2.baidu.com/it/u=151741367,2801046133&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 191 kB URL HTTP/1.1 img2.baidu.com/it/u=151741367,2801046133&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 191 kB (191343 bytes)
Hash c1407539f4deec627fe1b20b1a97a897
f75951efb58f82b506b219ddbb9640cb0c0609d6
8e88b8612972145fbdcbd57329f8f80626c50b82237b6991262560af07fe66d8
GET /it/u=151741367,2801046133&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16693.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 15 Jan 2023 05:54:00 GMT
Content-Type: image/jpeg
Content-Length: 191343
Connection: keep-alive
Expires: Sun, 29 Jan 2023 15:17:44 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: c1407539f4deec627fe1b20b1a97a897
Age: 92148
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 30 Dec 2022 15:17:44 GMT
Ohc-Cache-HIT: yy2ct66 [3], wzix66 [4]
Ohc-File-Size: 191343
X-Cache-Status: HIT
img0.baidu.com/it/u=3158772427,3240491733&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
220.169.152.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=3158772427,3240491733&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d64511f2558773e0b2b555a530ad2d6
3ebf8a0f61ca8bcbe7e3c25c9685e2b4361ebef3
68474ee856f257dca32e0fda1164236b99a521f5f521b27d2bd8d4e2105c62c8
GET /it/u=3158772427,3240491733&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:01 GMT
content-type: image/webp
content-length: 18430
expires: Mon, 23 Jan 2023 12:57:22 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 0d64511f2558773e0b2b555a530ad2d6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 12:57:22 GMT
ohc-cache-hit: yy2ct70 [1], xiangyix149 [2]
ohc-file-size: 18430
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=962805961,4097730926&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=334
220.169.152.35200 OK 7.3 kB URL HTTP/2 img0.baidu.com/it/u=962805961,4097730926&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=334
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x334, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eca72b448243a5dd07e7c7ee97de7279
0d143211780412460239e7de577389b929e3631b
70e458e05c245b40e0ae3e29c14661e7f97e0f0080aad89b7ab480ce52889f79
GET /it/u=962805961,4097730926&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=334 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:01 GMT
content-type: image/webp
content-length: 7302
expires: Fri, 20 Jan 2023 03:48:28 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: eca72b448243a5dd07e7c7ee97de7279
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 03:48:28 GMT
ohc-cache-hit: yy2ct55 [1], xiangyix92 [4]
ohc-file-size: 7302
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4115944612,1702036461&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1082
220.169.152.35200 OK 46 kB URL HTTP/2 img0.baidu.com/it/u=4115944612,1702036461&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1082
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1082, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 542cfae21c02d00954cb0f21764832b5
36175ec2a61489a9e255db501a1a179413213191
85460d86422e9e9a60b7151fb2b31e3ac07fb525d1600e73696534924b0038e0
GET /it/u=4115944612,1702036461&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1082 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:01 GMT
content-type: image/webp
content-length: 45538
expires: Sat, 21 Jan 2023 12:47:08 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 542cfae21c02d00954cb0f21764832b5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 12:47:08 GMT
ohc-cache-hit: yy2ct53 [1], czix187 [2]
ohc-file-size: 45538
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2310677512,1696958302&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
220.169.152.35200 OK 29 kB URL HTTP/2 img0.baidu.com/it/u=2310677512,1696958302&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x706, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e57618a870540d3078f3dd3c334afd8d
9993b01b875200e346d2c1eb431745c1e1533859
650ea7125416e263fe487970774803e3b0c14981402f6c5959e10376b56849d7
GET /it/u=2310677512,1696958302&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=706 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16693.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 15 Jan 2023 05:54:01 GMT
content-type: image/webp
content-length: 28844
expires: Fri, 10 Feb 2023 21:17:32 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: e57618a870540d3078f3dd3c334afd8d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 21:17:32 GMT
ohc-cache-hit: yy2ct75 [1], wzix75 [4]
ohc-file-size: 28844
x-cache-status: MISS
X-Firefox-Spdy: h2
16693.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 16693.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 16693.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16693.url.tudown.com/xiaz/2@382_17291.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1673762041; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1673762041
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 15 Jan 2023 05:54:01 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes