r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9ce33c47154f4826255fe9bbe54d72be
e10a363c007a6d15ed43eb35b4e5c246d85c5eed
cf423db1a8ad1dce1b5c25f6025d14411b4a46e95a6001288949f046e244bc24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF423DB1A8AD1DCE1B5C25F6025D14411B4A46E95A6001288949F046E244BC24"
Last-Modified: Fri, 10 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7852
Expires: Sun, 12 Mar 2023 06:51:50 GMT
Date: Sun, 12 Mar 2023 04:40:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 88c2e33504e05b0bc2b7a3502d6a79bb
23881a1edb8d8ff3dc2192d25792a59fa2c96088
dfbfefeab7d314e54f5e5f2e48ba645817da6dee3ee2bc5abdbaac81b8dc66e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFBFEFEAB7D314E54F5E5F2E48BA645817DA6DEE3EE2BC5ABDBAAC81B8DC66E7"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5477
Expires: Sun, 12 Mar 2023 06:12:15 GMT
Date: Sun, 12 Mar 2023 04:40:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1a564ae484daef6a82bb08116ad794eb
f75350abf28a42c16324901035889a1f3af700a1
225214187df3f50835a8aafcc4555fe47cf0b78938b71d34fb422942292b153b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "225214187DF3F50835A8AAFCC4555FE47CF0B78938B71D34FB422942292B153B"
Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5418
Expires: Sun, 12 Mar 2023 06:11:16 GMT
Date: Sun, 12 Mar 2023 04:40:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 12 Mar 2023 04:09:11 GMT
content-type: application/json
age: 1907
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zFeYLqwZINiPVue6zoExWY8el7FQ/6MFfSs8LVmcYGeHToa/8W7A5P+O/Drm120QLIpV+xc8NWw=
x-amz-request-id: B5QDRJ4X0FVHKAPV
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 12 Mar 2023 04:19:33 GMT
age: 1285
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 12 Mar 2023 04:40:58 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 12 Mar 2023 04:06:47 GMT
age: 2052
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d960a8d21b339ab0d7987e3b1eb16fdc
08d4430c549151295ee4e1dc8f24dbd3d9456b0b
522b75aa714f87a716a9a693a7c3ed1cab6e5b1725f20a67df46dec2967b5960
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "522B75AA714F87A716A9A693A7C3ED1CAB6E5B1725F20A67DF46DEC2967B5960"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9954
Expires: Sun, 12 Mar 2023 07:26:53 GMT
Date: Sun, 12 Mar 2023 04:40:59 GMT
Connection: keep-alive
16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
200 OK 6.6 kB URL HTTP/1.1 16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (303), with CRLF, LF line terminators
Hash 0d274d3296b25b35318ba594ed91971b
ac0eb2f041b5f7897fbab8972694ef5bff142c06
b3a58285533a2b827a4c56297ff7555a943d478acbee908f2d09cc2799869966
Analyzer Verdict Alert fortinet Malware
GET /down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:40:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OelsYQ9K00jOKl0IwgmQQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b82CDAZDhtpfJZ9fhVlHZAib5CQ=
16673.url.tudown.com/template/company/42xz/css/common.css
200 OK 1.9 kB URL HTTP/1.1 16673.url.tudown.com/template/company/42xz/css/common.css
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5
GET /template/company/42xz/css/common.css HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:40:59 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Sun, 12 Mar 2023 16:40:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16673.url.tudown.com/js/orsxg5a.script
200 OK 527 B URL HTTP/1.1 16673.url.tudown.com/js/orsxg5a.script
IP
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash d7657fee4b1bb7f07e4d8c3c56f3a392
8c3fc571d2e8c537b349e453d0e8a63c745f3079
162b7cb211f9277017b6103bee6a718c2b07c1c4dc9fe61550ce32fe2ae8f743
Analyzer Verdict Alert fortinet Malware
GET /js/orsxg5a.script HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:40:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
16673.url.tudown.com/template/company/42xz/css/soft.css
200 OK 6.6 kB URL HTTP/1.1 16673.url.tudown.com/template/company/42xz/css/soft.css
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356
GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:40:59 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Sun, 12 Mar 2023 16:40:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16673.url.tudown.com/template/company/42xz/js/soft.js
200 OK 3.6 kB URL HTTP/1.1 16673.url.tudown.com/template/company/42xz/js/soft.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d
Analyzer Verdict Alert fortinet Malware
GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:40:59 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Sun, 12 Mar 2023 16:40:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
16673.url.tudown.com/uploads/images/504626.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/504626.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/504626.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1299408251,3851878406&fm=253&fmt=auto?w=720&h=1280
16673.url.tudown.com/uploads/images/788772.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/788772.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/788772.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2326538388,63073338&fm=253&fmt=auto&app=138&f=GIF?w=500&h=623
16673.url.tudown.com/uploads/images/752670.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/752670.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/752670.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1749995119,3862897148&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
16673.url.tudown.com/uploads/images/logo.png?n=4s72d2mywps3raxixwtojoe242oi3zmkuhslrlpfx6bq&w=250
200 OK 3.4 kB URL HTTP/1.1 16673.url.tudown.com/uploads/images/logo.png?n=4s72d2mywps3raxixwtojoe242oi3zmkuhslrlpfx6bq&w=250
IP
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 71006124c9d6302147eb90ee001b66fb
d28ee248977a44560f48b8be36dcd98f6a2ea3a7
3e6d235f5bdfeb3c31c2e71c8ba6893c05fc60c720af26971e7cc82ba01316bd
GET /uploads/images/logo.png?n=4s72d2mywps3raxixwtojoe242oi3zmkuhslrlpfx6bq&w=250 HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
16673.url.tudown.com/uploads/images/818116.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/818116.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/818116.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1010581358,2495170477&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 27d4aff35b86e039853a302db3f85b4e
60205d42e81fc884cd507cb65526feab2e73696a
62471fb182a12310805f965b7b0e821d91ed92054a61e55773619d8bb5f0caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62471FB182A12310805F965B7B0E821D91ED92054A61E55773619D8BB5F0CAA2"
Last-Modified: Sat, 11 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12406
Expires: Sun, 12 Mar 2023 08:07:46 GMT
Date: Sun, 12 Mar 2023 04:41:00 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 5aeb9ded4479912de22ec975abe42a0a
eae407310596230d72282f26d8976e1e1fb34e96
2a2bb7e5693771ffcffb0193b4ccfe563f21af332d20755df5eb2ef1ab99c9c0
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 16 Mar 2023 01:48:54 GMT
ETag: "eae407310596230d72282f26d8976e1e1fb34e96"
Last-Modified: Sun, 12 Mar 2023 01:48:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1280
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a695cc2dab31c0e-OSL
16673.url.tudown.com/uploads/images/232131.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/232131.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/232131.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=940759936,3498583668&fm=253&fmt=auto&app=138&f=PNG?w=889&h=500
16673.url.tudown.com/uploads/images/639290.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/639290.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/639290.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3132461867,4194635543&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=666
16673.url.tudown.com/uploads/images/9872.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/9872.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/9872.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1591157932,750484157&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
16673.url.tudown.com/uploads/images/938508.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/938508.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/938508.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2968958125,1640617454&fm=253&fmt=auto?w=1280&h=800
16673.url.tudown.com/uploads/images/652209.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/652209.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/652209.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=523733599,27028552&fm=253&fmt=auto&app=120&f=JPEG?w=490&h=692
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2801
Expires: Sun, 12 Mar 2023 05:27:41 GMT
Date: Sun, 12 Mar 2023 04:41:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2801
Expires: Sun, 12 Mar 2023 05:27:41 GMT
Date: Sun, 12 Mar 2023 04:41:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae3c2980-a44e-45c6-a99d-629945594f8f.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae3c2980-a44e-45c6-a99d-629945594f8f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56954902055f7b634773a3cf27cec213
c08733caed5383a2790e0760a889a6e545753105
16aa87074a92c80776c901da479e182fff8e81600d0a026b1e8c2ca38033b4fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae3c2980-a44e-45c6-a99d-629945594f8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11176
x-amzn-requestid: 8f3332e2-954e-4c35-96c9-390e257f5451
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BosvyFdeIAMF3MA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4cb-3869435d54341ff376a91d06;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: JdyxGvD16BjZNkG6J1b5pDwb4kJcyDZBDJAPi793Hxf3tP3VPm6Izw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:55:29 GMT
age: 24331
etag: "c08733caed5383a2790e0760a889a6e545753105"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BkEcBGizoAMFgOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Nn4eV-UeuWZ02ANOxzTUSgE4UODtaZxeIjp8UJfU8PgUny2shFaDjQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:55 GMT
age: 25085
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2801
Expires: Sun, 12 Mar 2023 05:27:41 GMT
Date: Sun, 12 Mar 2023 04:41:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc0a968b-1496-4ceb-8b63-b15d3353077f.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc0a968b-1496-4ceb-8b63-b15d3353077f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0edb27fae38fee2915b30e37d7e9af1b
1c54254272a643a06225f236f1cb4ee1169da27e
a18a6773ac0b1db405453dafd1533d49c3491ba7ed2dc03594ffbc1dd1d7f6bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc0a968b-1496-4ceb-8b63-b15d3353077f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12909
x-amzn-requestid: 45c7e88e-6da9-43e8-95fe-cf2856032abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BjaL4HyDIAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640ad718-384dd6d52b7d4344665ea469;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 07:07:04 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: zTvsOneQc6tQlt-YJ_8frW9ZytZax0YtUpPR72-y2amhHesqpdhfrA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 07:13:45 GMT
age: 77235
etag: "1c54254272a643a06225f236f1cb4ee1169da27e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64218a7e-0a7f-4603-96b2-0537460a98f4.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64218a7e-0a7f-4603-96b2-0537460a98f4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46321826c6cedf530893b10799a1587c
232c8366b1201c7d707528ac8a9d1cc48798ed8a
19bbe67fe3aa8d006f7b08ee0c6c390191967a88073dabe21ac57e17ef077220
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64218a7e-0a7f-4603-96b2-0537460a98f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 486cd313-c9f3-4ed2-b1ca-8d45e2e1e84c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotmEEcWIAMF2kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf626-1053a1d3415dcdd65d269a94;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:44:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: MuPLbdSuw6ewMrMTLsut5NgkkVQ35LG-hzPe3ddqxVyh1zUIvt4U_A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:55:22 GMT
age: 24338
etag: "232c8366b1201c7d707528ac8a9d1cc48798ed8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a4d6ee7d459e2a9b742d0dbca932998
eada4a4de40e5035173bb18ee51aacd624b8b169
2e6eef4f452ef3700d4c9d06e8c3bf8999e077e24c332ab4670edd0884839d38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6053
x-amzn-requestid: 5f306311-ac84-4ce2-b9c2-6af31c110062
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bosb-FD5oAMFwJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf44c-61fea28e45516fad0d30cf65;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: fWVlVC6aYC4VUrCTIxXhQ-EDPiPBfbsfLKvxvg44bWZMGpgJup4o8w==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 22:04:00 GMT
age: 23820
etag: "eada4a4de40e5035173bb18ee51aacd624b8b169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2801
Expires: Sun, 12 Mar 2023 05:27:41 GMT
Date: Sun, 12 Mar 2023 04:41:00 GMT
Connection: keep-alive
16673.url.tudown.com/template/company/42xz/js/jquery.js
200 OK 46 kB URL HTTP/1.1 16673.url.tudown.com/template/company/42xz/js/jquery.js
IP
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash 49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be
Analyzer Verdict Alert fortinet Malware
GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:40:59 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Sun, 12 Mar 2023 16:40:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b565592-1bae-4d79-86dd-baeeb085bb87.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b565592-1bae-4d79-86dd-baeeb085bb87.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b9ee37616bfd6b9ea32cf3b5cc0e99d1
f3bef04d42ac024d80fa2362369b70b8ee53f303
b6094b5565ce53ae3cc9de27e73b1b298c6d8f291586a3b1381abaf4fcde788d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b565592-1bae-4d79-86dd-baeeb085bb87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12878
x-amzn-requestid: ba469385-9b22-4184-af1b-aa387f6704ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BoswZE6eIAMFmNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf4cf-547d306479bd9cf561c1c3d8;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bESaCH1yMJQNM8glhoivmK7l1Y9R2ps0R6L8lIzzK7OKfvhx3RYyMA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 22:01:25 GMT
age: 23975
etag: "f3bef04d42ac024d80fa2362369b70b8ee53f303"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
16673.url.tudown.com/uploads/images/380883.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/380883.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/380883.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=533086413,278141973&fm=253&fmt=auto?w=1422&h=800
16673.url.tudown.com/uploads/images/908546.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/908546.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/908546.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3646877785,444889485&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=674
16673.url.tudown.com/uploads/images/401480.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/401480.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/401480.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=4165008900,437747905&fm=253&app=120&f=JPEG?w=1422&h=800
16673.url.tudown.com/uploads/images/568748.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/568748.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/568748.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2245246009,2437869509&fm=253&fmt=auto&app=138&f=JPEG?w=502&h=500
16673.url.tudown.com/uploads/images/257830.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/257830.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/257830.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4115944612,1702036461&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1082
16673.url.tudown.com/uploads/images/723168.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/723168.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/723168.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=900478332,388243367&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708
img2.baidu.com/it/u=1749995119,3862897148&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
200 OK 22 kB URL HTTP/2 img2.baidu.com/it/u=1749995119,3862897148&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4a4ae68179dd2dbfed221926500fedce
2155a303d3a86742f909ea37ca865beea5a9c049
335a76298afc106bf5019c5970ee6d15cc1531b3488a804a0a1518ef829f99ec
GET /it/u=1749995119,3862897148&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 21534
expires: Sun, 19 Mar 2023 02:31:15 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 4a4ae68179dd2dbfed221926500fedce
age: 95902
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 17 Feb 2023 02:31:15 GMT
ohc-cache-hit: lf6ct54 [4], xiangyix54 [2]
ohc-file-size: 21534
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1010581358,2495170477&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=1010581358,2495170477&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 599109198a1ad0c03a3ddd448ca7d908
ea58199a9d1b86777452a73bcc5be96e9260717e
f351306276254f03a21cca27b10dfd4702876e7867b40008370c60c96d42e965
GET /it/u=1010581358,2495170477&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 23396
expires: Fri, 24 Mar 2023 03:26:51 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 599109198a1ad0c03a3ddd448ca7d908
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 22 Feb 2023 03:26:51 GMT
ohc-cache-hit: dy2ct111 [1], qdix111 [4]
ohc-file-size: 23396
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=523733599,27028552&fm=253&fmt=auto&app=120&f=JPEG?w=490&h=692
200 OK 24 kB URL HTTP/1.1 img0.baidu.com/it/u=523733599,27028552&fm=253&fmt=auto&app=120&f=JPEG?w=490&h=692
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 490x692, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ee0f679ee0fbceb5d62f41cb54567e21
b53b3de113f498bd73f0e6a9da739b4a01d4e76f
12bd3bb2ead2bf6512fbbdff70a1ee7b3154956d742b36d426c52dde8920a13d
GET /it/u=523733599,27028552&fm=253&fmt=auto&app=120&f=JPEG?w=490&h=692 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/webp
Content-Length: 24094
Connection: keep-alive
Expires: Wed, 29 Mar 2023 12:21:15 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: ee0f679ee0fbceb5d62f41cb54567e21
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 27 Feb 2023 12:21:15 GMT
Ohc-Cache-HIT: dy2ct69 [1], qdix119 [4]
Ohc-File-Size: 24094
X-Cache-Status: MISS
16673.url.tudown.com/uploads/images/971331.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/971331.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/971331.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=173124348,3216285383&fm=224&app=112&f=JPEG?w=500&h=500
16673.url.tudown.com/uploads/images/590597.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/590597.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/590597.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3185612192,3195202714&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
16673.url.tudown.com/uploads/images/948637.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/948637.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/948637.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3370669976,1949322564&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=643
16673.url.tudown.com/uploads/images/112359.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/112359.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/112359.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3868639163,1646482983&fm=253&fmt=auto&app=138&f=JPEG?w=706&h=440
16673.url.tudown.com/uploads/images/62059.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/62059.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/62059.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2375594883,4090847423&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
t13.baidu.com/it/u=173124348,3216285383&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 51 kB URL HTTP/1.1 t13.baidu.com/it/u=173124348,3216285383&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ce50d5a4828f5c54555ca251ce0eda88
3c552f344943f6df67c01ba60b9e01dbe1920f6e
677a466c37d30a4291ed13f46df88151e1a26599ea703fa073159fdb5b3fffca
GET /it/u=173124348,3216285383&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpeg
Content-Length: 50645
Connection: keep-alive
Expires: Thu, 30 Mar 2023 08:47:45 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: ce50d5a4828f5c54555ca251ce0eda88
Age: 870575
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 28 Feb 2023 08:47:45 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache61 [1], czix197 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 50645
X-Cache-Status: HIT
Timing-Allow-Origin: *
16673.url.tudown.com/uploads/images/804239.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/804239.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/804239.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=597796126,2190243643&fm=224&app=112&f=JPEG?w=500&h=500
img1.baidu.com/it/u=1299408251,3851878406&fm=253&fmt=auto?w=720&h=1280
200 OK 50 kB URL HTTP/2 img1.baidu.com/it/u=1299408251,3851878406&fm=253&fmt=auto?w=720&h=1280
IP
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 720x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2a0c9468fb1872ea6baffac91427bc0
d94fb9c12f4c09c3e2b79e717d004fde17cb1320
c3965c0c20447d7f1ea7da37c017f6330e808aac488ca8c0df74088696ece5b9
GET /it/u=1299408251,3851878406&fm=253&fmt=auto?w=720&h=1280 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 50060
expires: Sun, 02 Apr 2023 14:02:27 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: d2a0c9468fb1872ea6baffac91427bc0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Mar 2023 14:02:27 GMT
ohc-cache-hit: hrb4ct80 [1], csix80 [4]
ohc-file-size: 50060
x-cache-status: MISS
X-Firefox-Spdy: h2
t13.baidu.com/it/u=597796126,2190243643&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 53 kB URL HTTP/1.1 t13.baidu.com/it/u=597796126,2190243643&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash a847e9383fb727ce8c5a2190594e18cb
c74ec435acd19d56c02c07b5cdaed115062e528a
88f0e9742191b9eb36e97eeb25d939aed28f68c737b1e4f1365b1f3351efe071
GET /it/u=597796126,2190243643&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpeg
Content-Length: 52758
Connection: keep-alive
Expires: Wed, 05 Apr 2023 15:02:56 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: a847e9383fb727ce8c5a2190594e18cb
Age: 180816
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 06 Mar 2023 15:02:56 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache52 [1], xiangyix161 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 52758
X-Cache-Status: HIT
Timing-Allow-Origin: *
push.zhanzhang.baidu.com/push.js
200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sun, 12 Mar 2023 04:41:01 GMT
Etag: "4078521116"
Expires: Mon, 11 Mar 2024 04:41:01 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=3EA8EE45CBD6CA424B920CA22256C9B9:FG=1; max-age=31536000; expires=Mon, 11-Mar-24 04:41:01 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
img2.baidu.com/it/u=2326538388,63073338&fm=253&fmt=auto&app=138&f=GIF?w=500&h=623
200 OK 66 kB URL HTTP/2 img2.baidu.com/it/u=2326538388,63073338&fm=253&fmt=auto&app=138&f=GIF?w=500&h=623
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type GIF image data, version 89a, 500 x 623\012- data
Hash b5bf1af0f469b16786ecd960b936c387
3aaea5fdf51df30931cab61c0b3b96cf47c97e86
9047353ae2d60e5329d91cf6dda796784063a60c20d275d3ef91d5ec5e3a3a92
GET /it/u=2326538388,63073338&fm=253&fmt=auto&app=138&f=GIF?w=500&h=623 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/gif
content-length: 65510
expires: Tue, 28 Mar 2023 01:50:18 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b5bf1af0f469b16786ecd960b936c387
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 26 Feb 2023 01:50:18 GMT
ohc-cache-hit: lf6ct53 [1], bdix105 [2]
ohc-file-size: 65510
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4115944612,1702036461&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1082
200 OK 46 kB URL HTTP/2 img0.baidu.com/it/u=4115944612,1702036461&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1082
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1082, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 542cfae21c02d00954cb0f21764832b5
36175ec2a61489a9e255db501a1a179413213191
85460d86422e9e9a60b7151fb2b31e3ac07fb525d1600e73696534924b0038e0
GET /it/u=4115944612,1702036461&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1082 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 45538
expires: Wed, 22 Mar 2023 13:03:50 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 542cfae21c02d00954cb0f21764832b5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 20 Feb 2023 13:03:50 GMT
ohc-cache-hit: dy2ct53 [1], czix187 [2]
ohc-file-size: 45538
x-cache-status: MISS
X-Firefox-Spdy: h2
16673.url.tudown.com/uploads/images/662078.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/662078.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/662078.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3571234216,2395470914&fm=224&app=112&f=JPEG?w=500&h=500
16673.url.tudown.com/uploads/images/572722.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/572722.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/572722.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=766170736,2562625558&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
16673.url.tudown.com/uploads/images/972281.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/972281.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/972281.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=824966451,3979547209&fm=224&app=112&f=JPEG?w=500&h=500
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash d5a9048e5cb832acc58dbb27f7be53bb
fbd7deb5d1b21547c262bc944fc19cc6ee5973fc
5e1f4d9a7c214ab1ba2584966ec2bd63076ec0afdeecad059fc0888258871610
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://16673.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sun, 12 Mar 2023 04:41:01 GMT
Etag: 3f2d66425de2f2f9934ddd5ae403e377
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D504D61260ADF74E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
16673.url.tudown.com/uploads/images/536739.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/536739.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/536739.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1520985007,335320965&fm=224&app=112&f=JPEG?w=500&h=500
16673.url.tudown.com/uploads/images/484473.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/484473.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/484473.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=694008108,500526229&fm=224&app=112&f=JPEG?w=500&h=500
16673.url.tudown.com/template/company/42xz/images/tab_line.png
200 OK 1.2 kB URL HTTP/1.1 16673.url.tudown.com/template/company/42xz/images/tab_line.png
IP
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 190 x 7\012- data
Hash 4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06
GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes
t15.baidu.com/it/u=1520985007,335320965&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 68 kB URL HTTP/1.1 t15.baidu.com/it/u=1520985007,335320965&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5db7394fe5d767edea24052456b9d826
c405cf0459b6e1058ae145423a946afb56bba008
98ac3a2c53ea6b2ded9ad5d4cb48a07019ff6434b19fffda5b5d6c00c0e9cddd
GET /it/u=1520985007,335320965&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpeg
Content-Length: 68214
Connection: keep-alive
Expires: Mon, 03 Apr 2023 07:54:58 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 5db7394fe5d767edea24052456b9d826
Age: 679563
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 04 Mar 2023 07:54:58 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [4], zhuzuncache55 [1], csix96 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 68214
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=533086413,278141973&fm=253&fmt=auto?w=1422&h=800
200 OK 98 kB URL HTTP/2 img1.baidu.com/it/u=533086413,278141973&fm=253&fmt=auto?w=1422&h=800
IP
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 425798335e4902e9834fb4e9e38f08f5
9b413a421ffd6ed2f1b826010a4d54c7c4f7dd2a
83124a0c9bdf130313be9797efbc33e30657dffa41ad7affc85fa27a2db265a2
GET /it/u=533086413,278141973&fm=253&fmt=auto?w=1422&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 98510
expires: Sun, 19 Mar 2023 06:31:33 GMT
last-modified: Mon, 12 Jan 1970 00:00:00 GMT
etag: 425798335e4902e9834fb4e9e38f08f5
age: 56827
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 17 Feb 2023 06:31:33 GMT
ohc-cache-hit: hrb4ct58 [4], suzix58 [4]
ohc-file-size: 98510
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3646877785,444889485&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=674
200 OK 30 kB URL HTTP/2 img2.baidu.com/it/u=3646877785,444889485&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=674
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x674, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52be129353c555fa5a494c0f62719696
b7327573285bb9fbdde4c75a2bd91cf8d931f4f5
08eea9d6c15a85569a05c0009ea235dc28671391a1dd883152cb150c49cdc172
GET /it/u=3646877785,444889485&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=674 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 29810
expires: Sun, 09 Apr 2023 13:10:04 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 52be129353c555fa5a494c0f62719696
age: 97797
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 10 Mar 2023 13:10:04 GMT
ohc-cache-hit: lf6ct85 [4], csix90 [4]
ohc-file-size: 29810
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=824966451,3979547209&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 31 kB URL HTTP/1.1 t15.baidu.com/it/u=824966451,3979547209&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0c9cbe93c93e164af754b01ad4f68815
4ea20cb38716aaa91284646292a1ea9a1b5d08e5
595f4e240edea28cb7dec7bd3ee6ac66d84c54e19ab63cf723b8ab82579be7a6
GET /it/u=824966451,3979547209&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpeg
Content-Length: 30880
Connection: keep-alive
Expires: Wed, 15 Mar 2023 13:42:25 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 0c9cbe93c93e164af754b01ad4f68815
Age: 2258351
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 13 Feb 2023 13:42:25 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache60 [1], xiangyix144 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 30880
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=900478332,388243367&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708
200 OK 20 kB URL HTTP/2 img2.baidu.com/it/u=900478332,388243367&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x708, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be81e40dbe5210a4ffc7aeff13d87cff
6721fa5d4de9788c508a38187bb295be8d4dd737
a0531468c494f69cf95f766a9ad516a3bfc0473e2084406bbd09ff9743a0037a
GET /it/u=900478332,388243367&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 19756
expires: Wed, 22 Mar 2023 13:53:03 GMT
last-modified: Mon, 12 Jan 1970 00:00:00 GMT
etag: be81e40dbe5210a4ffc7aeff13d87cff
age: 770518
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 20 Feb 2023 13:53:03 GMT
ohc-cache-hit: lf6ct60 [4], xaix60 [4]
ohc-file-size: 19756
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g3
200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
Hash bdc882e864fdc9a41d121cb9bc0345ac
9622b308538ed40cf830a6d8ec76345f0a8a00a4
4d867db4c8554e28ade466780a94c3ad1297e19c1459089a0b2223893776ddc2
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Thu, 16 Mar 2023 01:36:40 GMT
ETag: "9622b308538ed40cf830a6d8ec76345f0a8a00a4"
Last-Modified: Sun, 12 Mar 2023 01:36:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2987
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a695ccb4b9ab4ee-OSL
img0.baidu.com/it/u=2968958125,1640617454&fm=253&fmt=auto?w=1280&h=800
200 OK 51 kB URL HTTP/2 img0.baidu.com/it/u=2968958125,1640617454&fm=253&fmt=auto?w=1280&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ffaf3f25bcc613fc1a7d72dbc4987311
aa63a937ab38ed27de33715a0144dfb314728355
642353541b3a3e215024a44fef740d491e88a53719cec5558ec58e1a703ae8cc
GET /it/u=2968958125,1640617454&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 50684
expires: Wed, 22 Mar 2023 09:04:30 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: ffaf3f25bcc613fc1a7d72dbc4987311
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 20 Feb 2023 09:04:30 GMT
ohc-cache-hit: dy2ct72 [1], bdix173 [2]
ohc-file-size: 50684
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3370669976,1949322564&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=643
200 OK 29 kB URL HTTP/2 img0.baidu.com/it/u=3370669976,1949322564&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=643
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x643, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 339f846ab388fc6fe3135a2fed101519
079dc51e0887110b3d23df0449685f48fdb3b8a7
f838a46e2d54a831ce8a69f81ca7f5f643a53b2a2c1482223cd8fd4961be2e66
GET /it/u=3370669976,1949322564&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=643 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 29042
expires: Sun, 09 Apr 2023 06:25:58 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 339f846ab388fc6fe3135a2fed101519
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 10 Mar 2023 06:25:58 GMT
ohc-cache-hit: dy2ct72 [1], csix72 [4]
ohc-file-size: 29042
x-cache-status: MISS
X-Firefox-Spdy: h2
16673.url.tudown.com/template/company/42xz/images/dian1.png
200 OK 1.1 kB URL HTTP/1.1 16673.url.tudown.com/template/company/42xz/images/dian1.png
IP
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685
GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes
16673.url.tudown.com/template/company/42xz/images/dian2.png
200 OK 1.1 kB URL HTTP/1.1 16673.url.tudown.com/template/company/42xz/images/dian2.png
IP
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash 3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1
GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes
img1.baidu.com/it/u=2245246009,2437869509&fm=253&fmt=auto&app=138&f=JPEG?w=502&h=500
200 OK 25 kB URL HTTP/2 img1.baidu.com/it/u=2245246009,2437869509&fm=253&fmt=auto&app=138&f=JPEG?w=502&h=500
IP
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 502x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 60f2817916b550e059a2acd8261d221d
ecad4910b35860a82a43a2d864dff93aac297ca3
0cf80cb0fcf742150e1e0cb35f6d74820a6f69e3261b058b037a0afb4684b898
GET /it/u=2245246009,2437869509&fm=253&fmt=auto&app=138&f=JPEG?w=502&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 25388
expires: Fri, 24 Mar 2023 05:11:18 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 60f2817916b550e059a2acd8261d221d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 22 Feb 2023 05:11:18 GMT
ohc-cache-hit: hrb4ct59 [1], qdix190 [4]
ohc-file-size: 25388
x-cache-status: MISS
X-Firefox-Spdy: h2
16673.url.tudown.com/uploads/images/959969.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/959969.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/959969.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2899578813,414229294&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
img0.baidu.com/it/u=766170736,2562625558&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
200 OK 4.9 kB URL HTTP/2 img0.baidu.com/it/u=766170736,2562625558&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50dd0a8fdee5649a0a002a5681af1721
96b0af684909459ee4283b9e6ab7bb3ae7828ca1
ae47fa798ef182fc9c07a30b8a5545d4ce3024d6dfb7b0e0ffe5a9c60c03cadd
GET /it/u=766170736,2562625558&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 4896
expires: Tue, 14 Mar 2023 10:46:36 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 50dd0a8fdee5649a0a002a5681af1721
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 12 Feb 2023 10:46:36 GMT
ohc-cache-hit: dy2ct72 [1], wzix72 [4]
ohc-file-size: 4896
x-cache-status: MISS
X-Firefox-Spdy: h2
16673.url.tudown.com/uploads/images/546873.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/546873.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/546873.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=107646285,3674357575&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
img1.baidu.com/it/u=3185612192,3195202714&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
200 OK 30 kB URL HTTP/2 img1.baidu.com/it/u=3185612192,3195202714&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
IP
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 514dd44e893426fefac64b27d14be18d
8e60c7e16dd8f886e025c539132ddbfebb1fb6bc
8990ab699c199dcd5a521c35c44adcf281c26e7a58d7129991bde06699e6f684
GET /it/u=3185612192,3195202714&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 29722
expires: Wed, 22 Mar 2023 08:45:38 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 514dd44e893426fefac64b27d14be18d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 20 Feb 2023 08:45:38 GMT
ohc-cache-hit: hrb4ct69 [1], suzix168 [4]
ohc-file-size: 29722
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=694008108,500526229&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 56 kB URL HTTP/1.1 t15.baidu.com/it/u=694008108,500526229&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b3a9d1a7109a8aa34130ebaed3ffaad0
9236a70d4e77967475185f9ded760c46962b2271
5c6de35ea8e41be3e3f288e1abdeb12153c1704c2492680e1eadde00c36284c6
GET /it/u=694008108,500526229&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpeg
Content-Length: 56193
Connection: keep-alive
Expires: Fri, 24 Mar 2023 22:06:34 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: b3a9d1a7109a8aa34130ebaed3ffaad0
Age: 1385885
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 22 Feb 2023 22:06:34 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache55 [1], qdix177 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 56193
X-Cache-Status: HIT
Timing-Allow-Origin: *
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=201560900&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=48108&r=0&ww=1280&u=http%3A%2F%2F16673.url.tudown.com%2Fdown%2F%25E7%2594%25B5%25E5%25AD%2590%25E5%258D%25B0%25E7%25AB%25A0%25E7%2594%259F%25E6%2588%2590%25E5%2599%25A8%40133_27715.exe&tt=j%E6%AF%94%E8%B5%9B%E6%8D%95%E9%B1%BC%E5%8D%83%E7%82%AE%E6%8D%95%E9%B1%BC%E9%92%BB%E7%9F%B3v1.7%E7%89%88-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=201560900&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=48108&r=0&ww=1280&u=http%3A%2F%2F16673.url.tudown.com%2Fdown%2F%25E7%2594%25B5%25E5%25AD%2590%25E5%258D%25B0%25E7%25AB%25A0%25E7%2594%259F%25E6%2588%2590%25E5%2599%25A8%40133_27715.exe&tt=j%E6%AF%94%E8%B5%9B%E6%8D%95%E9%B1%BC%E5%8D%83%E7%82%AE%E6%8D%95%E9%B1%BC%E9%92%BB%E7%9F%B3v1.7%E7%89%88-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=201560900&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=48108&r=0&ww=1280&u=http%3A%2F%2F16673.url.tudown.com%2Fdown%2F%25E7%2594%25B5%25E5%25AD%2590%25E5%258D%25B0%25E7%25AB%25A0%25E7%2594%259F%25E6%2588%2590%25E5%2599%25A8%40133_27715.exe&tt=j%E6%AF%94%E8%B5%9B%E6%8D%95%E9%B1%BC%E5%8D%83%E7%82%AE%E6%8D%95%E9%B1%BC%E9%92%BB%E7%9F%B3v1.7%E7%89%88-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://16673.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 12 Mar 2023 04:41:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=BBAE7156AFA216B7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img1.baidu.com/it/u=3868639163,1646482983&fm=253&fmt=auto&app=138&f=JPEG?w=706&h=440
200 OK 32 kB URL HTTP/2 img1.baidu.com/it/u=3868639163,1646482983&fm=253&fmt=auto&app=138&f=JPEG?w=706&h=440
IP
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 706x440, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 803514b3843e3eac93507792fa878add
43d878f0d4c716c00b4439127810bd4c186d0507
316b9efb2b731845174f25d34d0f22de9fe76c970cc761eb835b56acf4473d4e
GET /it/u=3868639163,1646482983&fm=253&fmt=auto&app=138&f=JPEG?w=706&h=440 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 31498
expires: Mon, 10 Apr 2023 03:28:43 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 803514b3843e3eac93507792fa878add
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 11 Mar 2023 03:28:43 GMT
ohc-cache-hit: hrb4ct66 [1], wzix103 [2]
ohc-file-size: 31498
x-cache-status: MISS
X-Firefox-Spdy: h2
16673.url.tudown.com/uploads/images/880438.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/880438.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/880438.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2734648046,4170426856&fm=253&fmt=auto&app=120&f=JPEG?w=690&h=826
16673.url.tudown.com/uploads/images/661704.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/661704.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/661704.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img1.baidu.com/it/u=2375594883,4090847423&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=2375594883,4090847423&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224
IP
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 224x224, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 09263d2eb516ae2ad92df78c9f7df9a3
c21744202ea82d5f8d2918a02ef36fd20b8a90cb
8400171f6d49dfb7fa8ae41201263f751c760ecf073743bd61846e43d330fb17
GET /it/u=2375594883,4090847423&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=224 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 13920
expires: Fri, 31 Mar 2023 07:51:03 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 09263d2eb516ae2ad92df78c9f7df9a3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Mar 2023 07:51:03 GMT
ohc-cache-hit: hrb4ct58 [1], xiangyix214 [4]
ohc-file-size: 13920
x-cache-status: MISS
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
IP
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sun, 12 Mar 2023 04:41:02 GMT
t14.baidu.com/it/u=3571234216,2395470914&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 69 kB URL HTTP/1.1 t14.baidu.com/it/u=3571234216,2395470914&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 9d02d601a33ed5cc26c95ac66be3ea15
0c4747a8c898a404e5d7c19e00413f04405b27f9
7706f7f57e2335f188b32e77cb38f2a7ca13153bd9d904114145ac6938537564
GET /it/u=3571234216,2395470914&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpeg
Content-Length: 69182
Connection: keep-alive
Expires: Wed, 05 Apr 2023 07:43:01 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 9d02d601a33ed5cc26c95ac66be3ea15
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 06 Mar 2023 07:43:01 GMT
Ohc-Upstream-Trace: 122.228.213.71; 58.20.204.60
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache60 [1], wzix71 [4]
Ohc-Response-Time: 1 0 0 1 362 363
Ohc-File-Size: 69182
X-Cache-Status: MISS
Timing-Allow-Origin: *
img2.baidu.com/it/u=1591157932,750484157&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
200 OK 124 kB URL HTTP/2 img2.baidu.com/it/u=1591157932,750484157&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 124 kB (124358 bytes)
Hash 33ecd0e4d75e96c65ccd4a6ac4dccbb5
effcb4da0f07ca03a32296c9dd719d615c5a2acd
f61e53234a53a047239ce405c46bb87a4c87240277a09cf79db5464e0f6ebfdf
GET /it/u=1591157932,750484157&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 124358
expires: Fri, 24 Mar 2023 06:52:46 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 33ecd0e4d75e96c65ccd4a6ac4dccbb5
age: 833053
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 22 Feb 2023 06:52:46 GMT
ohc-cache-hit: lf6ct87 [4], wzix91 [4]
ohc-file-size: 124358
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4165008900,437747905&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 145 kB URL HTTP/1.1 img2.baidu.com/it/u=4165008900,437747905&fm=253&app=120&f=JPEG?w=1422&h=800
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", Exif Standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, software=ACD Systems \346\225\260\347\240\201\346\210\220\345\203\217, datetime=2015:12:26 19:43:56], baseline, precision 8, 1422x800, components 3\012- data
Size 145 kB (145338 bytes)
Hash e17eacaa97bf1c801a972c97ff645fcc
d3cd07e931d7ae002a1751327643f907bf586b87
104b1281acc4e3eb941653bf20d728c4cf94848849074210fdfcda579faaa60e
GET /it/u=4165008900,437747905&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:01 GMT
Content-Type: image/jpeg
Content-Length: 145338
Connection: keep-alive
Expires: Sat, 25 Mar 2023 07:00:37 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: e17eacaa97bf1c801a972c97ff645fcc
Age: 91442
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 23 Feb 2023 07:00:37 GMT
Ohc-Cache-HIT: lf6ct71 [4], suzix150 [2]
Ohc-File-Size: 145338
X-Cache-Status: HIT
img2.baidu.com/it/u=940759936,3498583668&fm=253&fmt=auto&app=138&f=PNG?w=889&h=500
200 OK 108 kB URL HTTP/2 img2.baidu.com/it/u=940759936,3498583668&fm=253&fmt=auto&app=138&f=PNG?w=889&h=500
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image\012- data
Size 108 kB (107722 bytes)
Hash 031b7f5eb5158c943ad7fa9f63b5f548
0b4dcca7bd0b1be09a8b5f32ce09fdad6e8e20ba
0216a0e6fdeb2f11ab5e3f85c65958a87156847faa7554db346fde7208bf6895
GET /it/u=940759936,3498583668&fm=253&fmt=auto&app=138&f=PNG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:01 GMT
content-type: image/webp
content-length: 107722
expires: Mon, 20 Mar 2023 13:07:32 GMT
last-modified: Mon, 12 Jan 1970 00:00:00 GMT
etag: 031b7f5eb5158c943ad7fa9f63b5f548
age: 173702
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 18 Feb 2023 13:07:32 GMT
ohc-cache-hit: lf6ct59 [4], bdix239 [2]
ohc-file-size: 107722
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3132461867,4194635543&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=666
200 OK 23 kB URL HTTP/2 img1.baidu.com/it/u=3132461867,4194635543&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=666
IP
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x666, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 502cbbc85de55ba4760e4529729531dc
3e8de360003fb2b42122414033fbccdaf40bf4be
b25035ac8007b611ffc2e904f58aefdcd3e5d04c49963412f09de542fe0d15a8
GET /it/u=3132461867,4194635543&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=666 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:02 GMT
content-type: image/webp
content-length: 22618
expires: Sun, 12 Mar 2023 11:00:25 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 502cbbc85de55ba4760e4529729531dc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 10 Feb 2023 11:00:25 GMT
ohc-cache-hit: hrb4ct63 [1], suzix103 [4]
ohc-file-size: 22618
x-cache-status: MISS
X-Firefox-Spdy: h2
16673.url.tudown.com/uploads/images/313140.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/313140.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/313140.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1777944571,2985575495&fm=224&app=112&f=JPEG?w=500&h=500
16673.url.tudown.com/uploads/images/810987.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/810987.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/810987.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=788583992,2406869961&fm=253&fmt=auto?w=630&h=419
16673.url.tudown.com/uploads/images/154238.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/154238.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/154238.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3573399889,429727633&fm=253&app=120&f=JPEG?w=1280&h=800
16673.url.tudown.com/uploads/images/449414.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/449414.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/449414.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=653671890,3487319273&fm=253&fmt=auto&app=138&f=JPEG?w=803&h=500
img2.baidu.com/it/u=2899578813,414229294&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
200 OK 48 kB URL HTTP/2 img2.baidu.com/it/u=2899578813,414229294&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 138eef87eed7282667430b22431e7ed1
be36289d64dd62252308d24155c46f4da05aa88d
8d15ed222b3f0a1f5a450cda78c9c6365744fb277c7b47ba39dbf5130dba6a99
GET /it/u=2899578813,414229294&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:02 GMT
content-type: image/webp
content-length: 48274
expires: Sat, 01 Apr 2023 12:03:08 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 138eef87eed7282667430b22431e7ed1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Mar 2023 12:03:08 GMT
ohc-cache-hit: lf6ct60 [1], wzix105 [4]
ohc-file-size: 48274
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=107646285,3674357575&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
200 OK 32 kB URL HTTP/2 img2.baidu.com/it/u=107646285,3674357575&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 82ac8f02062d9fde976030aeb649f8d2
8e96930792eff5a6baa4c3c94cb56b298aa7411d
01978048ffdac3827a52b1d004651733066a6d796e53953250b32448fae47b86
GET /it/u=107646285,3674357575&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:02 GMT
content-type: image/webp
content-length: 32294
expires: Fri, 07 Apr 2023 03:58:31 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 82ac8f02062d9fde976030aeb649f8d2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 08 Mar 2023 03:58:31 GMT
ohc-cache-hit: lf6ct78 [1], czix130 [4]
ohc-file-size: 32294
x-cache-status: MISS
X-Firefox-Spdy: h2
16673.url.tudown.com/uploads/images/344613.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/344613.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/344613.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1237450180,4033918051&fm=224&app=112&f=JPEG?w=500&h=500&s=27E0DC4B841A15D41908609203008092
16673.url.tudown.com/uploads/images/633656.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/633656.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/633656.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1929528641,2097156119&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
200 OK 20 B URL HTTP/2 s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://16673.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Sun, 12 Mar 2023 04:15:01 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sun, 12 Mar 2023 04:15:01 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1678594502
via: cache9.l2cn3071[63,63,200-0,M], cache74.l2cn3071[64,0], cache6.cn3263[0,0,200-0,H], cache14.cn3263[1,0]
age: 1560
x-cache: HIT TCP_MEM_HIT dirn:1:372344856
x-swift-savetime: Sun, 12 Mar 2023 04:15:02 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 6a77c12216785960623794518e
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2734648046,4170426856&fm=253&fmt=auto&app=120&f=JPEG?w=690&h=826
200 OK 31 kB URL HTTP/2 img0.baidu.com/it/u=2734648046,4170426856&fm=253&fmt=auto&app=120&f=JPEG?w=690&h=826
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 690x826, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a86d633dde9cc3496389eab02bcbfb80
eaaf8c00bb907d2fe3f9b8c8423851df70b70364
20d701d2bcf9fdcba8acf1707bf8ec60cb3474fb4b6eb098c43b3b5eb2a24cae
GET /it/u=2734648046,4170426856&fm=253&fmt=auto&app=120&f=JPEG?w=690&h=826 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:02 GMT
content-type: image/webp
content-length: 31106
expires: Mon, 03 Apr 2023 02:14:00 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: a86d633dde9cc3496389eab02bcbfb80
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Mar 2023 02:14:00 GMT
ohc-cache-hit: dy2ct53 [1], csix53 [4]
ohc-file-size: 31106
x-cache-status: MISS
X-Firefox-Spdy: h2
16673.url.tudown.com/uploads/images/93295.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/93295.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/93295.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=606166360,4004582932&fm=253&fmt=auto&app=138&f=JPEG?w=527&h=500
16673.url.tudown.com/uploads/images/942734.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/942734.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/942734.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3355432766,2094542674&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=1422
img0.baidu.com/it/u=788583992,2406869961&fm=253&fmt=auto?w=630&h=419
200 OK 25 kB URL HTTP/2 img0.baidu.com/it/u=788583992,2406869961&fm=253&fmt=auto?w=630&h=419
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 630x419, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec8df1494eabd4fff93fcf9f7622dc00
8342996cd6752613746eb7a70352fe3bae0da145
bf5ceb849d2c6f8299cab1754dcb5e1c1bf1e2111e103a1315efdc4ce6d44ff5
GET /it/u=788583992,2406869961&fm=253&fmt=auto?w=630&h=419 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:02 GMT
content-type: image/webp
content-length: 25318
expires: Thu, 06 Apr 2023 04:13:30 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: ec8df1494eabd4fff93fcf9f7622dc00
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 07 Mar 2023 04:13:30 GMT
ohc-cache-hit: dy2ct77 [1], bdix234 [4]
ohc-file-size: 25318
x-cache-status: MISS
X-Firefox-Spdy: h2
16673.url.tudown.com/uploads/images/186240.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/186240.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/186240.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2004284596,3027823232&fm=224&app=112&f=JPEG?w=500&h=500
16673.url.tudown.com/uploads/images/894080.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/894080.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/894080.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3609227450,3668522170&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
t14.baidu.com/it/u=1777944571,2985575495&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 36 kB URL HTTP/1.1 t14.baidu.com/it/u=1777944571,2985575495&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c7047b7063d34564474c70fa510e962e
1123739cc679675a5ad77f9acfbaf72c1dbf991b
a77cfe489a1fc33c3c970c206d1e3718ba2ae94f514fcd13ac92d3709e5a6ee7
GET /it/u=1777944571,2985575495&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpeg
Content-Length: 35824
Connection: keep-alive
Expires: Wed, 05 Apr 2023 07:34:46 GMT
Last-Modified: Fri, 16 Jan 1970 00:00:00 GMT
ETag: c7047b7063d34564474c70fa510e962e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 06 Mar 2023 07:34:46 GMT
Ohc-Upstream-Trace: 121.228.171.210; 58.20.204.57
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache57 [1], suzix210 [4]
Ohc-Response-Time: 1 0 0 0 357 357
Ohc-File-Size: 35824
X-Cache-Status: MISS
Timing-Allow-Origin: *
t13.baidu.com/it/u=2004284596,3027823232&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 47 kB URL HTTP/1.1 t13.baidu.com/it/u=2004284596,3027823232&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash da474e3d0fb4c1e0c07cf9aa787e9cf3
dd9c594693ab7c1d52d9ef08422ba2054178d52b
c017dcd7e1cb77c9bc782208973da607ad5841528d4c0d7e913f46b7c8790eab
GET /it/u=2004284596,3027823232&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpeg
Content-Length: 46737
Connection: keep-alive
Expires: Sun, 02 Apr 2023 12:27:36 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: da474e3d0fb4c1e0c07cf9aa787e9cf3
Age: 450
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 03 Mar 2023 12:27:35 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache51 [1], xiangyix87 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 46737
X-Cache-Status: HIT
Timing-Allow-Origin: *
16673.url.tudown.com/uploads/images/531958.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/531958.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/531958.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3866076812,2318234353&fm=253&app=120&f=JPEG?w=1422&h=800
16673.url.tudown.com/uploads/images/804707.jpg
301 Moved Permanently 0 B URL HTTP/1.1 16673.url.tudown.com/uploads/images/804707.jpg
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/804707.jpg HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500
200 OK 64 kB URL HTTP/1.1 t13.baidu.com/it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 23ff52a9180ce32c627976178f696784
01ad874431bdf6adf60395117e5065b2687571a4
4e03acbe003d62ed6d3817a0d6c4891e3c434a908af3fcc8e1a35209c1dafaaf
GET /it/u=1413665729,950515299&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpeg
Content-Length: 63836
Connection: keep-alive
Expires: Wed, 05 Apr 2023 07:40:50 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 23ff52a9180ce32c627976178f696784
Age: 344492
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 06 Mar 2023 07:40:49 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache60 [1], xaix194 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 63836
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1237450180,4033918051&fm=224&app=112&f=JPEG?w=500&h=500&s=27E0DC4B841A15D41908609203008092
200 OK 31 kB URL HTTP/1.1 t14.baidu.com/it/u=1237450180,4033918051&fm=224&app=112&f=JPEG?w=500&h=500&s=27E0DC4B841A15D41908609203008092
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 77cb6e76f076d6822a34a33ae7fcbdfd
926b7542b36a5360abf11b34fd2d6f91fa269447
eecc9c2930db8cc9645962e1c15f0212083fe81b45020307647bd7b800429f1e
GET /it/u=1237450180,4033918051&fm=224&app=112&f=JPEG?w=500&h=500&s=27E0DC4B841A15D41908609203008092 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:02 GMT
Content-Type: image/jpeg
Content-Length: 30795
Connection: keep-alive
Expires: Sat, 01 Apr 2023 04:46:22 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 77cb6e76f076d6822a34a33ae7fcbdfd
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Mar 2023 04:46:22 GMT
Ohc-Upstream-Trace: 111.177.6.181; 58.20.204.60
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache60 [1], xiangyix181 [4]
Ohc-Response-Time: 1 0 0 0 364 365
Ohc-File-Size: 30795
X-Cache-Status: MISS
Timing-Allow-Origin: *
img0.baidu.com/it/u=3609227450,3668522170&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
200 OK 10 kB URL HTTP/2 img0.baidu.com/it/u=3609227450,3668522170&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f1a89e025946cf44e83e1e0eff2f38b9
e149fa6e9357a96e2ddc2e4abda46ea91ecee09b
09dc7b016640f3849202cec8b9a0a42e16f96916151ed45093276218a7f3a384
GET /it/u=3609227450,3668522170&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:02 GMT
content-type: image/webp
content-length: 10274
expires: Tue, 14 Mar 2023 04:18:08 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: f1a89e025946cf44e83e1e0eff2f38b9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 12 Feb 2023 04:18:08 GMT
ohc-cache-hit: dy2ct51 [1], xiangyix224 [4]
ohc-file-size: 10274
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=606166360,4004582932&fm=253&fmt=auto&app=138&f=JPEG?w=527&h=500
200 OK 9.3 kB URL HTTP/2 img2.baidu.com/it/u=606166360,4004582932&fm=253&fmt=auto&app=138&f=JPEG?w=527&h=500
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 527x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 487abf66c5bbad6fa8412bceb368ce2b
043e86bd2ac27480f523e1523efe5f56714523d2
606ccb422715b3a9414f9f2e0777046a222895dbf1628f0670695cb9bc7c936c
GET /it/u=606166360,4004582932&fm=253&fmt=auto&app=138&f=JPEG?w=527&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:02 GMT
content-type: image/webp
content-length: 9260
expires: Fri, 17 Mar 2023 02:38:08 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 487abf66c5bbad6fa8412bceb368ce2b
age: 183191
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 15 Feb 2023 02:38:08 GMT
ohc-cache-hit: lf6ct60 [4], qdix197 [2]
ohc-file-size: 9260
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3355432766,2094542674&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=1422
200 OK 28 kB URL HTTP/2 img2.baidu.com/it/u=3355432766,2094542674&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=1422
IP
ASN #58539 Langfang,Hebei province, P.R.China
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x1422, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7db4dc410f2945cd6a732bde410c27d0
fbfe7e791088ab4f7d6bb058228edf2b66cf5a8d
8e8002f9f5a01640b714d6d53b1f8515f6291930c87af8560b0d7f7d7fead9d5
GET /it/u=3355432766,2094542674&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=1422 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:02 GMT
content-type: image/webp
content-length: 27812
expires: Sat, 01 Apr 2023 04:59:04 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 7db4dc410f2945cd6a732bde410c27d0
age: 21
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Mar 2023 04:59:04 GMT
ohc-cache-hit: lf6ct82 [2], bdix246 [2]
ohc-file-size: 27812
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3573399889,429727633&fm=253&app=120&f=JPEG?w=1280&h=800
200 OK 70 kB URL HTTP/1.1 img1.baidu.com/it/u=3573399889,429727633&fm=253&app=120&f=JPEG?w=1280&h=800
IP
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash bf6edf828a6fa6f4652311b38c40c2e6
46c767283f07350be1a2f9a3598ec939cb470c21
30054450e1b9ae3ec043958c2ec4c120bfbea0cb06fe3b7ee73ba6c85420a9f2
GET /it/u=3573399889,429727633&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:03 GMT
Content-Type: image/jpeg
Content-Length: 70494
Connection: keep-alive
Expires: Mon, 13 Mar 2023 16:00:40 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: bf6edf828a6fa6f4652311b38c40c2e6
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 11 Feb 2023 16:00:40 GMT
Ohc-Cache-HIT: nt2ct71 [1], xiangyix141 [2]
Ohc-File-Size: 70494
X-Cache-Status: MISS
img1.baidu.com/it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
200 OK 38 kB URL HTTP/2 img1.baidu.com/it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66ada9292d240b59d68b307647bd49fa
9fa61a1d9bfaf0dbd4b878a24ef0fa2e0c2c9367
d591e5bfca293eb899821a18de26e06a1c00365055e95dc3c30362ce7d60c36a
GET /it/u=3489858004,588994262&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:03 GMT
content-type: image/webp
content-length: 38406
expires: Sat, 25 Mar 2023 10:28:55 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 66ada9292d240b59d68b307647bd49fa
age: 56154
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 23 Feb 2023 10:28:55 GMT
ohc-cache-hit: hrb4ct86 [4], xiangyix86 [2]
ohc-file-size: 38406
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=653671890,3487319273&fm=253&fmt=auto&app=138&f=JPEG?w=803&h=500
200 OK 51 kB URL HTTP/2 img1.baidu.com/it/u=653671890,3487319273&fm=253&fmt=auto&app=138&f=JPEG?w=803&h=500
IP
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 803x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e354065101cda681a41e067557e1c28d
df2f6cb278e4251d8897efb63a5c2332ae7b4cee
53c210b3a2a82cc0760a625aeaa69cc3b2032ab2b0875ffe732064bf8afbcc8f
GET /it/u=653671890,3487319273&fm=253&fmt=auto&app=138&f=JPEG?w=803&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:03 GMT
content-type: image/webp
content-length: 51218
expires: Mon, 20 Mar 2023 13:20:33 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: e354065101cda681a41e067557e1c28d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 18 Feb 2023 13:20:33 GMT
ohc-cache-hit: hrb4ct57 [1], xaix220 [4]
ohc-file-size: 51218
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1929528641,2097156119&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=1929528641,2097156119&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
ASN #137698 HaerbingHeilongjiang Province, P.R.China.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b317c6a479a60ca9190e373f835bc0fc
7bb08821128531086bc256c3cf49dffb44c5da3d
b619b4576f7cde7b5d5d9c16b4b3a59d3ba776979fcb25bc44ee307fdf2e8feb
GET /it/u=1929528641,2097156119&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://16673.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sun, 12 Mar 2023 04:41:03 GMT
content-type: image/webp
content-length: 14682
expires: Wed, 05 Apr 2023 09:03:15 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: b317c6a479a60ca9190e373f835bc0fc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 06 Mar 2023 09:03:15 GMT
ohc-cache-hit: hrb4ct72 [1], xaix100 [4]
ohc-file-size: 14682
x-cache-status: MISS
X-Firefox-Spdy: h2
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
200 OK 117 B URL HTTP/1.1 js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP
ASN #55992 Beijing Qihu Technology Company Limited
File type HTML document, ASCII text, with no line terminators
Hash 807bb08bf1c51aaff763edb0f02719ef
6e089da63e5751494b32d77031df30ec3c8be067
7eb411ad7be2e6af85645f2a2b6401bf6085fe4e0436d004f33710bb84a7be4e
GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/
HTTP/1.1 200 OK
Date: Sun, 12 Mar 2023 04:41:03 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Sun, 12 Mar 2023 04:51:03 GMT
KCS-Via: HIT from w-fc02.hkht;REVALIDATED from w-sc01.hkht
Content-Encoding: gzip
img0.baidu.com/it/u=3866076812,2318234353&fm=253&app=120&f=JPEG?w=1422&h=800
200 OK 199 kB URL HTTP/1.1 img0.baidu.com/it/u=3866076812,2318234353&fm=253&app=120&f=JPEG?w=1422&h=800
IP
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 199 kB (198813 bytes)
Hash cf56643476ccaacf4b5c65c59ac2baad
f9acfb0d3ddec10794ff4970da9a53c01ffbcc95
939c99e3bdf93fe9a604e6bbc7361e586000cb11d02c5e1a0e3f56764e363402
GET /it/u=3866076812,2318234353&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://16673.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sun, 12 Mar 2023 04:41:03 GMT
Content-Type: image/jpeg
Content-Length: 198813
Connection: keep-alive
Expires: Mon, 13 Mar 2023 11:10:37 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: cf56643476ccaacf4b5c65c59ac2baad
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 11 Feb 2023 11:10:37 GMT
Ohc-Cache-HIT: dy2ct104 [2], czix169 [2]
Ohc-File-Size: 198813
X-Cache-Status: MISS
s6.qhres2.com/static/ab77b6ea7f3fbf79.js
200 OK 478 B URL HTTP/1.1 s6.qhres2.com/static/ab77b6ea7f3fbf79.js
IP
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s6.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0blmJUvdHdqd_ipMmXcCTrtbTOPu5PQxLUtIAwJ5_zXhaN2Ne_vZRw==
Age: 14439159
16673.url.tudown.com/favicon.ico
200 OK 0 B URL HTTP/1.1 16673.url.tudown.com/favicon.ico
IP
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 16673.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/down/%E7%94%B5%E5%AD%90%E5%8D%B0%E7%AB%A0%E7%94%9F%E6%88%90%E5%99%A8@133_27715.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1678596063; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1678596063
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 12 Mar 2023 04:41:04 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
s.360.cn/so/zz.gif?url=http%3A%2F%2F16673.url.tudown.com%2Fdown%2F%25E7%2594%25B5%25E5%25AD%2590%25E5%258D%25B0%25E7%25AB%25A0%25E7%2594%259F%25E6%2588%2590%25E5%2599%25A8%40133_27715.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a521671702e_33a391b@980A
200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F16673.url.tudown.com%2Fdown%2F%25E7%2594%25B5%25E5%25AD%2590%25E5%258D%25B0%25E7%25AB%25A0%25E7%2594%259F%25E6%2588%2590%25E5%2599%25A8%40133_27715.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a521671702e_33a391b@980A
IP
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F16673.url.tudown.com%2Fdown%2F%25E7%2594%25B5%25E5%25AD%2590%25E5%258D%25B0%25E7%25AB%25A0%25E7%2594%259F%25E6%2588%2590%25E5%2599%25A8%40133_27715.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a521671702e_33a391b@980A HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://16673.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sun, 12 Mar 2023 04:41:05 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Fri, 27 Jul 2018 07:11:20 GMT
Connection: keep-alive
ETag: "5b5ac598-0"
Accept-Ranges: bytes
168.206.200.52
180.163.251.230
103.235.46.191
104.18.21.226
23.36.77.32