r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8305
Expires: Thu, 12 Jan 2023 00:36:50 GMT
Date: Wed, 11 Jan 2023 22:18:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2780
Expires: Wed, 11 Jan 2023 23:04:45 GMT
Date: Wed, 11 Jan 2023 22:18:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 21:41:50 GMT
content-type: application/json
age: 2195
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8941
Expires: Thu, 12 Jan 2023 00:47:26 GMT
Date: Wed, 11 Jan 2023 22:18:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nXvOftRdBUF8zPbBDvx0fCp+KXL4uGnAepU7cTE0btYNCHLbIVcZnUjAHaHlpyjAdV7rcZ3baRg=
x-amz-request-id: SPZCX6J419YPE5V4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 22:17:12 GMT
age: 73
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 22:18:26 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 21:33:45 GMT
age: 2681
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce604e6f88a42844a4ec7d404879bdcf
d462a2a194a67d39d091ff49c4435fdfc39b3e5b
9e0222bcc67f019bb5c61657fc921fc42aa0cd7a75f6b1358d05231c53cc26e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3852
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 22:18:26 GMT
Last-Modified: Wed, 11 Jan 2023 21:14:14 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
154.218.151.71200 OK 17 kB URL HTTP/1.1 12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (331)
Hash 819fea32fcb793419b3fbd2c372e47d5
1035b7ebaf932b092f7e76be33ac0011725c8b40
aff3786023e965f196bc12b01a18ce15d724e21a66c000e4f7998f4d46990b4a
Analyzer Verdict Alert fortinet Malware
GET /down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:26 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.41.18.18101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.18.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EqUfF4eoZ/Z5Tw/Ppns8qA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7VMYonmvrDWd1DZF4MCyeZ89gdw=
12803.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 12803.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/teach.css
154.218.151.71200 OK 4.1 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/teach.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (499)
Hash 16ca38b11b525a142c6086c2c2802545
88ed9d1c7088344b24f18132ad025ed63623bb7e
c7d5eef240fb383c039b0141854336a78a07597b0bff022ae71514e913351d7a
GET /template/company/duote-xiazai/css/teach.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e70-503f"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 952b2841668e8303c2ee8bc817394790
1e7d159d8d75df0112f06eedab3ecd62b7075a52
51c463da96c71adce2a234968d1e46949fa82804f680861cb6562da84239e209
GET /template/company/duote-xiazai/css/soft.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6e-a090"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/news.css
154.218.151.71200 OK 1.5 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/news.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 4d5f155ee78bab18dd989f8fedda8ebc
d3e3353e7a3da786e2a1342ca13407fd432e3398
6754cc7b30008e41d53b0ebfb6b52a0c59712348880d235a77a07c3af02d9886
GET /template/company/duote-xiazai/css/news.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-16fd"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
154.218.151.71200 OK 353 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/scrollbar.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 6fc35ccb15b461bc6b549a85ea398894
21581ad4fc3db4acc99bb2fb4ed2fde1dfa50049
8d88f6d1d76a2cf300e9378742dc29f48060c9747cfdeb6b05050cf25cc5ebfb
GET /template/company/duote-xiazai/css/scrollbar.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/css
Content-Length: 353
Last-Modified: Sun, 06 Nov 2022 08:21:02 GMT
Connection: keep-alive
ETag: "63676e6e-161"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/css/message.css
154.218.151.71200 OK 1.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/message.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 90d699f8127fe2e7210c0f31f0b90bb0
245191b7026614b76c7234e8e82724d463d4adf1
50d4eaf1d089edb739f43068f78330d22700b47f9ea8acb14fa5606637aeaf23
GET /template/company/duote-xiazai/css/message.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-17a8"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
154.218.151.71200 OK 37 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/jquery.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d4e282e0e1e69d378568eac0d45bfd24
8b62528373788e473676aa025a72aae45ec17d01
b5bbdf5ae69bfc2b39919ac018f41b27efac22f98ab92848db65022eb03dfd12
GET /template/company/duote-xiazai/js/jquery.min.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:26 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-16f44"
Expires: Thu, 12 Jan 2023 10:18:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
151.101.194.133200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 151.101.194.133:0
Hash 74895c3141914c74b04c4beb26c8c9fb
0c63fb866ddbf45774e579c71a264dfe98010fff
4630af01fd30ac77576cfe824b8030f02297dbf0a02cfadb6834c3d56e836638
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 15 Jan 2023 21:01:40 GMT
ETag: "0c63fb866ddbf45774e579c71a264dfe98010fff"
Last-Modified: Wed, 11 Jan 2023 21:01:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 11 Jan 2023 22:18:27 GMT
Age: 1123
X-Served-By: cache-qpg1252-QPG, cache-bma1666-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 14, 1
X-Timer: S1673475507.396801,VS0,VE1
static.mediav.com/js/mvf_g2.js
104.192.110.245200 OK 9.0 kB URL HTTP/1.1 static.mediav.com/js/mvf_g2.js
IP 104.192.110.245:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (25539), with no line terminators
Hash 1baf9fc7116527b1a41307a6653030ca
f854953834e70e842d0d3fe6c8966ffb38e16744
d601207a5fa9a6b11008bc0a5a295c46ed62707d4a4b7b04a276eef33c3dcbd3
GET /js/mvf_g2.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:41 GMT
Vary: Accept-Encoding
Expires: Thu, 12 Jan 2023 03:18:27 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc03.lato;HIT from w-sc02.bjyt
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c88329ea42c15130f3b7163aea5229bd
e8983928c301e7031ede02457f16db1995aeeb2b
4a1e20f947b2deb338dcadd91f0fa9f977c6213b248f5d6a2fa6f54c334c2af5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 11 Jan 2023 22:10:29 GMT
last-modified: Tue, 10 Jan 2023 16:54:59 GMT
expires: Tue, 17 Jan 2023 16:54:58 GMT
etag: "e8983928c301e7031ede02457f16db1995aeeb2b"
cache-control: max-age=602887,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7880fb9358062c79-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673475029
via: cache2.l2de2[33,29,304-0,C], cache2.l2de2[30,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0], cache1.se1[3,0]
age: 478
x-cache: HIT TCP_MEM_HIT dirn:11:426789825
x-swift-savetime: Wed, 11 Jan 2023 22:10:29 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9516734755073901732e, 2ff62c9516734755073901732e
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash c88329ea42c15130f3b7163aea5229bd
e8983928c301e7031ede02457f16db1995aeeb2b
4a1e20f947b2deb338dcadd91f0fa9f977c6213b248f5d6a2fa6f54c334c2af5
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Wed, 11 Jan 2023 22:10:29 GMT
last-modified: Tue, 10 Jan 2023 16:54:59 GMT
expires: Tue, 17 Jan 2023 16:54:58 GMT
etag: "e8983928c301e7031ede02457f16db1995aeeb2b"
cache-control: max-age=602887,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 7880fb9358062c79-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673475029
via: cache2.l2de2[33,29,304-0,C], cache2.l2de2[30,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0], cache1.se1[2,0]
age: 478
x-cache: HIT TCP_MEM_HIT dirn:11:426789825
x-swift-savetime: Wed, 11 Jan 2023 22:10:29 GMT
x-swift-cachetime: 1800
timing-allow-origin: *, *
eagleid: 2ff62c9516734755074021742e, 2ff62c9516734755074021742e
12803.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
154.218.151.71404 Not Found 146 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/scrollStyle.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /template/company/duote-xiazai/css/scrollStyle.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
12803.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
154.218.151.71200 OK 8.9 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/jquery-ui.min.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (29165), with CRLF line terminators
Hash fd0bdc561b4f37fa8e4539d86c5fd0e4
663b932af8ef82dff4cfeb56351bd32853e54804
98161b22bc6e6613ecf1c230ff9664ba032c3abfe8d6a4079263f9daeb1829db
GET /template/company/duote-xiazai/css/jquery-ui.min.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6d-7d6e"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/css/global.css
154.218.151.71200 OK 7.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/global.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (710)
Hash b2502d4c36bc519e47bce519ffb3a295
d252dd5c34dbd231f5c120d8f45ded16e0aa3f4c
10bec4c97bde3cac4a43e4d86604e1ff2c54926ec350419e404435f0616d1a1a
GET /template/company/duote-xiazai/css/global.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6b-935f"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
154.218.151.71200 OK 799 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/duotecommon_top.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash ac93d373f5090fbc3e8a7152aab7170d
160c0bc3072bccced250979b7999ae060941eb06
e15e1cefcdcd40db68eecbd7a02af32a8a97e5749791b07b434f8454408c1570
GET /template/company/duote-xiazai/js/duotecommon_top.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-a0b"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
static.mediav.com/js/mvf_pm_slider.js
104.192.110.245200 OK 40 kB URL HTTP/1.1 static.mediav.com/js/mvf_pm_slider.js
IP 104.192.110.245:0
ASN #55992 Beijing Qihu Technology Company Limited
File type ASCII text, with very long lines (65536), with no line terminators, with escape sequences
Hash b23b60a7adefb62f50583079ed66f03b
965ea6506ea6c004b1135f23c10c67484fc0d238
987d03cb317bd411589ab916be6ea0e5aaabf8de0e94a2de7712beff577a62f8
GET /js/mvf_pm_slider.js HTTP/1.1
Host: static.mediav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/x-javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 07:57:42 GMT
Vary: Accept-Encoding
Expires: Thu, 12 Jan 2023 03:18:27 GMT
Cache-Control: max-age=18000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip
KCS-Via: HIT from w-fc02.lato;HIT from w-sc09.zzzc
12803.url.tudown.com/template/company/duote-xiazai/css/index.css
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/css/index.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash fbfd831dee308c5094076e0b4022a222
fa69c04bf3f0c911d2b1697717e05706362f0c57
ab5a9d33745256917eb22abecd3d8ed4790e612720f2a743206d00b85aa5ff4f
GET /template/company/duote-xiazai/css/index.css HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/css
Last-Modified: Sun, 06 Nov 2022 08:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e6c-42b3"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.211301 Moved Permanently 262 B URL HTTP/1.1 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://www.2345.com/js/index/activity/20171111/widget.min.js
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Via: cache3.se1[,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9716734755075955571e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e6f1550edcaafcbf11ec816c8822d55b
71afa222e0e98064b8d8042df723058058d9b7a3
1b0c5aba0729edfafc1c826eb71d08089a84b88adbc15baaae7b022e6625bc21
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 11 Jan 2023 22:18:27 GMT
Last-Modified: Wed, 11 Jan 2023 07:12:34 GMT
ETag: "63be6162-1d7"
Expires: Fri, 13 Jan 2023 07:12:34 GMT
Cache-Control: max-age=118447
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673475507
Via: cache26.l2de2[191,190,200-0,M], cache26.l2de2[191,0], cache7.se1[214,213,200-0,M], cache7.se1[215,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:18:27 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16734755074103206e
bdcode.2345.com/source/g/common/by/ht_jy_qx.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/source/g/common/by/ht_jy_qx.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5138), with no line terminators
Hash fe6c86e3d1f1c1113d6a81deedfa1d82
c8206fb89992485e7c4175ed95a5be129f857fd3
af880fb19883f42e7f63476299a6b2b61280c3b04fec887b8783f0ff1b2d803d
Analyzer Verdict Alert fortinet Malware
GET /source/g/common/by/ht_jy_qx.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2143
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Wed, 11 Jan 2023 23:18:27 GMT
Last-Modified: Wed, 21 Dec 2022 05:54:50 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0ce7202548a37e8-143
Server: yunjiasu
bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
42.81.8.130200 OK 2.1 kB URL HTTP/1.1 bdcode.2345.com/common/xsoa-r/openjs/pu/ao.js
IP 42.81.8.130:0
File type ASCII text, with very long lines (5137), with no line terminators
Hash e701e8b1ad5597ded13db62ef2dec921
16478889ffd36ab360119d0514d3186eeca89312
2bca8f6de74103f2d37b7c192bd96d89fa63afb71b7e05a9cd6f2d76bda21d51
Analyzer Verdict Alert fortinet Malware
GET /common/xsoa-r/openjs/pu/ao.js HTTP/1.1
Host: bdcode.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 2141
Connection: keep-alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Expires: Wed, 11 Jan 2023 23:18:27 GMT
Last-Modified: Wed, 21 Dec 2022 05:54:50 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
YJS-ID: c0ce7203b17637dd-143
Server: yunjiasu
12803.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
154.218.151.71200 OK 741 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/super_slider.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1844)
Hash 64d8d6bbbe2129e883c5af163b76600d
5c0f7df223f7f0ca25cc5c8247ae8b8f0cae4805
66f01728ee43d433d4fd4c0409354667cc543ae51cd362376d3f053da321369b
GET /template/company/duote-xiazai/js/super_slider.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-763"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be8a9ed61ab9a2563ea5b9752ba1c288
2ed84afd9206fbad8a212cd7ef18996daa6a8a8e
668275ed8ee9d970f77f9caccce0f74d0fece5b2543979d3f004e1c284797ca5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "668275ED8EE9D970F77F9CACCCE0F74D0FECE5B2543979D3F004E1C284797CA5"
Last-Modified: Wed, 11 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17047
Expires: Thu, 12 Jan 2023 03:02:34 GMT
Date: Wed, 11 Jan 2023 22:18:27 GMT
Connection: keep-alive
12803.url.tudown.com/template/company/duote-xiazai/js/index.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/index.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (8638)
Hash a1f3815ea981db7480ca3c4d5d54aac6
f3961cccb17dc2190e2a8c249d936d0b1185fd7e
7adb4d2ea2856125d829deeabfc70e92f87a5e50f84187ed8d570b810c807d6f
GET /template/company/duote-xiazai/js/index.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e97-223b"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
154.218.151.71200 OK 1.4 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/soft_comment.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 33db5499343abb12f6c7d980cfdf5af0
ca9f7d2be1dd0f229f709b2effd22d57413fc7d4
3ca1208b56597372cccafd9817375f08e7e85ab84b310cb882ff8a76bac1c388
GET /template/company/duote-xiazai/js/soft_comment.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676ea0-f1c"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
12803.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
154.218.151.71200 OK 577 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/clickdown_stat_ajax.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d2fd0ff89c3e773f8cfb6e5e57ae2909
537114b9b969f30770ba619a17d217bb69efb759
9665a3c5c2aa7e032819815b24dccc0dd5fbfbbef8876d7d42dfe2751e06d8f7
GET /template/company/duote-xiazai/js/clickdown_stat_ajax.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e96-57a"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
150.138.98.224200 OK 20 B URL HTTP/2 s5.cnzz.com/z_stat.php?id=1277770517&web_id=1277770517
IP 150.138.98.224:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1277770517&web_id=1277770517 HTTP/1.1
Host: s5.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Wed, 11 Jan 2023 21:35:49 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Wed, 11 Jan 2023 21:35:49 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1673472949
via: cache80.l2cn3032[0,0,200-0,H], cache42.l2cn3032[0,0], ens-cache32.cn4461[0,0,200-0,H], ens-cache45.cn4461[2,0]
age: 2558
x-cache: HIT TCP_MEM_HIT dirn:11:37366412
x-swift-savetime: Wed, 11 Jan 2023 21:35:57 GMT
x-swift-cachetime: 3592
timing-allow-origin: *
eagleid: 968a62c116734755076785122e
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/images/stars.png
154.218.151.71200 OK 409 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/images/stars.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 513adea23e19785779ef24441cbdb356
acaf0cd2ec302562b27850b970523d96ac5a120c
b78bf1490ecfe58446b32e59b0e6505d2d18f75f8676809753830b66a8dee298
GET /template/company/duote-xiazai/images/stars.png HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/template/company/duote-xiazai/css/global.css
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: image/png
Content-Length: 409
Last-Modified: Sun, 06 Nov 2022 08:21:35 GMT
Connection: keep-alive
ETag: "63676e8f-199"
Accept-Ranges: bytes
12803.url.tudown.com/template/company/duote-xiazai/js/new_global.js
154.218.151.71200 OK 592 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/new_global.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash 232fd4a41f68cb95c02a365b6aca84e9
4d17747184f32abc1b922759c510bdbab4eccedd
0d50c1f4db8f330ef99775e40dadb29b531eb33314540560567b1f2623d4885e
GET /template/company/duote-xiazai/js/new_global.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9d-685"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e6f1550edcaafcbf11ec816c8822d55b
71afa222e0e98064b8d8042df723058058d9b7a3
1b0c5aba0729edfafc1c826eb71d08089a84b88adbc15baaae7b022e6625bc21
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 11 Jan 2023 22:18:27 GMT
Last-Modified: Wed, 11 Jan 2023 07:12:34 GMT
ETag: "63be6162-1d7"
Expires: Fri, 13 Jan 2023 07:12:34 GMT
Cache-Control: max-age=118447
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673475507
Via: cache4.l2de2[498,498,200-0,M], cache4.l2de2[499,0], cache3.se1[522,521,200-0,M], cache3.se1[522,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:18:27 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716734755073795426e
union2.50bang.org/js/duoteall
180.101.190.124200 OK 370 B URL HTTP/1.1 union2.50bang.org/js/duoteall
IP 180.101.190.124:0
ASN #138950 Jiangsu Wuxi International IDC network
File type ASCII text, with very long lines (370), with no line terminators
Hash 631a3959eb543661787710e88a5f8a2f
3a4b038c2ff27bb405f3ccb969cd4b5990625030
fb984abe581743601742dd9fe57f9166cd4abd309ac954ae05885a409a9acfaa
GET /js/duoteall HTTP/1.1
Host: union2.50bang.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Length: 370
img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
222.186.17.196200 OK 361 B URL HTTP/2 img4.duote.com/duoteimg/dtnew_recom_img/duoteself/softdown_1.js
IP 222.186.17.196:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (361), with no line terminators
Hash d7877f2308efe72c7913b65816859daa
755606b601ae85ebcbf0dd47660fb028d1bf30d7
3af5e226f01cd0faf44433ba44517cc6b0fe9596de061a613c8d719227cc2c1a
GET /duoteimg/dtnew_recom_img/duoteself/softdown_1.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 361
date: Wed, 04 Jan 2023 10:48:37 GMT
x-oss-request-id: 63B55985341EC4383238B58D
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D7877F2308EFE72C7913B65816859DAA"
last-modified: Wed, 04 Jan 2023 09:53:30 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13587884656729146177
x-oss-storage-class: Standard
x-oss-meta-mtime: 1672826010
x-oss-expiration: expiry-date="Thu, 05 Jan 2023 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: CAEQVxiBgMCnu.bwqxgiIGMwYmRlOGE3NDQ3MjQxYmY4Y2NiYWYyOWExMzU2Zjdi
content-md5: 14d/Iwjv5yx5E7ZYFoWdqg==
x-oss-server-time: 26
ali-swift-global-savetime: 1672829317
via: cache42.l2cn3037[0,0,200-0,H], cache35.l2cn3037[1,0], ens-vcache1.cn5274[0,0,200-0,H], ens-vcache14.cn5274[1,0]
age: 646190
x-cache: HIT TCP_MEM_HIT dirn:11:69741661
x-swift-savetime: Wed, 04 Jan 2023 11:29:37 GMT
x-swift-cachetime: 15549540
timing-allow-origin: *
eagleid: deba11a116734755078151666e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
222.186.17.196200 OK 3.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/3.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 2ea694cf637a163c094f4e88ae235ec7
8c80f708bc2b9ade2838743d1ec2f779662054e4
8824766f185db8f093dabd01f47636740f26f1a0340b8ed170e4268f36488a44
GET /duoteimg/zhuanti/comment/images/3.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3011
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E14461A70130303428621A
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "2EA694CF637A163C094F4E88AE235EC7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8455495457239003797
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: LqaUz2N6FjwJT06IriNexw==
x-oss-server-time: 40
ali-swift-global-savetime: 1658930273
via: cache74.l2cn3037[0,0,200-0,H], cache22.l2cn3037[0,0], ens-vcache29.cn5274[0,0,200-0,H], ens-vcache14.cn5274[2,0]
age: 14545234
x-cache: HIT TCP_MEM_HIT dirn:9:80866641
x-swift-savetime: Mon, 02 Jan 2023 09:16:04 GMT
x-swift-cachetime: 1831309
timing-allow-origin: *
eagleid: deba11a116734755078171667e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
222.186.17.196200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/2.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash daaa6d71e871eec644788b703b718bd8
8fadc0f0070931b2f807159e87b82bc2269b467a
6d31802a2485e9ff603aa0ec2528c96590e9d4c5ac8961ddf8a9c3fe3bb5c0b8
GET /duoteimg/zhuanti/comment/images/2.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1668
date: Thu, 08 Dec 2022 04:58:24 GMT
x-oss-request-id: 63916EF0AFE0263732939158
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "DAAA6D71E871EEC644788B703B718BD8"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17840225992830112301
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 2qptcehx7sZEeItwO3GL2A==
x-oss-server-time: 61
ali-swift-global-savetime: 1670475504
via: cache46.l2cn2641[0,0,200-0,H], cache43.l2cn2641[1,0], ens-vcache22.cn5274[0,0,200-0,H], ens-vcache14.cn5274[2,0]
age: 3000003
x-cache: HIT TCP_MEM_HIT dirn:9:163879433
x-swift-savetime: Sun, 01 Jan 2023 13:23:50 GMT
x-swift-cachetime: 13448074
timing-allow-origin: *
eagleid: deba11a116734755078171668e
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
154.218.151.71200 OK 63 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/keyword_new.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with no line terminators
Hash 827609f4f6b6dbef37e7bbb2c6cb8535
09929f83133df43c4ec28623065e3af7647a1f11
f7f82084b7a593e189a56487ea3179a61e6d8c93ec6ffdfada18e8c5e8863375
GET /template/company/duote-xiazai/js/keyword_new.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/javascript
Content-Length: 63
Last-Modified: Sun, 06 Nov 2022 08:21:47 GMT
Connection: keep-alive
ETag: "63676e9b-3f"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
180.101.199.248404 Not Found 146 B URL HTTP/2 img1.2345.com/duoteimg/js/base64.js?_vtim=2014122301
IP 180.101.199.248:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /duoteimg/js/base64.js?_vtim=2014122301 HTTP/1.1
Host: img1.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Tengine
content-type: text/html; charset=gb2312
content-length: 146
date: Wed, 11 Jan 2023 22:18:27 GMT
ali-swift-global-savetime: 1673475507
via: cache78.l2cn3037[19,19,404-1280,M], cache32.l2cn3037[21,0], cache32.l2cn3037[21,0], vcache27.cn4733[64,64,404-1280,M], vcache11.cn4733[66,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Wed, 11 Jan 2023 22:18:27 GMT
x-swift-cachetime: 1
x-swift-error: orig response 4XX error
timing-allow-origin: *
eagleid: b465c71f16734755077881177e
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2977
Expires: Wed, 11 Jan 2023 23:08:05 GMT
Date: Wed, 11 Jan 2023 22:18:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2977
Expires: Wed, 11 Jan 2023 23:08:05 GMT
Date: Wed, 11 Jan 2023 22:18:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2977
Expires: Wed, 11 Jan 2023 23:08:05 GMT
Date: Wed, 11 Jan 2023 22:18:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2977
Expires: Wed, 11 Jan 2023 23:08:05 GMT
Date: Wed, 11 Jan 2023 22:18:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 13:56:11 GMT
age: 30137
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12803.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
154.218.151.71200 OK 738 B URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/scrollbar.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (1755)
Hash 941e223b206b2f389ba88e5c62146e05
1ea47333441413a3afd2fbc6e335810513cd3b5f
c0034343dbd842fc5ba9dfae6be7145ec000eb017fc0ca9a7fd6e245811df660
GET /template/company/duote-xiazai/js/scrollbar.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e9e-707"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35ee3a36f2d56adfa27324f734f8f7fc
6ec36e85e464004c5e6255739e962e6dcc4c24c6
6cedd3770eb8879c837799d36ebca9d631789d972d3631d730829fc5d64abb25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8024
x-amzn-requestid: b331ee66-c166-4fa6-b950-287134d07fa2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ6EM0oAMFQFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-39ff669b44e3dd9339daa56b;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Fk214iXw9pGVhIOu0uwvDOrqHR-pOjicJOttxjMb0JDhxXbfpyRncg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 07:54:43 GMT
age: 51825
etag: "6ec36e85e464004c5e6255739e962e6dcc4c24c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56de8a53fb494855ff7717eeb39c1fed
438999ac8d0853e235a2c0e0f404291961c891ab
357db338b2f6fcf434bdd9c2561f91d3fc7e5d42a92e5068402ce3eeb6fba412
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6400
x-amzn-requestid: f76c3961-a118-4639-a943-2ffbd3d28537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaD7hEEdoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba4d16-3881379864dcae085aa4fd4d;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:56:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmS2bnkBSYTi7rEZuQ_frZ6GwU-PHrD3GfDXv7rDkp_ytjR7c9FhWw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 09:00:56 GMT
age: 47852
etag: "438999ac8d0853e235a2c0e0f404291961c891ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 68af9d9acdc08345ac38ae59f83a9a24
d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee
1ae2e194f6bb20166d326002b39a4e3f44a9a97046e77ffd2a186eae384b7ce1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10640
x-amzn-requestid: 0b0b6732-7692-4b35-9625-154dc39386dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei745GEooAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d2-314dad90600e9d8c737adf05;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rr9hTjSynlIWtcOCn7hv3-rRhhGEl0A0_uV1jC2ljrpr8ybnZP72Zw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:42:12 GMT
age: 2176
etag: "d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t5mK-tl3WskwkQLUXPKR2ljEW32-Yo6_BHwqP2dNVUr09WoMyxYeZw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:42:07 GMT
age: 2181
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e6f1550edcaafcbf11ec816c8822d55b
71afa222e0e98064b8d8042df723058058d9b7a3
1b0c5aba0729edfafc1c826eb71d08089a84b88adbc15baaae7b022e6625bc21
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 11 Jan 2023 22:18:27 GMT
Last-Modified: Wed, 11 Jan 2023 07:12:34 GMT
ETag: "63be6162-1d7"
Expires: Fri, 13 Jan 2023 07:12:34 GMT
Cache-Control: max-age=118447
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1673475508
Via: cache12.l2de2[469,468,200-0,M], cache12.l2de2[470,0], cache8.se1[491,490,200-0,M], cache8.se1[492,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 11 Jan 2023 22:18:28 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16734755075306844e
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfdccf6a024cbd033eea815d49112057
0d987b906b2fd7e45d09169898e7cc14e0e62f64
739c6dadc197a3cf88c8fcdb8a6f35bc7bb98355b3804e0b2c71cd6a87f08900
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5434
x-amzn-requestid: a6d8944c-dae3-43f6-91bd-6dda6f9275b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei75NErNIAMFlsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d4-44e8212239c649ba56cd3256;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U9k7a673trCY9jdC0vpQVZG10T8iuDpEbB9NyrwVL-UIf7FNZ7bH6g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 21:42:12 GMT
age: 2176
etag: "0d987b906b2fd7e45d09169898e7cc14e0e62f64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250
154.218.151.71200 OK 3.5 kB URL HTTP/1.1 12803.url.tudown.com/uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 0b272865b931d7cfab7bfe782830ddd4
4c4c4035f4affc241a0ce63ce88dc09e2409c9f2
8948ca81266e22f7fc964a94dca0732959723a13ef8818daa286c20c13da5adf
GET /uploads/images/logo.png?n=465y3zmfwts3raxfxo5oplmr4w32lz5irptjzcpjtgiornfd4s53xzmfvtsy7oa&w=250 HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
12803.url.tudown.com/uploads/images/794967.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/794967.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/794967.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3855937865,915877931&fm=224&app=112&f=JPEG?w=500&h=465
img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
222.186.17.196200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/1.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 26df8be954a888cd2b29429bcc7d91de
2fa6246adde0616962ed672907c5da94893ce35e
9c73781c61d66f4af9043f08da67a47653fe9662e0aabd4cfa133cfbe55eaa76
GET /duoteimg/zhuanti/comment/images/1.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1771
date: Wed, 27 Jul 2022 11:55:49 GMT
x-oss-request-id: 62E127C580647F3533AA2514
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "26DF8BE954A888CD2B29429BCC7D91DE"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7119512290700278717
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Jt+L6VSoiM0rKUKbzH2R3g==
x-oss-server-time: 68
ali-swift-global-savetime: 1658922949
via: cache50.l2cn3037[0,0,200-0,H], cache39.l2cn3037[1,0], ens-vcache12.cn5274[0,0,200-0,H], ens-vcache14.cn5274[3,0]
age: 14552558
x-cache: HIT TCP_MEM_HIT dirn:12:350394384
x-swift-savetime: Mon, 02 Jan 2023 06:11:45 GMT
x-swift-cachetime: 1835044
timing-allow-origin: *
eagleid: deba11a116734755078171669e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
222.186.17.196200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/4.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 9429cb260cbf87e528d14cf6baaf2b5b
eb067540c3b93c515efbc46b5a1cb4c7bcb16ff7
4cce9443159a3c082fbf59610efbf5ef9b92d5422bce4bbe8ef43d1bcc8d0475
GET /duoteimg/zhuanti/comment/images/4.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1706
date: Tue, 18 Oct 2022 08:31:25 GMT
x-oss-request-id: 634E645DC8A4583832C601BC
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "9429CB260CBF87E528D14CF6BAAF2B5B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 875222251737355829
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: lCnLJgy/h+Uo0Uz2uq8rWw==
x-oss-server-time: 142
ali-swift-global-savetime: 1666081885
via: cache78.l2cn3037[0,0,200-0,H], cache63.l2cn3037[1,0], ens-vcache26.cn5274[0,0,200-0,H], ens-vcache14.cn5274[2,0]
age: 7393622
x-cache: HIT TCP_MEM_HIT dirn:11:300583012
x-swift-savetime: Mon, 02 Jan 2023 06:11:46 GMT
x-swift-cachetime: 8993979
timing-allow-origin: *
eagleid: deba11a116734755078181673e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
222.186.17.196200 OK 3.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/6.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash eb575dd556470ae55acfa8350f63f3ab
5ded8852598c3cb4ff9130d24b1b7b03c558d14e
0be355d4a20f70a41fef403a817d2d27a1c5122fa1b58ef04dc884fb9a12ed7a
GET /duoteimg/zhuanti/comment/images/6.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 3468
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E144616F52933834F154DF
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "EB575DD556470AE55ACFA8350F63F3AB"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17858666986198953545
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 61dd1VZHCuVaz6g1D2Pzqw==
x-oss-server-time: 86
ali-swift-global-savetime: 1658930273
via: cache39.l2cn3037[0,0,200-0,H], cache50.l2cn3037[1,0], ens-vcache13.cn5274[0,-1,200-0,H], ens-vcache14.cn5274[2,0]
age: 14545234
x-cache: HIT TCP_MEM_HIT dirn:12:430045190
x-swift-savetime: Mon, 02 Jan 2023 06:11:37 GMT
x-swift-cachetime: 1842376
timing-allow-origin: *
eagleid: deba11a116734755078181671e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
222.186.17.196200 OK 2.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/5.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash a7bff4f63a973a68e2d98ee780d9e29e
4c87d92faf82347bb122c2ad0e74e166aec5c567
18e82892f579e1f63d003f7e8404754b775542d72ea2d677f61d8ed3c7dfd21c
GET /duoteimg/zhuanti/comment/images/5.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2768
date: Wed, 27 Jul 2022 13:57:53 GMT
x-oss-request-id: 62E14461DC81703736A9B209
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "A7BFF4F63A973A68E2D98EE780D9E29E"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11302870927342222426
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: p7/09jqXOmji2Y7ngNning==
x-oss-server-time: 33
ali-swift-global-savetime: 1658930273
via: cache19.l2cn3037[0,0,200-0,H], cache50.l2cn3037[1,0], ens-vcache22.cn5274[0,0,200-0,H], ens-vcache14.cn5274[3,0]
age: 14545234
x-cache: HIT TCP_MEM_HIT dirn:12:63921139
x-swift-savetime: Mon, 02 Jan 2023 06:11:39 GMT
x-swift-cachetime: 1842374
timing-allow-origin: *
eagleid: deba11a116734755078171670e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
222.186.17.196200 OK 1.5 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/7.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 56bd697fdac1de3dbe8d4dd53e309a9b
215d4fead2dbf7bf6aeea1136749675cc5034f9e
7acdc1e69fd8d2c578ccf122054b7dab5a58a59caa255cd5585d45956136f4a3
GET /duoteimg/zhuanti/comment/images/7.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1495
date: Wed, 27 Jul 2022 14:00:56 GMT
x-oss-request-id: 62E1451844A24C3331B8E6EA
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "56BD697FDAC1DE3DBE8D4DD53E309A9B"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6398064933782332215
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Vr1pf9rB3j2+jU3VPjCamw==
x-oss-server-time: 53
ali-swift-global-savetime: 1658930456
via: cache67.l2cn3037[0,0,200-0,H], cache58.l2cn3037[1,0], ens-vcache5.cn5274[0,0,200-0,H], ens-vcache14.cn5274[2,0]
age: 14545051
x-cache: HIT TCP_MEM_HIT dirn:9:115626047
x-swift-savetime: Mon, 02 Jan 2023 06:11:43 GMT
x-swift-cachetime: 1842553
timing-allow-origin: *
eagleid: deba11a116734755078181672e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
222.186.17.196200 OK 1.7 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/9.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 52c2ef213baaff54c731557b999a0bf7
804e7ac80e4255b27247350265bbc92ce8d075bb
6bc6cc4739fbf0b9257b84549097c06651f82bcb2edef386710f4bb88e5b1676
GET /duoteimg/zhuanti/comment/images/9.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1733
date: Fri, 09 Dec 2022 13:25:13 GMT
x-oss-request-id: 63933739960DF237391E4EA8
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "52C2EF213BAAFF54C731557B999A0BF7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7207152638915174298
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: UsLvITuq/1THMVV7mZoL9w==
x-oss-server-time: 46
ali-swift-global-savetime: 1670592313
via: cache35.l2cn3037[0,0,200-0,H], cache42.l2cn3037[0,0], ens-vcache10.cn5274[0,0,200-0,H], ens-vcache14.cn5274[3,0]
age: 2883195
x-cache: HIT TCP_MEM_HIT dirn:11:13178883
x-swift-savetime: Wed, 11 Jan 2023 22:16:34 GMT
x-swift-cachetime: 12668919
timing-allow-origin: *
eagleid: deba11a116734755080941743e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
222.186.17.196200 OK 2.6 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/12.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 74dc1aa4f1e4f7219da7ad597c91b8e7
bfda85aaa1fd81b79b792ee83cd448cd2cde5005
733f3dc6aa38aaad278d72cbef942326c77b0f872727e5971cc8fb9b3b683efe
GET /duoteimg/zhuanti/comment/images/12.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2575
date: Sat, 10 Dec 2022 02:48:42 GMT
x-oss-request-id: 6393F38A28E01236303D13AE
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "74DC1AA4F1E4F7219DA7AD597C91B8E7"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17001896356624891276
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: dNwapPHk9yGdp61ZfJG45w==
x-oss-server-time: 48
ali-swift-global-savetime: 1670640522
via: cache34.l2cn3037[0,0,200-0,H], cache78.l2cn3037[1,0], ens-vcache18.cn5274[0,0,200-0,H], ens-vcache14.cn5274[3,0]
age: 2834986
x-cache: HIT TCP_MEM_HIT dirn:12:185411624
x-swift-savetime: Mon, 02 Jan 2023 06:11:40 GMT
x-swift-cachetime: 13552622
timing-allow-origin: *
eagleid: deba11a116734755080941747e
X-Firefox-Spdy: h2
img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
222.186.17.196200 OK 2.1 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/10.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 8535863eee1ae5dfffa4f25a79cffa10
ae60588f804b611794c725429927f1a37c31a6e5
13fd5ae010e7d97dc637a2ec0537a28a8d74dac1f1480fa87279ae226e13e535
GET /duoteimg/zhuanti/comment/images/10.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 2105
date: Wed, 07 Dec 2022 22:38:17 GMT
x-oss-request-id: 639115D9EBE1D337378BAB5F
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "8535863EEE1AE5DFFFA4F25A79CFFA10"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 720901678692586227
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: hTWGPu4a5d//pPJaec/6EA==
x-oss-server-time: 93
ali-swift-global-savetime: 1670452697
via: cache6.l2cn3037[0,0,200-0,H], cache62.l2cn3037[2,0], ens-vcache18.cn5274[0,0,200-0,H], ens-vcache14.cn5274[3,0]
age: 3022811
x-cache: HIT TCP_MEM_HIT dirn:9:29256290
x-swift-savetime: Mon, 02 Jan 2023 06:11:38 GMT
x-swift-cachetime: 13364799
timing-allow-origin: *
eagleid: deba11a116734755080941744e
X-Firefox-Spdy: h2
img4.duote.com/duoteimg/js/front_ad.js
222.186.17.196200 OK 0 B URL HTTP/2 img4.duote.com/duoteimg/js/front_ad.js
IP 222.186.17.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /duoteimg/js/front_ad.js HTTP/1.1
Host: img4.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 0
date: Thu, 05 Jan 2023 10:13:50 GMT
x-oss-request-id: 63B6A2DE23022136314C7D7A
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "D41D8CD98F00B204E9800998ECF8427E"
last-modified: Wed, 02 Sep 2020 01:55:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 0
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Thu, 03 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: 1B2M2Y8AsgTpgAmY7PhCfg==
ali-swift-global-savetime: 1672913630
via: cache8.l2cn3037[0,0,200-0,H], cache20.l2cn3037[1,0], ens-vcache22.cn5274[0,0,200-0,H], ens-vcache14.cn5274[3,0]
age: 561878
x-cache: HIT TCP_MEM_HIT dirn:9:127255384
x-swift-savetime: Tue, 10 Jan 2023 03:24:52 GMT
x-swift-cachetime: 15144538
timing-allow-origin: *
eagleid: deba11a116734755080941748e
X-Firefox-Spdy: h2
t14.baidu.com/it/u=3855937865,915877931&fm=224&app=112&f=JPEG?w=500&h=465
185.10.104.124200 OK 24 kB URL HTTP/1.1 t14.baidu.com/it/u=3855937865,915877931&fm=224&app=112&f=JPEG?w=500&h=465
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x465, components 3\012- data
Hash 28be0280c5b6481d2abef97201fe10a5
f29ab536336bc07969a00dccc96c592899e01079
b3e401d98ff40463076b17a380b984d1ac7d6dd0c00b0cf1e4fe17e4607d3dee
GET /it/u=3855937865,915877931&fm=224&app=112&f=JPEG?w=500&h=465 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpeg
Content-Length: 24464
Connection: keep-alive
Expires: Sat, 04 Feb 2023 02:51:33 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 28be0280c5b6481d2abef97201fe10a5
Age: 3002
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 02:51:33 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache58 [4], wzix82 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24464
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
222.186.17.196200 OK 7.0 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/11.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 0dfec8a688ee97162d852f42a0fa2a23
a6bc13493b4f2471b72b9d9e8474a9889ad2f4cb
bfef5124ff15cc50ba2eb8e6c605541b642bb5c8c18a4c618ed248522f8d44e0
GET /duoteimg/zhuanti/comment/images/11.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 6979
date: Tue, 06 Dec 2022 22:52:39 GMT
x-oss-request-id: 638FC7B7AEF36B30351D8998
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "0DFEC8A688EE97162D852F42A0FA2A23"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5501157311881781066
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: Df7IpojulxYthS9CoPoqIw==
x-oss-server-time: 112
ali-swift-global-savetime: 1670367159
via: cache80.l2cn3037[0,0,200-0,H], cache74.l2cn3037[1,0], ens-vcache9.cn5274[0,0,200-0,H], ens-vcache14.cn5274[4,0]
age: 3108349
x-cache: HIT TCP_MEM_HIT dirn:9:150952519
x-swift-savetime: Mon, 02 Jan 2023 06:11:41 GMT
x-swift-cachetime: 13279258
timing-allow-origin: *
eagleid: deba11a116734755080941745e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/291120.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/291120.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/291120.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2408059687,164248788&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
12803.url.tudown.com/uploads/images/842901.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/842901.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/842901.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1154464283,3627783456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
12803.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
154.218.151.71200 OK 80 kB URL HTTP/1.1 12803.url.tudown.com/template/company/duote-xiazai/js/jquery-ui.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (32074), with CRLF line terminators
Hash e81ec1034a64ade1aa8b290326108e91
67aa74b0a4d0039f59acacca2ee6eee5ebaa312e
825cd708c0562c4b038d007351af36e0c4b34a32c0a1e8fd5852206417cbf94e
GET /template/company/duote-xiazai/js/jquery-ui.min.js HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:27 GMT
Content-Type: application/javascript
Last-Modified: Sun, 06 Nov 2022 08:21:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63676e99-3def1"
Expires: Thu, 12 Jan 2023 10:18:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
222.186.17.196200 OK 1.8 kB URL HTTP/2 img1.duote.com/duoteimg/zhuanti/comment/images/8.gif
IP 222.186.17.196:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 15c10a442a7bd8384cd17ed420cf21e9
477ba29d0b04ec0a2950d715b58abe2db4d68cdd
153b9c74c5a92e7ec480365537cd43c9973840f3b6c72dad3032f5aeb0a4d30e
GET /duoteimg/zhuanti/comment/images/8.gif HTTP/1.1
Host: img1.duote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://12803.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 1788
date: Tue, 18 Oct 2022 05:04:16 GMT
x-oss-request-id: 634E33D0BA82AD3033A4E1BB
x-oss-cdn-auth: success
accept-ranges: bytes
etag: "15C10A442A7BD8384CD17ED420CF21E9"
last-modified: Thu, 03 Sep 2020 22:40:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10105978504471775518
x-oss-storage-class: Standard
x-oss-expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="03f94d9c-6cf0-4053-b855-b1862a1b87c2"
x-oss-version-id: null
content-md5: FcEKRCp72DhM0X7UIM8h6Q==
x-oss-server-time: 139
ali-swift-global-savetime: 1666069456
via: cache70.l2cn3037[0,0,200-0,H], cache74.l2cn3037[1,0], ens-vcache23.cn5274[22,24,200-0,M], ens-vcache14.cn5274[26,0]
age: 7406052
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Wed, 11 Jan 2023 22:18:28 GMT
x-swift-cachetime: 8145948
timing-allow-origin: *
eagleid: deba11a116734755080941742e
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/253171.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/253171.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/253171.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4004771335,2000716621&fm=253&fmt=auto?w=640&h=346
12803.url.tudown.com/uploads/images/746099.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/746099.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/746099.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3605258120,3388077330&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=3605258120,3388077330&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 24 kB URL HTTP/1.1 t13.baidu.com/it/u=3605258120,3388077330&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash efbc3d41eecdc331f76a55e8d69aa80c
eb42e8b0f3d74e48bb8cd59b117c8aa107c76c1c
2efd0616c6065f75b097b3293445d20800f84d1e989700f14e22bd6dc50afff6
GET /it/u=3605258120,3388077330&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpeg
Content-Length: 23494
Connection: keep-alive
Expires: Tue, 24 Jan 2023 12:18:36 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: efbc3d41eecdc331f76a55e8d69aa80c
Age: 1504609
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 25 Dec 2022 12:18:36 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache103 [4], suzix157 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 23494
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/140409.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/140409.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/140409.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=828399047,2921453799&fm=253&fmt=auto&app=138&f=PNG?w=500&h=800
12803.url.tudown.com/uploads/images/402607.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/402607.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/402607.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2376906074,2392712780&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/380507.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/380507.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/380507.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3502560142,3200520054&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/common/ipnotice/
154.218.151.71200 OK 17 kB URL HTTP/1.1 12803.url.tudown.com/common/ipnotice/
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f3900b723a5077e4d84c09d3e41f8a53
85e7f7085b71e0aefecf205fd5d28476f0939f63
bea207387fc76447c46c1af45247762608eaad92a138a3b81dafcf10cbcf4410
GET /common/ipnotice/ HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
12803.url.tudown.com/uploads/images/198835.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/198835.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/198835.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1848990606,2006386056&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/884426.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/884426.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/884426.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2835491459,3378873043&fm=253&app=120&f=JPEG?w=800&h=800
12803.url.tudown.com/uploads/images/348940.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/348940.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/348940.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3670077508,4211191451&fm=224&app=112&f=JPEG?w=284&h=284
ocsp.globalsign.com/gsrsaovsslca2018
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.2.133:0
Hash b07efd761e8ada6266ca44e28c6081b9
59026a678ff0ea8f4b4e820eb513a03b017a3df0
7e3a5aef75571426ec270af6f8e4f7c9088f0e4b7e0b23cea0831a81ffbccc1e
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 15 Jan 2023 19:50:42 GMT
ETag: "59026a678ff0ea8f4b4e820eb513a03b017a3df0"
Last-Modified: Wed, 11 Jan 2023 19:50:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 11 Jan 2023 22:18:28 GMT
Age: 3035
X-Served-By: cache-qpg1274-QPG, cache-bma1683-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 47, 3
X-Timer: S1673475509.962636,VS0,VE0
12803.url.tudown.com/uploads/images/576359.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/576359.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/576359.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=13557795,4177807006&fm=224&app=112&f=JPEG?w=500&h=500&s=EB10C4020F455ED8085038CD0300F0E0
12803.url.tudown.com/uploads/images/276837.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/276837.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/276837.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=907993002,3131829230&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
12803.url.tudown.com/uploads/images/521550.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/521550.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/521550.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1283247850,931782952&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=393
t13.baidu.com/it/u=13557795,4177807006&fm=224&app=112&f=JPEG?w=500&h=500&s=EB10C4020F455ED8085038CD0300F0E0
185.10.104.124200 OK 29 kB URL HTTP/1.1 t13.baidu.com/it/u=13557795,4177807006&fm=224&app=112&f=JPEG?w=500&h=500&s=EB10C4020F455ED8085038CD0300F0E0
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 70af072600676902305e817c4c80a3a6
bb7b15d7f6902ab9011a0d3a481dfb1e7ab0c305
2ba499fd1e6429b004c5668294e9a9be593e9e5e09ecb031bf41f577ae22b42c
GET /it/u=13557795,4177807006&fm=224&app=112&f=JPEG?w=500&h=500&s=EB10C4020F455ED8085038CD0300F0E0 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:28 GMT
Content-Type: image/jpeg
Content-Length: 28576
Connection: keep-alive
Expires: Fri, 03 Feb 2023 20:25:54 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 70af072600676902305e817c4c80a3a6
Age: 1610
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 20:25:54 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache58 [4], csix58 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 28576
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=3670077508,4211191451&fm=224&app=112&f=JPEG?w=284&h=284
185.10.104.124200 OK 23 kB URL HTTP/1.1 t15.baidu.com/it/u=3670077508,4211191451&fm=224&app=112&f=JPEG?w=284&h=284
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 284x284, components 3\012- data
Hash 1ba2a3ce706ad52d9350ae7b7c60538a
57c49e1825ec53e3e2e67a3b47b8cd704158cfc5
d71cac3c4a6c3b172cabf5e45d189f5c2a4940a4e7fc8ec0f7e3b6053ca6d5c2
GET /it/u=3670077508,4211191451&fm=224&app=112&f=JPEG?w=284&h=284 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpeg
Content-Length: 22840
Connection: keep-alive
Expires: Tue, 24 Jan 2023 14:17:09 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 1ba2a3ce706ad52d9350ae7b7c60538a
Age: 1450439
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 25 Dec 2022 14:17:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache53 [1], czix170 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 22840
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/702021.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/702021.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/702021.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2797479669,2755051278&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=592
12803.url.tudown.com/uploads/images/156751.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/156751.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/156751.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1184818323,2662606659&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=395
12803.url.tudown.com/uploads/images/505184.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/505184.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/505184.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=634817867,2751445904&fm=253&app=138&f=JPEG?w=500&h=800
12803.url.tudown.com/uploads/images/166062.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/166062.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/166062.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2835830416,2419187148&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/407987.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/407987.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/407987.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3205109418,1606392849&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/550392.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/550392.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/550392.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3448001060,4076763154&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714
t13.baidu.com/it/u=2835830416,2419187148&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 72 kB URL HTTP/1.1 t13.baidu.com/it/u=2835830416,2419187148&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c553e53a36177f05a8a21999e99ddaa5
1b1eb5e3fa4f65bed454d4508da4bdf7eb897ecc
5d82f001a639e122d455fdfc6d7c8aa67bfb28b54bf7ed6efc5eeb5655226972
GET /it/u=2835830416,2419187148&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpeg
Content-Length: 72383
Connection: keep-alive
Expires: Sun, 05 Feb 2023 05:56:04 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: c553e53a36177f05a8a21999e99ddaa5
Age: 315128
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 05:56:03 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], jnuncache58 [4], qdix247 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 72383
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=1154464283,3627783456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
220.169.152.35200 OK 11 kB URL HTTP/2 img1.baidu.com/it/u=1154464283,3627783456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b7042d4f13a66bc635e53138465400a9
f60e3606f72382625d9a59cb6da0ac2212ed9b21
ee9ad391324e9691efaec94d3a6887e88026ecb2e9019e76bd3ca146a927a10b
GET /it/u=1154464283,3627783456&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 11198
expires: Sun, 22 Jan 2023 01:58:15 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: b7042d4f13a66bc635e53138465400a9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 01:58:15 GMT
ohc-cache-hit: yy2ct79 [1], bdix198 [2]
ohc-file-size: 11198
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/827628.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/827628.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/827628.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=12740452,1887692848&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1081
12803.url.tudown.com/uploads/images/549445.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/549445.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/549445.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=4216717231,2729400725&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/161541.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/161541.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/161541.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1529239316,448868512&fm=253&fmt=auto?w=306&h=273
12803.url.tudown.com/uploads/images/379284.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/379284.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/379284.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2500411145,1084867926&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/586517.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/586517.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/586517.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3789779523,1065295715&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/554184.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/554184.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/554184.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=1283247850,931782952&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=393
220.169.152.35200 OK 19 kB URL HTTP/2 img0.baidu.com/it/u=1283247850,931782952&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=393
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x393, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d7a9071bca375b1d6a9d2b07c0f589fd
c3c7a57bf9d5cc6ffaf92c773b56783e62162d09
933480f423983085ac0d37d2060d0208aef9d639c8a9d56668dbb3333acbd18d
GET /it/u=1283247850,931782952&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=393 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 19294
expires: Sun, 05 Feb 2023 21:47:04 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: d7a9071bca375b1d6a9d2b07c0f589fd
age: 1791
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 21:47:04 GMT
ohc-cache-hit: yy2ct63 [4], suzix118 [2]
ohc-file-size: 19294
x-cache-status: HIT
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 61 kB URL HTTP/1.1 t14.baidu.com/it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash c172b25dd77f4eb994525f3168c7529d
858ef51604ba1fb4b7ced90be99caabdac91fe2b
84715b859c9cf24b89e4f218fa38da7b7a9fdf50393ca0b9d5c24d9ffb82f16b
GET /it/u=1393760178,3506995177&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpeg
Content-Length: 60595
Connection: keep-alive
Expires: Tue, 24 Jan 2023 10:12:03 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: c172b25dd77f4eb994525f3168c7529d
Age: 4251
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 25 Dec 2022 10:12:03 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache64 [4], wzix92 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 60595
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=2408059687,164248788&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
220.169.152.35200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=2408059687,164248788&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x281, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ae0c12f06df98726bf93914131c8258
294da638c32a036df6b66aa41a3f0b8095bc1665
aba0e5a0bb53c8fe18741580951a176a3c0504ab5bb92d6d8eb8eb04d69b864b
GET /it/u=2408059687,164248788&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=281 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 22788
expires: Wed, 01 Feb 2023 05:43:50 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 8ae0c12f06df98726bf93914131c8258
age: 491320
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 05:43:50 GMT
ohc-cache-hit: yy2ct53 [4], wzix53 [4]
ohc-file-size: 22788
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2835491459,3378873043&fm=253&app=120&f=JPEG?w=800&h=800
183.60.219.35200 OK 30 kB URL HTTP/1.1 img0.baidu.com/it/u=2835491459,3378873043&fm=253&app=120&f=JPEG?w=800&h=800
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=0, orientation=[*0*], width=0], baseline, precision 8, 800x800, components 3\012- data
Hash a7caf086accd6582981fa1291a57e4cc
d3907d10008ebe8ba80aa01504da924fc1249bac
128ddd7b890088c347b9fab19497f870f624d7af6ff721e4f239a64e82259a9e
GET /it/u=2835491459,3378873043&fm=253&app=120&f=JPEG?w=800&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpeg
Content-Length: 29790
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:49:25 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: a7caf086accd6582981fa1291a57e4cc
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:49:25 GMT
Ohc-Cache-HIT: fs3ct55 [1], czix89 [2]
Ohc-File-Size: 29790
X-Cache-Status: MISS
img1.baidu.com/it/u=634817867,2751445904&fm=253&app=138&f=JPEG?w=500&h=800
220.169.152.35200 OK 31 kB URL HTTP/1.1 img1.baidu.com/it/u=634817867,2751445904&fm=253&app=138&f=JPEG?w=500&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x800, components 3\012- data
Hash a31a529eda391dd24ef5bd52f29196cf
291970d37cc277f68124a376c979cba8f91fb641
d06de2a1aea7f23ac185fd751bd451f6dc1118f39b8403f87b0d0a12cf179ee2
GET /it/u=634817867,2751445904&fm=253&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpeg
Content-Length: 31347
Connection: keep-alive
Expires: Wed, 08 Feb 2023 11:35:29 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: a31a529eda391dd24ef5bd52f29196cf
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 11:35:29 GMT
Ohc-Cache-HIT: yy2ct63 [1], wzix63 [2]
Ohc-File-Size: 31347
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/141345.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/141345.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/141345.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500
12803.url.tudown.com/uploads/images/998721.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/998721.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/998721.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889
12803.url.tudown.com/uploads/images/277919.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/277919.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/277919.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1887200993,2026633724&fm=253&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/538396.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/538396.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/538396.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3350435703,264351242&fm=253&fmt=auto&app=138&f=JPEG?w=1094&h=500
12803.url.tudown.com/uploads/images/993219.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/993219.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/993219.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=918387341,1826072138&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
12803.url.tudown.com/uploads/images/754550.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/754550.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/754550.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=351641578,1341388944&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=351641578,1341388944&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 62 kB URL HTTP/1.1 t13.baidu.com/it/u=351641578,1341388944&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 743471cc5abbd68e3da596b28bbe72ce
6f3d884a27f726e119c3401e2630a8aad626ddee
d58b56fe50e7dc9498319a1c484f13e557c4a65071c6660d15004dda9a444e61
GET /it/u=351641578,1341388944&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpeg
Content-Length: 62131
Connection: keep-alive
Expires: Wed, 18 Jan 2023 10:49:14 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 743471cc5abbd68e3da596b28bbe72ce
Age: 1968380
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 19 Dec 2022 10:49:14 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache64 [1], xaix178 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 62131
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/353117.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/353117.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/353117.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=4211663368,2899541822&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/966168.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/966168.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/966168.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=228529902,2068942895&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
12803.url.tudown.com/uploads/images/121443.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/121443.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/121443.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=43027615,3128125304&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/179113.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/179113.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/179113.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=820218129,780079380&fm=253&app=120&f=JPEG?w=800&h=800
12803.url.tudown.com/uploads/images/834234.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/834234.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/834234.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2114417791,1347766598&fm=253&app=120&f=JPEG?w=800&h=1280
t14.baidu.com/it/u=43027615,3128125304&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 28 kB URL HTTP/1.1 t14.baidu.com/it/u=43027615,3128125304&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 88672d81b86d1bb8fda7f79764cd5571
fa0ae6ed492edfce4a912635eed192fa4afabdeb
f379af880a280d770ace656acb0891818b90cd1394274d57e101340b623f13c2
GET /it/u=43027615,3128125304&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpeg
Content-Length: 27465
Connection: keep-alive
Expires: Sun, 22 Jan 2023 07:44:41 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 88672d81b86d1bb8fda7f79764cd5571
Age: 4081
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 23 Dec 2022 07:44:41 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache50 [4], xaix223 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 27465
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=4211663368,2899541822&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 30 kB URL HTTP/1.1 t15.baidu.com/it/u=4211663368,2899541822&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 82cc1a6aadefc513815168ddf97b244e
825ab80e985989181d486129781bcde49abf71d0
11b1aa92b8eaffe44b6bbced6f2ac87ce8e0298dd6d303c11795adc6d9c89d5a
GET /it/u=4211663368,2899541822&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpeg
Content-Length: 29519
Connection: keep-alive
Expires: Sun, 22 Jan 2023 13:29:52 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 82cc1a6aadefc513815168ddf97b244e
Age: 1632244
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 23 Dec 2022 13:29:52 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache59 [2], xaix59 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 29519
X-Cache-Status: HIT
img0.baidu.com/it/u=2376906074,2392712780&fm=253&app=120&f=JPEG?w=1280&h=800
183.60.219.35200 OK 108 kB URL HTTP/1.1 img0.baidu.com/it/u=2376906074,2392712780&fm=253&app=120&f=JPEG?w=1280&h=800
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 108 kB (108316 bytes)
Hash c57e1556320c1f744d81dd109e22891d
dfc94820ec8e958f0e93e985c7ac533e85c6a6a7
346844f9b6f7770c15e5c39fb5d3a1bde1ef70fee940f06d0615ab7d457b9253
GET /it/u=2376906074,2392712780&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpeg
Content-Length: 108316
Connection: keep-alive
Expires: Sun, 05 Feb 2023 04:19:41 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: c57e1556320c1f744d81dd109e22891d
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 04:19:41 GMT
Ohc-Cache-HIT: fs3ct53 [1], suzix53 [4]
Ohc-File-Size: 108316
X-Cache-Status: MISS
img0.baidu.com/it/u=828399047,2921453799&fm=253&fmt=auto&app=138&f=PNG?w=500&h=800
220.169.152.35200 OK 117 kB URL HTTP/2 img0.baidu.com/it/u=828399047,2921453799&fm=253&fmt=auto&app=138&f=PNG?w=500&h=800
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 117 kB (117290 bytes)
Hash a7e384f8250b763c9c7e26a4eff5dfca
f93ea6c676bbf9bdd08786e480e95f7296b2b127
040c7186f9922a1a7c426355b02a5c3268dc6b6b5b688a4bc8de6ce8f14176b2
GET /it/u=828399047,2921453799&fm=253&fmt=auto&app=138&f=PNG?w=500&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 117290
expires: Wed, 18 Jan 2023 17:52:21 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a7e384f8250b763c9c7e26a4eff5dfca
age: 44408
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 17:52:21 GMT
ohc-cache-hit: yy2ct53 [4], xaix192 [2]
ohc-file-size: 117290
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/172127.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/172127.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/172127.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1420460397,2660571876&fm=253&fmt=auto&app=138&f=JPEG?w=625&h=500
img0.baidu.com/it/u=1184818323,2662606659&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=395
220.169.152.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=1184818323,2662606659&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=395
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x395, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6e6fce8d7b89b606d16a812d0303583e
df17f13f071759d527eb5fd27aceb73d5b1a805c
f0cc7de23e0bf042ad9df66679b4fadfb2a017f6fc3e36451b3121d30f3936c0
GET /it/u=1184818323,2662606659&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=395 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 15612
expires: Sat, 21 Jan 2023 12:54:56 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 6e6fce8d7b89b606d16a812d0303583e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 12:54:56 GMT
ohc-cache-hit: yy2ct63 [1], xaix118 [2]
ohc-file-size: 15612
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3448001060,4076763154&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714
220.169.152.35200 OK 21 kB URL HTTP/2 img2.baidu.com/it/u=3448001060,4076763154&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x714, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2bde01402b34b1c1cd07f828e38abaa4
f24fb6e4d75cc5d4e125f32c6a6b55618b39334c
c7b167f1c1c7a51935e34af3f486ee508ed89ce50d9420c74d6f72feeedacc56
GET /it/u=3448001060,4076763154&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=714 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 20722
expires: Sat, 21 Jan 2023 09:52:04 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 2bde01402b34b1c1cd07f828e38abaa4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 09:52:04 GMT
ohc-cache-hit: yy2ct53 [1], suzix157 [2]
ohc-file-size: 20722
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=907993002,3131829230&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
220.169.152.35200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=907993002,3131829230&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d9d8c6fb5a082d775d7e4c975234b65d
dc47db73982c40722c19646eed41c9781eb4e6bb
8d0ffa7b0722e7e5d559968c53b28e01e39176bec5f453675c090a2b9b45559a
GET /it/u=907993002,3131829230&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 22788
expires: Sat, 21 Jan 2023 04:21:47 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: d9d8c6fb5a082d775d7e4c975234b65d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 04:21:47 GMT
ohc-cache-hit: yy2ct56 [1], xiangyix245 [2]
ohc-file-size: 22788
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/706023.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/706023.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/706023.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3330573702,1889555895&fm=224&app=112&f=JPEG?w=500&h=281
img0.baidu.com/it/u=1848990606,2006386056&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
220.169.152.35200 OK 32 kB URL HTTP/2 img0.baidu.com/it/u=1848990606,2006386056&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b57d9df63b66074e0d16709f43b3267
4abd9638a3104bba975e93ec21247d9ed0bea245
470b1572f79a1cef9b96d376ddf9df6a0ab85b1fbfcc73a3ca01dd693e05a672
GET /it/u=1848990606,2006386056&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 31734
expires: Sun, 22 Jan 2023 21:04:42 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 3b57d9df63b66074e0d16709f43b3267
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 21:04:42 GMT
ohc-cache-hit: yy2ct51 [1], suzix51 [2]
ohc-file-size: 31734
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/682652.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/682652.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/682652.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=574253231,4146169484&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=777
t13.baidu.com/it/u=3330573702,1889555895&fm=224&app=112&f=JPEG?w=500&h=281
185.10.104.124200 OK 18 kB URL HTTP/1.1 t13.baidu.com/it/u=3330573702,1889555895&fm=224&app=112&f=JPEG?w=500&h=281
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 500x281, components 3\012- data
Hash 35dbc3c281e2dd6832907af5bf1d43d0
3aaf6b2d7dcc65028ef52853fd0f38c1416692f6
22177f2f63885459cdcd6a7fd6e7c247cd0415b2f688ddc304acc20cc4234595
GET /it/u=3330573702,1889555895&fm=224&app=112&f=JPEG?w=500&h=281 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpeg
Content-Length: 18192
Connection: keep-alive
Expires: Fri, 03 Feb 2023 04:46:20 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 35dbc3c281e2dd6832907af5bf1d43d0
Age: 658059
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 04 Jan 2023 04:46:20 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache60 [4], bdix159 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 18192
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/722466.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/722466.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/722466.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3688404081,3426315506&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=658
12803.url.tudown.com/uploads/images/840167.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/840167.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/840167.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1125842856,780112691&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
12803.url.tudown.com/uploads/images/368925.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/368925.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/368925.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4279025683,785405597&fm=253&fmt=auto&app=138&f=JPEG?w=282&h=500
img0.baidu.com/it/u=4004771335,2000716621&fm=253&fmt=auto?w=640&h=346
220.169.152.35200 OK 23 kB URL HTTP/2 img0.baidu.com/it/u=4004771335,2000716621&fm=253&fmt=auto?w=640&h=346
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x346, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c2176fe0efffe3ef69169d120b4c16f8
4d2cdf3ceb0549135397e3f425c34f3361e1b618
7c97d98ecd7da8e3e218bbbd08a1cefed5f76e8401d9941d419197c4eddbddf0
GET /it/u=4004771335,2000716621&fm=253&fmt=auto?w=640&h=346 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 23242
expires: Thu, 09 Feb 2023 00:50:31 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: c2176fe0efffe3ef69169d120b4c16f8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 00:50:31 GMT
ohc-cache-hit: yy2ct69 [1], bdix238 [2]
ohc-file-size: 23242
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3205109418,1606392849&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 45 kB URL HTTP/2 img2.baidu.com/it/u=3205109418,1606392849&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 662b39fff33932d30c1f10c67e0cf4f7
e092ebfb46871ed9842db244f03d3ac98a4accd7
74ff322a1c5d2508884df1968d9dc9a825ffe9ebf28e38089fd9c68327041410
GET /it/u=3205109418,1606392849&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 44684
expires: Sun, 22 Jan 2023 04:50:43 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 662b39fff33932d30c1f10c67e0cf4f7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 04:50:43 GMT
ohc-cache-hit: yy2ct66 [1], bdix221 [2]
ohc-file-size: 44684
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3789779523,1065295715&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 103 kB URL HTTP/1.1 img1.baidu.com/it/u=3789779523,1065295715&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 103 kB (102876 bytes)
Hash 7c729e7df28f83fc6fdfdf296040e83f
217428b0f09894fdf4a530f2f0158769a87a237b
a33f474d85afd4e720295c1ec92b573a4f44ad9d10713f9f219c7af5f9802fce
GET /it/u=3789779523,1065295715&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:29 GMT
Content-Type: image/jpeg
Content-Length: 102876
Connection: keep-alive
Expires: Tue, 07 Feb 2023 20:42:01 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 7c729e7df28f83fc6fdfdf296040e83f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 20:42:01 GMT
Ohc-Cache-HIT: yy2ct55 [1], csix97 [2]
Ohc-File-Size: 102876
X-Cache-Status: MISS
img2.baidu.com/it/u=4216717231,2729400725&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
220.169.152.35200 OK 33 kB URL HTTP/2 img2.baidu.com/it/u=4216717231,2729400725&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd1c748b2b9df83a61e722ba34f0012d
6661aeee02d371424d7df827faae70788373a6c6
dd42683fb1838ccf1b82f703b5ce255a0e317c9c44c31eba6b7afcc6963658c4
GET /it/u=4216717231,2729400725&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 33326
expires: Mon, 06 Feb 2023 09:10:25 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: cd1c748b2b9df83a61e722ba34f0012d
age: 14
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 09:10:25 GMT
ohc-cache-hit: yy2ct51 [2], xiangyix51 [2]
ohc-file-size: 33326
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/517969.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/517969.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/517969.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1712434161,4214687049&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=2797479669,2755051278&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=592
220.169.152.35200 OK 48 kB URL HTTP/2 img0.baidu.com/it/u=2797479669,2755051278&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=592
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x592, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3e07ff05c14bbd68386ee5549ff125c0
1809541dabb5684967338f4191b2c7b37a894562
d11f175719225dc8d80f705b46ea60871c318322b7e5564bc57d2528572e14f6
GET /it/u=2797479669,2755051278&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=592 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 47780
expires: Wed, 01 Feb 2023 11:45:16 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 3e07ff05c14bbd68386ee5549ff125c0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 11:45:16 GMT
ohc-cache-hit: yy2ct70 [1], xiangyix70 [2]
ohc-file-size: 47780
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1887200993,2026633724&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 163 kB URL HTTP/1.1 img1.baidu.com/it/u=1887200993,2026633724&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 163 kB (162689 bytes)
Hash 36298c79148b9e8d86b72c64e05e702a
617a4a898517af97cf5e1c3604662e7d7f250e81
e2f58adb1295e335d703aed596dbb338d077f6e6cba046028476e20ebc97ee19
GET /it/u=1887200993,2026633724&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpeg
Content-Length: 162689
Connection: keep-alive
Expires: Tue, 17 Jan 2023 02:53:19 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 36298c79148b9e8d86b72c64e05e702a
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 18 Dec 2022 02:53:19 GMT
Ohc-Cache-HIT: yy2ct64 [2], suzix218 [4]
Ohc-File-Size: 162689
X-Cache-Status: MISS
img2.baidu.com/it/u=2500411145,1084867926&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
220.169.152.35200 OK 18 kB URL HTTP/2 img2.baidu.com/it/u=2500411145,1084867926&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9714c98053d20451f29aef44a4a14537
9a6ff92060107f97d683404b26335d202277a3bc
9857a9339d8c06e5a1807d80f6abdade48d89c75c44a9cb3982a80c8d2de072d
GET /it/u=2500411145,1084867926&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 18128
expires: Sun, 29 Jan 2023 03:49:54 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 9714c98053d20451f29aef44a4a14537
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 30 Dec 2022 03:49:54 GMT
ohc-cache-hit: yy2ct52 [1], suzix245 [2]
ohc-file-size: 18128
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=12740452,1887692848&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1081
220.169.152.35200 OK 45 kB URL HTTP/2 img1.baidu.com/it/u=12740452,1887692848&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1081
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x1081, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 36104fc854020a52824637246dc144dd
c1efff9b3a635a4af514bef449cefc7b6bcdcc5a
82c391bfa6586b423bcf637de9fc12fb0dace95e48ae251dfceb4c6dd82fd7de
GET /it/u=12740452,1887692848&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=1081 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 45138
expires: Mon, 06 Feb 2023 04:55:46 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 36104fc854020a52824637246dc144dd
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 04:55:46 GMT
ohc-cache-hit: yy2ct68 [1], bdix157 [2]
ohc-file-size: 45138
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/112584.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/112584.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/112584.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1832424167,726485546&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
img2.baidu.com/it/u=1529239316,448868512&fm=253&fmt=auto?w=306&h=273
220.169.152.35200 OK 14 kB URL HTTP/2 img2.baidu.com/it/u=1529239316,448868512&fm=253&fmt=auto?w=306&h=273
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 306x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4adcd1f31ac5d4a19e7344f48d8247ed
08981e228bf164a70f6049ff0ccbcf9097c9b68c
010a224d62df6e711e05b4b733c87402193ab829b0c59c834b5fdd9c093b2aa0
GET /it/u=1529239316,448868512&fm=253&fmt=auto?w=306&h=273 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:29 GMT
content-type: image/webp
content-length: 14128
expires: Mon, 23 Jan 2023 01:20:08 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 4adcd1f31ac5d4a19e7344f48d8247ed
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 01:20:08 GMT
ohc-cache-hit: yy2ct58 [1], qdix175 [2]
ohc-file-size: 14128
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2114417791,1347766598&fm=253&app=120&f=JPEG?w=800&h=1280
183.60.219.35200 OK 72 kB URL HTTP/1.1 img0.baidu.com/it/u=2114417791,1347766598&fm=253&app=120&f=JPEG?w=800&h=1280
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 800x1280, components 3\012- data
Hash c856bfc9dc7407c09d7ec0b3523eb6b7
167d5c8881c617233223d70d8d4a79f86ea13593
afcfbc9004714b26a7526ddd65d9e14633af4bdab64ab05f884b05a9fc1327cd
GET /it/u=2114417791,1347766598&fm=253&app=120&f=JPEG?w=800&h=1280 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpeg
Content-Length: 72037
Connection: keep-alive
Expires: Thu, 19 Jan 2023 00:05:14 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: c856bfc9dc7407c09d7ec0b3523eb6b7
Age: 659670
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 20 Dec 2022 00:05:14 GMT
Ohc-Cache-HIT: fs3ct52 [4], xiangyix127 [4]
Ohc-File-Size: 72037
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/541258.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/541258.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/541258.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=70870365,1922742826&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=1712434161,4214687049&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 20 kB URL HTTP/1.1 t15.baidu.com/it/u=1712434161,4214687049&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0cc28ed1b1f2f768e88a594b0ea5b9a8
d3de9b1d991316c2aef61f164b9587384c68c9e2
9dabbccea9abb3ffb6bbfc7e116bcdf5fcfc78abe2969ed6672a9194dc0f16b7
GET /it/u=1712434161,4214687049&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpeg
Content-Length: 20077
Connection: keep-alive
Expires: Tue, 31 Jan 2023 22:02:40 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 0cc28ed1b1f2f768e88a594b0ea5b9a8
Age: 3004
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 01 Jan 2023 22:02:40 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache57 [4], csix107 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 20077
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889
182.242.59.35200 OK 62 kB URL HTTP/1.1 img2.baidu.com/it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash 09e8e409ceeaf1fbcbd17d303a66265a
1d98edcf4cf77ee1ac9f591af1a6398d18466bf9
55b6464263efa42751a90c05c96b4ea0223175f8e937a655f24d09efa5e1fcb1
GET /it/u=1016685666,2925042607&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpeg
Content-Length: 62081
Connection: keep-alive
Expires: Sat, 28 Jan 2023 01:40:49 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 09e8e409ceeaf1fbcbd17d303a66265a
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 29 Dec 2022 01:40:49 GMT
Ohc-Cache-HIT: km7ct69 [1], czix206 [2]
Ohc-File-Size: 62081
X-Cache-Status: MISS
img2.baidu.com/it/u=3350435703,264351242&fm=253&fmt=auto&app=138&f=JPEG?w=1094&h=500
220.169.152.35200 OK 57 kB URL HTTP/2 img2.baidu.com/it/u=3350435703,264351242&fm=253&fmt=auto&app=138&f=JPEG?w=1094&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1094x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63a23b868fb03250638a7e0ed1ecd5f2
9c573450417a92bf1739de2735e88c2c8c06ab2b
e652c084f6dfac3612c849639105dff0d68f0b93ead9a0cd829198d1d5d0eeac
GET /it/u=3350435703,264351242&fm=253&fmt=auto&app=138&f=JPEG?w=1094&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:30 GMT
content-type: image/webp
content-length: 56682
expires: Fri, 27 Jan 2023 16:19:33 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 63a23b868fb03250638a7e0ed1ecd5f2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 16:19:33 GMT
ohc-cache-hit: yy2ct66 [1], xiangyix81 [2]
ohc-file-size: 56682
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500
220.169.152.35200 OK 17 kB URL HTTP/2 img0.baidu.com/it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c521d95ec65fb91c8caa3407c3665104
e5dbcbaed7de685725c53afcc1d529472b60f550
b33b1929f06c2bd207d78623bb71c07e423fddaab7d5fbe65b45b421d5cd5a2e
GET /it/u=4250376146,713319959&fm=253&fmt=auto?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:30 GMT
content-type: image/webp
content-length: 17046
expires: Mon, 23 Jan 2023 04:30:42 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: c521d95ec65fb91c8caa3407c3665104
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 24 Dec 2022 04:30:42 GMT
ohc-cache-hit: yy2ct76 [1], xiangyix145 [2]
ohc-file-size: 17046
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/277494.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/277494.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/277494.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3747046495,707339174&fm=253&fmt=auto?w=500&h=800
t14.baidu.com/it/u=70870365,1922742826&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 50 kB URL HTTP/1.1 t14.baidu.com/it/u=70870365,1922742826&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash bdfca6d6ee2dec79387fa14090f49207
104774278c412714fa8c7e0ea52809acf669d716
11bbef7a7c7167b75ae174c5532f40fc7e0131bc42d5ca4c4e83a408e570261d
GET /it/u=70870365,1922742826&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpeg
Content-Length: 49936
Connection: keep-alive
Expires: Thu, 02 Feb 2023 03:53:21 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: bdfca6d6ee2dec79387fa14090f49207
Age: 3323
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 03:53:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache62 [2], suzix238 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 49936
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=918387341,1826072138&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
220.169.152.35200 OK 24 kB URL HTTP/2 img1.baidu.com/it/u=918387341,1826072138&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a798b8e0fc46b6ae1f8b31b325bbfaa8
99d8cdd714df5494c2d61556bbde06830bcf92e6
b46ee7108b759f3ae7409bd520a26b1cee05fc82526369a0531ecb90f17926bf
GET /it/u=918387341,1826072138&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:30 GMT
content-type: image/webp
content-length: 24142
expires: Sat, 21 Jan 2023 16:58:54 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: a798b8e0fc46b6ae1f8b31b325bbfaa8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 16:58:54 GMT
ohc-cache-hit: yy2ct50 [1], czix160 [2]
ohc-file-size: 24142
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=228529902,2068942895&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
220.169.152.35200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=228529902,2068942895&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2fa9f234af8eb98b145a1c738fc70e9e
ce1b2645b89e5589ed1336d5f55a178d75318dbe
770b08eb1b75af6e4e5e266f15aae711d5a23acb127ff00522e8d69b00a7bb1d
GET /it/u=228529902,2068942895&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:30 GMT
content-type: image/webp
content-length: 19160
expires: Thu, 19 Jan 2023 03:30:21 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 2fa9f234af8eb98b145a1c738fc70e9e
age: 491303
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 20 Dec 2022 03:30:21 GMT
ohc-cache-hit: yy2ct64 [4], bdix64 [2]
ohc-file-size: 19160
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/966254.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/966254.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/966254.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3002503098,869572651&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
12803.url.tudown.com/uploads/images/507936.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/507936.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/507936.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1028304191,455267146&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225
img0.baidu.com/it/u=1420460397,2660571876&fm=253&fmt=auto&app=138&f=JPEG?w=625&h=500
220.169.152.35200 OK 42 kB URL HTTP/2 img0.baidu.com/it/u=1420460397,2660571876&fm=253&fmt=auto&app=138&f=JPEG?w=625&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 625x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f7b64f89de32a18212e6a83f82807372
cf59d514d8a688fd59426d8dc2a53d14e70f098c
00b148f4caa376dea203a382a1648ea55e660d908421afac30677e2aed8635a5
GET /it/u=1420460397,2660571876&fm=253&fmt=auto&app=138&f=JPEG?w=625&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:30 GMT
content-type: image/webp
content-length: 42340
expires: Thu, 12 Jan 2023 05:04:32 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: f7b64f89de32a18212e6a83f82807372
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 13 Dec 2022 05:04:32 GMT
ohc-cache-hit: yy2ct76 [1], csix92 [2]
ohc-file-size: 42340
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1125842856,780112691&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
220.169.152.35200 OK 43 kB URL HTTP/2 img1.baidu.com/it/u=1125842856,780112691&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e46acdf0c4e1ceec56b17feeda0b0063
36fd7beaa02475109b987c50f2498d148a912b23
d053f107d4306944053a29b7e3d5e3b89d9adb457872e22a228e0373c06d2fab
GET /it/u=1125842856,780112691&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:30 GMT
content-type: image/webp
content-length: 42578
expires: Sun, 22 Jan 2023 16:12:29 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: e46acdf0c4e1ceec56b17feeda0b0063
age: 248255
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 16:12:29 GMT
ohc-cache-hit: yy2ct60 [4], wzix81 [2]
ohc-file-size: 42578
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=4279025683,785405597&fm=253&fmt=auto&app=138&f=JPEG?w=282&h=500
220.169.152.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=4279025683,785405597&fm=253&fmt=auto&app=138&f=JPEG?w=282&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 282x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a9764f5195df0d5488a0883d7f2fe10a
b2e6cd87d38784871297af785877d96f2a308d4f
affa12ff8c31831b802844192c0f792b9a2362668d8487b2ae85bd35da6f4ae9
GET /it/u=4279025683,785405597&fm=253&fmt=auto&app=138&f=JPEG?w=282&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:30 GMT
content-type: image/webp
content-length: 26554
expires: Sun, 22 Jan 2023 06:50:58 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: a9764f5195df0d5488a0883d7f2fe10a
age: 2971
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 06:50:58 GMT
ohc-cache-hit: yy2ct68 [4], bdix158 [2]
ohc-file-size: 26554
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=574253231,4146169484&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=777
220.169.152.35200 OK 33 kB URL HTTP/2 img1.baidu.com/it/u=574253231,4146169484&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=777
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x777, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 28204046699e6b43197de4cd38b250cc
fecd67ab59899555afff24b2bc37b7a87185a60e
60123463726d01f2abe7d6ccfafa62393ca041b2f3c828ffedb8272e3a1d9797
GET /it/u=574253231,4146169484&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=777 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:30 GMT
content-type: image/webp
content-length: 33090
expires: Sun, 15 Jan 2023 08:06:02 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 28204046699e6b43197de4cd38b250cc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 16 Dec 2022 08:06:02 GMT
ohc-cache-hit: yy2ct68 [1], suzix197 [2]
ohc-file-size: 33090
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3688404081,3426315506&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=658
220.169.152.35200 OK 16 kB URL HTTP/2 img1.baidu.com/it/u=3688404081,3426315506&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=658
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x658, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14440b7893278740cee0dd13d839f521
58f3ae2af005120b0a959b4ae0cf11389d27e9ca
4625f81484caa72c1c445c4796a2f9ca61547e44b8fe757a3f73192921470615
GET /it/u=3688404081,3426315506&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=658 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:30 GMT
content-type: image/webp
content-length: 16364
expires: Fri, 20 Jan 2023 03:40:16 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 14440b7893278740cee0dd13d839f521
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 03:40:16 GMT
ohc-cache-hit: yy2ct67 [1], wzix103 [2]
ohc-file-size: 16364
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/929577.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/929577.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/929577.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=489772125,984164896&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
img2.baidu.com/it/u=820218129,780079380&fm=253&app=120&f=JPEG?w=800&h=800
182.242.59.35200 OK 69 kB URL HTTP/1.1 img2.baidu.com/it/u=820218129,780079380&fm=253&app=120&f=JPEG?w=800&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x800, components 3\012- data
Hash 8ff8c59cd16207259736f9683e572b35
e9839edcaa70295ecf5b809538a64cb586c2c894
d128756283f95c2fcace169576e84006ba9a4db2473cde278087c8c92197a857
GET /it/u=820218129,780079380&fm=253&app=120&f=JPEG?w=800&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpeg
Content-Length: 68880
Connection: keep-alive
Expires: Tue, 07 Feb 2023 09:48:45 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 8ff8c59cd16207259736f9683e572b35
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 09:48:45 GMT
Ohc-Cache-HIT: km7ct60 [1], csix60 [2]
Ohc-File-Size: 68880
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/79664.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/79664.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/79664.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=617242831,2889192098&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/589839.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/589839.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/589839.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=696657491,2150538926&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/399226.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/399226.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/399226.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=682199570,740709875&fm=253&fmt=auto&app=138&f=JPEG?w=393&h=500
12803.url.tudown.com/uploads/images/954223.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/954223.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/954223.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1458716967,3365048567&fm=253&fmt=auto&app=120&f=JPEG?w=750&h=500
12803.url.tudown.com/uploads/images/310594.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/310594.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/310594.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2226416202,2702384692&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=917
t15.baidu.com/it/u=617242831,2889192098&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 25 kB URL HTTP/1.1 t15.baidu.com/it/u=617242831,2889192098&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash cb03e61e9d47f4f086c97c018018a5cb
4c9b7cf06916baf5ca9e99ffa97013703f2fc666
5d487fcc4e10e6390e00b3e6bbcd4b3b6dc8f3d8fb9b0e51bde21c8938bf029d
GET /it/u=617242831,2889192098&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpeg
Content-Length: 24912
Connection: keep-alive
Expires: Thu, 02 Feb 2023 07:48:37 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: cb03e61e9d47f4f086c97c018018a5cb
Age: 721759
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 03 Jan 2023 07:48:37 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache50 [4], suzix220 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24912
X-Cache-Status: HIT
img1.baidu.com/it/u=3747046495,707339174&fm=253&fmt=auto?w=500&h=800
220.169.152.35200 OK 88 kB URL HTTP/1.1 img1.baidu.com/it/u=3747046495,707339174&fm=253&fmt=auto?w=500&h=800
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e7facc2dc9ee1e50590b8865940e685
e5edc5faf0f5ed0a8b1ddf955caf213ea049d6c9
d38e7fccc8d23c9095e50ea624db6d6a2f2366dfd0a20ac15e44e4e2bf5453c7
GET /it/u=3747046495,707339174&fm=253&fmt=auto?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:30 GMT
Content-Type: image/webp
Content-Length: 88050
Connection: keep-alive
Expires: Wed, 25 Jan 2023 12:09:17 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 5e7facc2dc9ee1e50590b8865940e685
Age: 984
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 26 Dec 2022 12:09:17 GMT
Ohc-Cache-HIT: yy2ct67 [4], wzix72 [4]
Ohc-File-Size: 88050
X-Cache-Status: HIT
img0.baidu.com/it/u=1028304191,455267146&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225
220.169.152.35200 OK 14 kB URL HTTP/2 img0.baidu.com/it/u=1028304191,455267146&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 104d4fcfad56cf3a65de0a90ef23ffb4
c76fae2ccb5e63522ca6ffe4d7637e87680319c4
9570e295f5f5135fe869cd6626f53d5ed098c763a1204662fc4c4d0fe748a149
GET /it/u=1028304191,455267146&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=225 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 13836
expires: Wed, 25 Jan 2023 04:23:19 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 104d4fcfad56cf3a65de0a90ef23ffb4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 04:23:19 GMT
ohc-cache-hit: yy2ct71 [1], xiangyix168 [2]
ohc-file-size: 13836
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1832424167,726485546&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
220.169.152.35200 OK 49 kB URL HTTP/2 img0.baidu.com/it/u=1832424167,726485546&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x312, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 32a13760bc1ad27fdc3792e73364cd81
6bcc962c51f639ffb2d3037ab5dbb0100d53e706
299aa7c163e15347cfa227e8037b2349193013da38b6d626009ea6c5e5cc1e2d
GET /it/u=1832424167,726485546&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=312 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 48978
expires: Sat, 21 Jan 2023 14:08:31 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 32a13760bc1ad27fdc3792e73364cd81
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 14:08:31 GMT
ohc-cache-hit: yy2ct58 [1], qdix58 [2]
ohc-file-size: 48978
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3002503098,869572651&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
220.169.152.35200 OK 9.8 kB URL HTTP/2 img0.baidu.com/it/u=3002503098,869572651&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 280x180, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bf1145c0e80d997226ac7c62f1705429
0f3acd615d2107bbed6b38df42cd5d753e26a6b5
9c46ba133d3eabbe2ddbb80580ac76f89cd3a363d28e182d4bc995b3baf38c7c
GET /it/u=3002503098,869572651&fm=253&fmt=auto&app=138&f=JPEG?w=280&h=180 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 9830
expires: Thu, 02 Feb 2023 03:28:55 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: bf1145c0e80d997226ac7c62f1705429
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 03 Jan 2023 03:28:55 GMT
ohc-cache-hit: yy2ct69 [1], xiangyix69 [2]
ohc-file-size: 9830
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/567117.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/567117.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/567117.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1677365075,3202113398&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=696657491,2150538926&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 57 kB URL HTTP/1.1 t15.baidu.com/it/u=696657491,2150538926&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5ae216a7e1996db1f4c6deb23f8ee2d3
294e5ce7c27801439dfa884ba6a3e47fd74e6c25
f57b4252920f9b41de4663e260127b3e67f578692a91ad2cc24f7806a11642f0
GET /it/u=696657491,2150538926&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpeg
Content-Length: 56804
Connection: keep-alive
Expires: Sat, 04 Feb 2023 15:15:07 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 5ae216a7e1996db1f4c6deb23f8ee2d3
Age: 4204
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 15:15:07 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache60 [4], xaix70 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 56804
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=1677365075,3202113398&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t14.baidu.com/it/u=1677365075,3202113398&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 07f199283ce4c378ede496c395bd8daf
e5500ad063d752962280567c97e552123b1b9ebb
9c6f4254ef321886f03697da4d85c34513a9c7b32c814cc5c6af9bcddecc8e76
GET /it/u=1677365075,3202113398&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpeg
Content-Length: 38751
Connection: keep-alive
Expires: Tue, 24 Jan 2023 23:27:32 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 07f199283ce4c378ede496c395bd8daf
Age: 4123
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 25 Dec 2022 23:27:32 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache52 [1], csix83 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 38751
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/202428.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/202428.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/202428.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=627444253,2692797149&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
12803.url.tudown.com/uploads/images/811573.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/811573.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/811573.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3854596382,2878485949&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/370002.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/370002.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/370002.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2251079284,1961663137&fm=224&app=112&f=JPEG?w=500&h=500
t13.baidu.com/it/u=3854596382,2878485949&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 58 kB URL HTTP/1.1 t13.baidu.com/it/u=3854596382,2878485949&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0054a6a26b17fa46af3c250af31da10d
43c09a61bc4f849dd55f3d87139dc44d6332e60c
82ea0b0ec7377be1467a510c3fde4a3ca9ed506c8c56395221c2f6622ce20c5c
GET /it/u=3854596382,2878485949&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpeg
Content-Length: 57928
Connection: keep-alive
Expires: Sun, 22 Jan 2023 21:25:43 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 0054a6a26b17fa46af3c250af31da10d
Age: 1644768
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 23 Dec 2022 21:25:43 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], jnuncache58 [4], qdix126 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57928
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=489772125,984164896&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
220.169.152.35200 OK 108 kB URL HTTP/2 img2.baidu.com/it/u=489772125,984164896&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 108 kB (107838 bytes)
Hash 8afe8efe452c0129e21d0af3925951f0
e44556c612b524607bd05a2d5597656f32996a13
03db89b7f62f4f298e15ceaae9b0056478ba9ceef51f15ef405a30ba3c497e8d
GET /it/u=489772125,984164896&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 107838
expires: Sat, 28 Jan 2023 08:29:54 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 8afe8efe452c0129e21d0af3925951f0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 29 Dec 2022 08:29:54 GMT
ohc-cache-hit: yy2ct73 [1], xiangyix80 [2]
ohc-file-size: 107838
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2251079284,1961663137&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 24 kB URL HTTP/1.1 t14.baidu.com/it/u=2251079284,1961663137&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash dd1ebdd3807090d8e4efc7fa7590bd24
64e907c03546a25645d2f93091079c1f4349d794
ed1f3ff1d810d5edd4c841233c8ea774dad2a796b31939c02870e61a8d06e832
GET /it/u=2251079284,1961663137&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpeg
Content-Length: 23629
Connection: keep-alive
Expires: Fri, 27 Jan 2023 08:58:21 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: dd1ebdd3807090d8e4efc7fa7590bd24
Age: 3982
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 08:58:21 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache52 [1], czix239 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 23629
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/628861.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/628861.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/628861.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1795397749,2001441665&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=682199570,740709875&fm=253&fmt=auto&app=138&f=JPEG?w=393&h=500
220.169.152.35200 OK 7.6 kB URL HTTP/2 img1.baidu.com/it/u=682199570,740709875&fm=253&fmt=auto&app=138&f=JPEG?w=393&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 393x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e5433b3bb1936c292eaa30047e1d0f7
6c53289dccb7b2525f091055aae6ae7fcbf0711c
7d91f83037b087ad1c06208ea30945f6922e7d4f65e866ef1742439eb3fefa90
GET /it/u=682199570,740709875&fm=253&fmt=auto&app=138&f=JPEG?w=393&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 7598
expires: Sat, 04 Feb 2023 00:21:43 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 1e5433b3bb1936c292eaa30047e1d0f7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 00:21:43 GMT
ohc-cache-hit: yy2ct69 [1], xiangyix69 [2]
ohc-file-size: 7598
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1458716967,3365048567&fm=253&fmt=auto&app=120&f=JPEG?w=750&h=500
220.169.152.35200 OK 10 kB URL HTTP/2 img0.baidu.com/it/u=1458716967,3365048567&fm=253&fmt=auto&app=120&f=JPEG?w=750&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 42223cb08230b6d4bee5d4c29643176f
4b30ea010be765c2c8104a3349925efd137f1ade
9992c00d99b1acc5bdc637a7ca08a71653c2e6fe1d22902b60bb32d98c0b6c50
GET /it/u=1458716967,3365048567&fm=253&fmt=auto&app=120&f=JPEG?w=750&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 10426
expires: Sun, 22 Jan 2023 09:41:25 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 42223cb08230b6d4bee5d4c29643176f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 09:41:25 GMT
ohc-cache-hit: yy2ct60 [1], czix147 [2]
ohc-file-size: 10426
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/440427.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/440427.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/440427.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2914219689,4229171167&fm=253&fmt=auto&app=120&f=JPEG?w=510&h=721
img2.baidu.com/it/u=2226416202,2702384692&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=917
220.169.152.35200 OK 12 kB URL HTTP/2 img2.baidu.com/it/u=2226416202,2702384692&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=917
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x917, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2de0859427b90972285b75dfa35b86a
d59970244c54408b3cc623a432cc29fc66ca2bb4
f555d4a80e2a67cb76912754c6001649ad53872156f9294277a78aafadb31443
GET /it/u=2226416202,2702384692&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=917 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 11514
expires: Tue, 24 Jan 2023 04:30:16 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: d2de0859427b90972285b75dfa35b86a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 25 Dec 2022 04:30:16 GMT
ohc-cache-hit: yy2ct60 [1], xaix199 [2]
ohc-file-size: 11514
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/472087.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/472087.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/472087.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1606564216,3498322752&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
12803.url.tudown.com/uploads/images/607096.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/607096.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/607096.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3675498785,2233804734&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/640103.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/640103.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/640103.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2567070492,3151820801&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=250
12803.url.tudown.com/uploads/images/526453.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/526453.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/526453.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=2213038951,1708876553&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/858447.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/858447.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/858447.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3803799794,4260690021&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img2.baidu.com/it/u=627444253,2692797149&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
220.169.152.35200 OK 16 kB URL HTTP/2 img2.baidu.com/it/u=627444253,2692797149&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c856e2f0ca830171817ff5d7d5c19db
b4bab8cb8e2f4884da337a7a51659f8750dc9d28
a4be42dc8be8661d4ff91eb95921f74be646dcb1ba9e51f846d926ba374c2f71
GET /it/u=627444253,2692797149&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 16378
expires: Tue, 07 Feb 2023 13:30:35 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 8c856e2f0ca830171817ff5d7d5c19db
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 13:30:35 GMT
ohc-cache-hit: yy2ct78 [1], czix211 [2]
ohc-file-size: 16378
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2914219689,4229171167&fm=253&fmt=auto&app=120&f=JPEG?w=510&h=721
220.169.152.35200 OK 41 kB URL HTTP/2 img2.baidu.com/it/u=2914219689,4229171167&fm=253&fmt=auto&app=120&f=JPEG?w=510&h=721
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 510x721, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8340e1d27cb145db041119097cb4c181
07ab1836d4f4f528f997e58052e29f4a2c775dd4
f7d890efb510f5feeca30e2da2c77b6e054b709822866f385ef06a3e9b0bb255
GET /it/u=2914219689,4229171167&fm=253&fmt=auto&app=120&f=JPEG?w=510&h=721 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 40878
expires: Sun, 22 Jan 2023 08:21:36 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 8340e1d27cb145db041119097cb4c181
age: 4439
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 08:21:36 GMT
ohc-cache-hit: yy2ct52 [4], xaix153 [4]
ohc-file-size: 40878
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/830197.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/830197.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/830197.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
img1.baidu.com/it/u=1795397749,2001441665&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 62 kB URL HTTP/2 img1.baidu.com/it/u=1795397749,2001441665&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b0235470fb8ef23a22fd41e541b79d37
02d9f4940d127bbf9a941c4d19cd442a4456a680
a3575653a9ab04887b12cfdfc55ac5633849f7708f1c5d85ccdfeeae7799d3e8
GET /it/u=1795397749,2001441665&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 61964
expires: Wed, 18 Jan 2023 06:36:16 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: b0235470fb8ef23a22fd41e541b79d37
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 19 Dec 2022 06:36:16 GMT
ohc-cache-hit: yy2ct65 [1], suzix65 [4]
ohc-file-size: 61964
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/125053.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/125053.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/125053.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2415903544,3088794979&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/669195.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/669195.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/669195.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2198403772,3293730939&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=3675498785,2233804734&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 116 kB URL HTTP/2 img1.baidu.com/it/u=3675498785,2233804734&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 116 kB (115780 bytes)
Hash 0a3e9485f5c55fc8e1e5e7fa29e68c48
a7008de24039a5efd6e4b4e3078d4875bb591301
bb87adfa15c8e2cb488dcc53fdf59c756f22c8b7f70fcb99b42976262f03d76b
GET /it/u=3675498785,2233804734&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 115780
expires: Sat, 21 Jan 2023 05:48:42 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0a3e9485f5c55fc8e1e5e7fa29e68c48
age: 915086
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 05:48:42 GMT
ohc-cache-hit: yy2ct71 [4], xaix71 [2]
ohc-file-size: 115780
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/833440.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/833440.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/833440.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=262409196,3193006701&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
12803.url.tudown.com/uploads/images/600748.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/600748.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/600748.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1298509784,841267285&fm=253&fmt=auto?w=889&h=500
img2.baidu.com/it/u=1606564216,3498322752&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
220.169.152.35200 OK 38 kB URL HTTP/2 img2.baidu.com/it/u=1606564216,3498322752&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x375, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c07e5884d9697524912f5a1eebfd76cf
8d5993e5061b24e303913188ce2f32a5c0cca665
98c7cabebd0d8efef6d7a570670a09c4ae9277a1a24846410c1b7636a9e90533
GET /it/u=1606564216,3498322752&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 37694
expires: Sat, 21 Jan 2023 17:00:32 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: c07e5884d9697524912f5a1eebfd76cf
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 17:00:32 GMT
ohc-cache-hit: yy2ct59 [1], suzix192 [2]
ohc-file-size: 37694
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/247207.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/247207.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/247207.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2566797104,2248087218&fm=253&fmt=auto&app=138&f=JPEG?w=265&h=208
img0.baidu.com/it/u=2567070492,3151820801&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=250
220.169.152.35200 OK 10 kB URL HTTP/2 img0.baidu.com/it/u=2567070492,3151820801&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=250
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa117f9c842b60faadc79072b39588c1
ad5cd174292ec494a79dd2f30e9fa61fadf2cb98
936f2ef446323bf0c6853035b3b36e8cd8920913997558616815139ce92c3d62
GET /it/u=2567070492,3151820801&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=250 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:31 GMT
content-type: image/webp
content-length: 10502
expires: Tue, 07 Feb 2023 18:14:52 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: fa117f9c842b60faadc79072b39588c1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 18:14:52 GMT
ohc-cache-hit: yy2ct67 [1], czix179 [2]
ohc-file-size: 10502
x-cache-status: MISS
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/788659.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/788659.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/788659.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:31 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3003072192,3955227881&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=695
t15.baidu.com/it/u=2415903544,3088794979&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 54 kB URL HTTP/1.1 t15.baidu.com/it/u=2415903544,3088794979&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 2eb0e170a6f80ae0af76699c3330c38b
72cece36713c0d347c04b49a2fda564e350772a6
a3d59c9b5e45d768880060cb5aac757cb842f253c0369aeabc33d63cd7aa1aed
GET /it/u=2415903544,3088794979&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpeg
Content-Length: 53623
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:26:56 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 2eb0e170a6f80ae0af76699c3330c38b
Age: 3079
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:26:56 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache61 [1], suzix183 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53623
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=3803799794,4260690021&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
220.169.152.35200 OK 15 kB URL HTTP/2 img0.baidu.com/it/u=3803799794,4260690021&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2513f5854c04282192c527f5b680b5e0
dcd2f72ac199c52ac72478ead66d2746cd011ada
f471ec3653fd063b42ee7348e6b4907f995323b0ef967ca96f5b01c9d548fed4
GET /it/u=3803799794,4260690021&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 15304
expires: Mon, 06 Feb 2023 11:50:49 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 2513f5854c04282192c527f5b680b5e0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 11:50:49 GMT
ohc-cache-hit: yy2ct54 [1], wzix54 [2]
ohc-file-size: 15304
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
220.169.152.35200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3049dbfe7ea96d05d6d7c2026128dcf1
34aac4a8b7dd83d6684cf1ab6228e547be288d5b
e9dd027587b4c1fcaf0c6931a30402095924640d9d4f8d84df94a90ca04f3419
GET /it/u=378699573,2946821918&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 13460
expires: Fri, 20 Jan 2023 14:18:24 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 3049dbfe7ea96d05d6d7c2026128dcf1
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 14:18:24 GMT
ohc-cache-hit: yy2ct62 [1], xaix62 [2]
ohc-file-size: 13460
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=2213038951,1708876553&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 38 kB URL HTTP/1.1 t14.baidu.com/it/u=2213038951,1708876553&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f877f88f76b32f82bb096c6015f7d57a
738fac966e30cba86c1e7e9cbcd27d4b95812088
e2be22a364a37cf92c36b286f155552bac54e1eaabc3fcf2e076a8cab7a53e9c
GET /it/u=2213038951,1708876553&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpeg
Content-Length: 37626
Connection: keep-alive
Expires: Mon, 06 Feb 2023 04:37:19 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: f877f88f76b32f82bb096c6015f7d57a
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 07 Jan 2023 04:37:18 GMT
Ohc-Upstream-Trace: 58.20.204.62
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [1], zhuzuncache62 [2], xaix112 [4]
Ohc-Response-Time: 1 0 0 0 334 334
Ohc-File-Size: 37626
X-Cache-Status: MISS
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/873476.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/873476.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/873476.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=1273190374,2161105014&fm=224&app=112&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/154954.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/154954.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/154954.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=4049047788,76782780&fm=224&app=112&f=JPEG?w=500&h=500&s=CB85618ECDD697F94B24349203008020
t13.baidu.com/it/u=1273190374,2161105014&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 42 kB URL HTTP/1.1 t13.baidu.com/it/u=1273190374,2161105014&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 215c4b6a724335a6a1c13209bcde9277
d80f96de7ba46cd7bda6bb8a6854c9afe80c40ca
20c5427c17a2bac88ee7af0db908d3f093f429aeb2a42d93e3a10c403a548f64
GET /it/u=1273190374,2161105014&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpeg
Content-Length: 41983
Connection: keep-alive
Expires: Wed, 18 Jan 2023 21:46:05 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 215c4b6a724335a6a1c13209bcde9277
Age: 290727
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 19 Dec 2022 21:46:05 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache62 [1], csix86 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 41983
X-Cache-Status: HIT
Timing-Allow-Origin: *
12803.url.tudown.com/uploads/images/409505.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/409505.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/409505.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3112304755,3265129995&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=262409196,3193006701&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 70 kB URL HTTP/2 img1.baidu.com/it/u=262409196,3193006701&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7734584911437d35bd7a15c723e14e44
518381a23c11e85e98f4953b9bdbaba969d41425
d4fa67474b3a6dcd4de49e88886fd7bee6c2822bdcae5bfd240adbf1faa10a0a
GET /it/u=262409196,3193006701&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 70364
expires: Sat, 21 Jan 2023 12:25:56 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 7734584911437d35bd7a15c723e14e44
age: 1706479
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 12:25:56 GMT
ohc-cache-hit: yy2ct77 [4], bdix160 [4]
ohc-file-size: 70364
x-cache-status: HIT
X-Firefox-Spdy: h2
t14.baidu.com/it/u=4049047788,76782780&fm=224&app=112&f=JPEG?w=500&h=500&s=CB85618ECDD697F94B24349203008020
185.10.104.124200 OK 76 kB URL HTTP/1.1 t14.baidu.com/it/u=4049047788,76782780&fm=224&app=112&f=JPEG?w=500&h=500&s=CB85618ECDD697F94B24349203008020
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 3251f64de0486f5be0af7a2a8cb04e4d
76adb13b46ade918af704b55586d24f015ba40eb
efd9c989ca1c44bbb61a51a1d88b1caada0d2f8ca7d1ce408e1cfcc36ce6b7f2
GET /it/u=4049047788,76782780&fm=224&app=112&f=JPEG?w=500&h=500&s=CB85618ECDD697F94B24349203008020 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpeg
Content-Length: 75565
Connection: keep-alive
Expires: Fri, 27 Jan 2023 10:58:51 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 3251f64de0486f5be0af7a2a8cb04e4d
Age: 3653
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 28 Dec 2022 10:58:51 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [2], zhuzuncache64 [4], xaix122 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 75565
X-Cache-Status: HIT
Timing-Allow-Origin: *
img0.baidu.com/it/u=1298509784,841267285&fm=253&fmt=auto?w=889&h=500
220.169.152.35200 OK 104 kB URL HTTP/2 img0.baidu.com/it/u=1298509784,841267285&fm=253&fmt=auto?w=889&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 104 kB (103664 bytes)
Hash c96e446397b96dbf6f2cf0781467eca8
722a07eb621632b701ca50d7394ae103d0eda730
bd3b6507dab0a08aae3f610089a1d29cde982fc59b746998d5cf2a8d8377911f
GET /it/u=1298509784,841267285&fm=253&fmt=auto?w=889&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 103664
expires: Sat, 21 Jan 2023 15:52:51 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: c96e446397b96dbf6f2cf0781467eca8
age: 249656
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 15:52:51 GMT
ohc-cache-hit: yy2ct61 [4], czix125 [2]
ohc-file-size: 103664
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/637261.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/637261.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/637261.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1154008553,1509192032&fm=224&app=112&f=JPEG?w=469&h=469
12803.url.tudown.com/uploads/images/449512.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/449512.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/449512.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2136046815,384219073&fm=253&app=120&f=JPEG?w=1280&h=800
img1.baidu.com/it/u=2566797104,2248087218&fm=253&fmt=auto&app=138&f=JPEG?w=265&h=208
220.169.152.35200 OK 9.7 kB URL HTTP/2 img1.baidu.com/it/u=2566797104,2248087218&fm=253&fmt=auto&app=138&f=JPEG?w=265&h=208
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 265x208, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8fba11a28a00924651725891287adfe4
bdf6b539e96fe275595ab9c3023a0ce27a20c0e5
409ced9a9fbf9c6e8fafae735700f43e5b410aba604ba032710d7c0ddd0872f3
GET /it/u=2566797104,2248087218&fm=253&fmt=auto&app=138&f=JPEG?w=265&h=208 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 9748
expires: Sun, 05 Feb 2023 04:44:10 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 8fba11a28a00924651725891287adfe4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 06 Jan 2023 04:44:10 GMT
ohc-cache-hit: yy2ct67 [1], csix67 [2]
ohc-file-size: 9748
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3003072192,3955227881&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=695
220.169.152.35200 OK 33 kB URL HTTP/2 img0.baidu.com/it/u=3003072192,3955227881&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=695
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x695, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69e09115a39d76a2efa0b6cdd9aac6cc
518385e3288b84a0f93c217935818aec316559d9
3b7cfc0ccd2288883774a38cce28ae6fde50c510528890d2f2f3accbf15ca98c
GET /it/u=3003072192,3955227881&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=695 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 32852
expires: Sat, 21 Jan 2023 06:50:18 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 69e09115a39d76a2efa0b6cdd9aac6cc
age: 66085
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 06:50:17 GMT
ohc-cache-hit: yy2ct68 [4], xaix158 [2]
ohc-file-size: 32852
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/340093.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/340093.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/340093.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2067035217,501997824&fm=253&fmt=auto?w=800&h=500
t15.baidu.com/it/u=1154008553,1509192032&fm=224&app=112&f=JPEG?w=469&h=469
185.10.104.124200 OK 66 kB URL HTTP/1.1 t15.baidu.com/it/u=1154008553,1509192032&fm=224&app=112&f=JPEG?w=469&h=469
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 469x469, components 3\012- data
Hash 3279f79b3e6dc6237472d13607b73ec3
15b399d826ae57f9d4869829fd74c6118d2f9cca
0d93023ed679760a6f4e7808e7ac2162e60480f9b479df89b2def93d86b66ca4
GET /it/u=1154008553,1509192032&fm=224&app=112&f=JPEG?w=469&h=469 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpeg
Content-Length: 65609
Connection: keep-alive
Expires: Thu, 19 Jan 2023 18:19:48 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 3279f79b3e6dc6237472d13607b73ec3
Age: 3680
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 20 Dec 2022 18:19:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache56 [2], qdix214 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 65609
X-Cache-Status: HIT
img2.baidu.com/it/u=2198403772,3293730939&fm=253&app=120&f=JPEG?w=1280&h=800
182.242.59.35200 OK 89 kB URL HTTP/1.1 img2.baidu.com/it/u=2198403772,3293730939&fm=253&app=120&f=JPEG?w=1280&h=800
IP 182.242.59.35:0
ASN #134766 CHINANET Yunnan province IDC2 network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 48bf8ee6f3882488441b46ba94c2291c
c408edc79221ebecee340117573dc9d2f46f0f37
50d25a8462a6e46e501b755f877afdce1695fca225bb14484665fdb002481246
GET /it/u=2198403772,3293730939&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpeg
Content-Length: 89077
Connection: keep-alive
Expires: Sat, 14 Jan 2023 00:32:57 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 48bf8ee6f3882488441b46ba94c2291c
Age: 121816
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 15 Dec 2022 00:32:57 GMT
Ohc-Cache-HIT: km7ct55 [4], xaix66 [2]
Ohc-File-Size: 89077
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/862975.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/862975.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/862975.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200
12803.url.tudown.com/uploads/images/677905.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/677905.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/677905.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4169076591,1032801632&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500
12803.url.tudown.com/uploads/images/110436.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/110436.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/110436.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=997532720,2209481399&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
12803.url.tudown.com/uploads/images/685049.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/685049.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/685049.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3259656547,3708664159&fm=253&fmt=auto&app=138&f=JPG?w=640&h=467
12803.url.tudown.com/uploads/images/586756.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/586756.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/586756.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2042160052,3401902337&fm=253&app=138&f=JPG?w=500&h=800
img0.baidu.com/it/u=2136046815,384219073&fm=253&app=120&f=JPEG?w=1280&h=800
183.60.219.35200 OK 113 kB URL HTTP/1.1 img0.baidu.com/it/u=2136046815,384219073&fm=253&app=120&f=JPEG?w=1280&h=800
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 113 kB (113383 bytes)
Hash 94851fbd928738ae23ab22ae88d2e3c1
f54b6a090a79bc21c1ba73e80cd80421c3a2b6e7
29cbab0ed7a62321244b7d3f2ccd8a958f7de03e1d788886d67ae29c2dd4e93f
GET /it/u=2136046815,384219073&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpeg
Content-Length: 113383
Connection: keep-alive
Expires: Tue, 17 Jan 2023 07:10:29 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 94851fbd928738ae23ab22ae88d2e3c1
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 18 Dec 2022 07:10:29 GMT
Ohc-Cache-HIT: fs3ct51 [1], xaix68 [2]
Ohc-File-Size: 113383
X-Cache-Status: MISS
img1.baidu.com/it/u=3112304755,3265129995&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 86 kB URL HTTP/1.1 img1.baidu.com/it/u=3112304755,3265129995&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash bfaef5ca38790ea46c3b2297100961f7
e3f4470849e0a061ef2cd82f5ebd534aa0644e12
a2eda81a0926a3d40a5e85e4bb328faac3a17d7b3a9d0b5ab3a5b764f61435df
GET /it/u=3112304755,3265129995&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpeg
Content-Length: 86297
Connection: keep-alive
Expires: Sun, 15 Jan 2023 08:30:06 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: bfaef5ca38790ea46c3b2297100961f7
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 16 Dec 2022 08:30:06 GMT
Ohc-Cache-HIT: yy2ct53 [1], xiangyix160 [2]
Ohc-File-Size: 86297
X-Cache-Status: MISS
12803.url.tudown.com/uploads/images/181038.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/181038.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/181038.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=124228909,2882405355&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
img0.baidu.com/it/u=2067035217,501997824&fm=253&fmt=auto?w=800&h=500
220.169.152.35200 OK 31 kB URL HTTP/2 img0.baidu.com/it/u=2067035217,501997824&fm=253&fmt=auto?w=800&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f091870a64d96dad8085a70cf1cde506
09d7d8921a0a7b502971fbab03d6effcd0454872
0dda3562ac0a19086956dbcec1176117e1b62df6780c2c2e83f45e3e60a62e78
GET /it/u=2067035217,501997824&fm=253&fmt=auto?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 31360
expires: Sat, 21 Jan 2023 08:25:15 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: f091870a64d96dad8085a70cf1cde506
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 22 Dec 2022 08:25:15 GMT
ohc-cache-hit: yy2ct77 [1], czix169 [2]
ohc-file-size: 31360
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200
220.169.152.35200 OK 4.9 kB URL HTTP/2 img1.baidu.com/it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b48caf6eb2d56562133a6a70d8f1c91
5fed66abdb48f24fd3475905c334e8a200a1e286
7b1e156ec616de69786788f83d4d63397928fbe26d32e7fcba7226d26283b597
GET /it/u=1618635932,3789249712&fm=253&fmt=auto?w=200&h=200 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 4872
expires: Sun, 22 Jan 2023 21:06:41 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 2b48caf6eb2d56562133a6a70d8f1c91
age: 3496
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 23 Dec 2022 21:06:41 GMT
ohc-cache-hit: yy2ct78 [2], qdix200 [2]
ohc-file-size: 4872
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/109275.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/109275.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/109275.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489
12803.url.tudown.com/uploads/images/133428.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/133428.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/133428.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800
img2.baidu.com/it/u=997532720,2209481399&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
220.169.152.35200 OK 16 kB URL HTTP/2 img2.baidu.com/it/u=997532720,2209481399&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 26f2241eff6f454d3f43da2325da0d4a
6e3fc1968987f45b5b89fe6976b5a81c1764d559
3fb511c45e06ff297ca665bb0f25cdc59c4491d890359b6fa2b0a16384accc14
GET /it/u=997532720,2209481399&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 15620
expires: Wed, 25 Jan 2023 08:58:41 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 26f2241eff6f454d3f43da2325da0d4a
age: 479
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 26 Dec 2022 08:58:40 GMT
ohc-cache-hit: yy2ct73 [4], qdix73 [2]
ohc-file-size: 15620
x-cache-status: HIT
X-Firefox-Spdy: h2
12803.url.tudown.com/uploads/images/637691.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/637691.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/637691.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1522003090,2805154209&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=498
img1.baidu.com/it/u=4169076591,1032801632&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500
220.169.152.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=4169076591,1032801632&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 389x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2775a3f01c1077ab95a8087204d43d22
e1e1d198f0f2d2272fbd6b16f735b13a29abed1a
b7b55adf03c7b9bbc2cf0ea41e21f7954f550cd304fd6d6e406e67c6e651be59
GET /it/u=4169076591,1032801632&fm=253&fmt=auto&app=138&f=JPEG?w=389&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 14848
expires: Fri, 27 Jan 2023 04:22:08 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 2775a3f01c1077ab95a8087204d43d22
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 28 Dec 2022 04:22:08 GMT
ohc-cache-hit: yy2ct77 [1], xiangyix77 [2]
ohc-file-size: 14848
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3259656547,3708664159&fm=253&fmt=auto&app=138&f=JPG?w=640&h=467
220.169.152.35200 OK 32 kB URL HTTP/2 img0.baidu.com/it/u=3259656547,3708664159&fm=253&fmt=auto&app=138&f=JPG?w=640&h=467
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x467, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 510380333dc3b6d10f7904666fa090ae
fcf986b1d1dcce5ab1dd204c7912d91d468a537d
5d64bd03c816c51e0c65f85d531f9e4fa852930cc579b7e93e4a6a93bf191c65
GET /it/u=3259656547,3708664159&fm=253&fmt=auto&app=138&f=JPG?w=640&h=467 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 32540
expires: Fri, 03 Feb 2023 15:55:35 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 510380333dc3b6d10f7904666fa090ae
age: 63738
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 04 Jan 2023 15:55:35 GMT
ohc-cache-hit: yy2ct71 [4], qdix85 [4]
ohc-file-size: 32540
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2042160052,3401902337&fm=253&app=138&f=JPG?w=500&h=800
183.60.219.35200 OK 43 kB URL HTTP/1.1 img0.baidu.com/it/u=2042160052,3401902337&fm=253&app=138&f=JPG?w=500&h=800
IP 183.60.219.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, baseline, precision 8, 500x800, components 3\012- data
Hash 9795bc2f188c7ad06f0e07245a5915d6
201c49eac2f8c4fcc5cc2f63c59280f9aec23701
fce657a35e95e04ba581bd439ffcf5f6cd327e99c6ee7a93aa683962508026b7
GET /it/u=2042160052,3401902337&fm=253&app=138&f=JPG?w=500&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpeg
Content-Length: 43216
Connection: keep-alive
Expires: Thu, 12 Jan 2023 08:10:50 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 9795bc2f188c7ad06f0e07245a5915d6
Age: 109928
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 13 Dec 2022 08:10:50 GMT
Ohc-Cache-HIT: fs3ct52 [4], xaix197 [4]
Ohc-File-Size: 43216
X-Cache-Status: HIT
12803.url.tudown.com/uploads/images/157799.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/157799.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/157799.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3191671757,637145362&fm=253&fmt=auto&app=138&f=JPEG?w=138&h=196
12803.url.tudown.com/uploads/images/268523.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/268523.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/268523.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2041088391,3598950425&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=500
12803.url.tudown.com/uploads/images/967177.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 12803.url.tudown.com/uploads/images/967177.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/967177.jpg HTTP/1.1
Host: 12803.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://12803.url.tudown.com/down/leopard%E7%A1%AC%E7%9B%98%E5%AE%89%E8%A3%85%E5%8A%A9%E6%89%8Bv0.3%E7%BB%BF%E8%89%B2%E5%85%8D%E5%AE%89%E8%A3%85%E7%89%88@316_31353.exe
Cookie: __bid_n=185a2e248bb17807554207; FPTOKEN=hJbHY52e9aYTlspAGaG+/2tbAiLg76YtSxmymYliWs5416Mo6g8he2h8tAEQb+16tAc9v2mu6m685oCo5cUlCbbAO/SoL2JC7bIZJR55FEXkfwJ85+BvKsGZMnNLfsgd8o4nuUantlxMbJtasO3QWse12AcReAH+JqSu9akDzBiiXwJ6Fbt3YjQfUroFOXkMZiYZhMswV16+8dBA2awUNYJTHVS/Pj720tQtshJ9+1nSRuMFk8hOASsL6kYc3Bk6wHEX2k9n5raSTeAXzkNPV2Mz+mTyrBPrjfwxXGT+HNbZScLyOOcjaD5vj1ctqHKsZwufUD78Qd24Wp5hF9oI1bI3NQMs//Lg49VKoEpxi2yykovx0gR5tve7VWNTNoOPAKtglbpZaBYgDpRj3lvG9g==|cfw+NCV3uvOrE0vH587ZpMxYsT8WoyksEWOci81/ssc=|10|5a940b021353fb386145ee3c2195d371
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 11 Jan 2023 22:18:32 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=741905709,2163891724&fm=224&app=112&f=PNG?w=500&h=500
t14.baidu.com/it/u=741905709,2163891724&fm=224&app=112&f=PNG?w=500&h=500
185.10.104.124200 OK 409 kB URL HTTP/1.1 t14.baidu.com/it/u=741905709,2163891724&fm=224&app=112&f=PNG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 409 kB (408684 bytes)
Hash 2993f532d2b3f2fd55248d25550ec22a
a3466c8fd7f49652f8bd57a1f61de4635818f948
92a9faa89b4351eaa0b1b3fcbe66718697acf94195c5bd76ad1ba8ce229d54e2
GET /it/u=741905709,2163891724&fm=224&app=112&f=PNG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:33 GMT
Content-Type: image/png
Content-Length: 408684
Connection: keep-alive
Expires: Mon, 16 Jan 2023 13:26:45 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 2993f532d2b3f2fd55248d25550ec22a
Age: 4441
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 17 Dec 2022 13:26:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], xzuncache71 [2], bdix94 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 408684
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=124228909,2882405355&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
220.169.152.35200 OK 39 kB URL HTTP/2 img2.baidu.com/it/u=124228909,2882405355&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d7262b4252383bfbbc3a08f359bbafc2
d6afb2faf7c4515967d9fc9da7656fb608c9fe21
433a574522c3ab25c61abda8c621fc1b1f1447b69b8895f518a053df811dd343
GET /it/u=124228909,2882405355&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:32 GMT
content-type: image/webp
content-length: 38648
expires: Fri, 20 Jan 2023 05:43:57 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: d7262b4252383bfbbc3a08f359bbafc2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 05:43:57 GMT
ohc-cache-hit: yy2ct55 [1], wzix55 [2]
ohc-file-size: 38648
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1522003090,2805154209&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=498
220.169.152.35200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=1522003090,2805154209&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=498
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 499x498, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f3a681e7805b26a3e4948bb39d30ac9f
d548be3edc5270ad12f3ac63ff8e842de87a148e
971fa5b894e0fc086d4b55f52da0f319debadabd6aabbbe1451651018e804f41
GET /it/u=1522003090,2805154209&fm=253&fmt=auto&app=138&f=JPEG?w=499&h=498 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:33 GMT
content-type: image/webp
content-length: 17018
expires: Tue, 31 Jan 2023 18:02:14 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: f3a681e7805b26a3e4948bb39d30ac9f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 01 Jan 2023 18:02:14 GMT
ohc-cache-hit: yy2ct67 [1], wzix114 [2]
ohc-file-size: 17018
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800
220.169.152.35200 OK 110 kB URL HTTP/1.1 img1.baidu.com/it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800
IP 220.169.152.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 110 kB (110507 bytes)
Hash dddde5d2afcb3641203aa140b9ac2ef8
e114f57c0b4f739e1da1962bcac7301a8c9e25fe
483cf231ac0d0c50b8fbeb47713f4884226a5cc0a4afe0d28caa0ccb2a651caf
GET /it/u=2469407609,1331297943&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://12803.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Wed, 11 Jan 2023 22:18:33 GMT
Content-Type: image/jpeg
Content-Length: 110507
Connection: keep-alive
Expires: Wed, 01 Feb 2023 20:04:09 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: dddde5d2afcb3641203aa140b9ac2ef8
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 02 Jan 2023 20:04:09 GMT
Ohc-Cache-HIT: yy2ct79 [1], csix116 [2]
Ohc-File-Size: 110507
X-Cache-Status: MISS
img2.baidu.com/it/u=3191671757,637145362&fm=253&fmt=auto&app=138&f=JPEG?w=138&h=196
220.169.152.35200 OK 3.7 kB URL HTTP/2 img2.baidu.com/it/u=3191671757,637145362&fm=253&fmt=auto&app=138&f=JPEG?w=138&h=196
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 138x196, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4705d959457f24b961e4574c59ff0036
56ed22beb312bc3cc29f1c8708a10c17944c472e
0bd08e9d06cc7043563f0d4e625ca4dfd6331f3edc4affb54e8fee7242515edf
GET /it/u=3191671757,637145362&fm=253&fmt=auto&app=138&f=JPEG?w=138&h=196 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:33 GMT
content-type: image/webp
content-length: 3744
expires: Sun, 15 Jan 2023 12:23:19 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 4705d959457f24b961e4574c59ff0036
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 16 Dec 2022 12:23:19 GMT
ohc-cache-hit: yy2ct56 [1], xiangyix125 [2]
ohc-file-size: 3744
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489
220.169.152.35200 OK 14 kB URL HTTP/2 img0.baidu.com/it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x489, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa702f323f8834eac6cfebece1beccf8
b997043be231e731813715841cb00643b9fe4074
3743f1ab2ba6832312708a93c4683f6a48fe3458daa7268227448f63f8a8995b
GET /it/u=185612326,2352179634&fm=253&fmt=auto?w=640&h=489 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:33 GMT
content-type: image/webp
content-length: 13878
expires: Wed, 01 Feb 2023 23:29:16 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: fa702f323f8834eac6cfebece1beccf8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 02 Jan 2023 23:29:16 GMT
ohc-cache-hit: yy2ct71 [1], bdix151 [2]
ohc-file-size: 13878
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2041088391,3598950425&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=500
220.169.152.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=2041088391,3598950425&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=500
IP 220.169.152.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 349x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 967feaebb56f2d08cb015ae9b5cdd5ae
8848fc74351c4ae7d04c57497768682d11225c8b
390cef336f5e9f53ee28d55232a4c1da1dc08d7d1c61a6e75a20a31921ac470f
GET /it/u=2041088391,3598950425&fm=253&fmt=auto&app=138&f=JPEG?w=349&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 11 Jan 2023 22:18:33 GMT
content-type: image/webp
content-length: 27526
expires: Fri, 20 Jan 2023 08:24:55 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 967feaebb56f2d08cb015ae9b5cdd5ae
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 21 Dec 2022 08:24:55 GMT
ohc-cache-hit: yy2ct70 [1], xaix199 [2]
ohc-file-size: 27526
x-cache-status: MISS
X-Firefox-Spdy: h2
www.2345.com/js/index/activity/20171111/widget.min.js
47.246.44.211200 OK 0 B URL HTTP/2 www.2345.com/js/index/activity/20171111/widget.min.js
IP 47.246.44.211:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
GET /js/index/activity/20171111/widget.min.js HTTP/1.1
Host: www.2345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://12803.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
strict-transport-security: max-age=5184000
date: Wed, 11 Jan 2023 22:10:04 GMT
last-modified: Wed, 06 Nov 2019 08:19:39 GMT
etag: W/"5dc2821b-4c53"
vary: Accept-Encoding, Accept-Encoding
expires: Tue, 22 Nov 2022 14:45:06 GMT
cache-control: max-age=600
ali-swift-global-savetime: 1673475004
via: cache1.l2de2[0,0,304-0,H], cache3.l2de2[1,0], cache8.se1[0,0,200-0,H], cache4.se1[1,0]
age: 503
x-cache: HIT TCP_MEM_HIT dirn:1:87099439
x-swift-savetime: Wed, 11 Jan 2023 22:10:51 GMT
x-swift-cachetime: 553
content-encoding: br
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
timing-allow-origin: *
eagleid: 2ff62c9816734755076872794e
X-Firefox-Spdy: h2