r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6045
Expires: Sat, 04 Feb 2023 09:46:47 GMT
Date: Sat, 04 Feb 2023 08:06:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3821
Expires: Sat, 04 Feb 2023 09:09:43 GMT
Date: Sat, 04 Feb 2023 08:06:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 07:43:37 GMT
content-type: application/json
age: 1345
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7260
Expires: Sat, 04 Feb 2023 10:07:02 GMT
Date: Sat, 04 Feb 2023 08:06:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Td0APaIDW/cl2AIWay6b7qBw5tFJeOhAnnCdgyu6MaYPNP+Jt3xDO3fzzHWbaMQIBTx/i8zJuYb/eB8k/DbNQA==
x-amz-request-id: 6VYK1MDT962BNTS8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 07:52:45 GMT
age: 797
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:06:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 07:07:19 GMT
age: 3523
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11041
Expires: Sat, 04 Feb 2023 11:10:03 GMT
Date: Sat, 04 Feb 2023 08:06:02 GMT
Connection: keep-alive
url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
154.218.151.71200 OK 8.5 kB URL HTTP/1.1 url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (365), with CRLF, LF line terminators
Hash 525be8226eb1fc97f139c5b888d84e9c
9f2e2e5a650a01d7119f8956167ae0bae1115c45
4a5768c9cc031b598fe71419eefe8e85506c4737687b52272fc72a8743c42563
Analyzer Verdict Alert fortinet Malware
GET /xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
52.40.48.115101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.48.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qwmc9ezN+C8LiiqNmWLuVQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VLq9JL0PqKvVQnQ9lcfo6nLXjY4=
url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
url.tudown.com/template/company/955yx/css/gb.css
154.218.151.71200 OK 47 kB URL HTTP/1.1 url.tudown.com/template/company/955yx/css/gb.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (393), with CRLF line terminators
Hash 50dd1318432db01d440645564e53edc9
ee0cb6adb44f515312f771197c6c08b951cb7689
2b908ce7540ed6b03b07bdec7eb7eb504b76e78b3304474f40af3b8f3afb2135
GET /template/company/955yx/css/gb.css HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:03 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-30c0d"
Expires: Sat, 04 Feb 2023 20:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
url.tudown.com/template/company/955yx/js/searchword.js
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 url.tudown.com/template/company/955yx/js/searchword.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 95c12a0f8944cbd1c05e11f7a72875dd
22430886820419d75b8da5721af251bdeb6811d1
36e33550c0a108df269183b53afe7f8c86316cc7e24a84ee3804e8ae12c627eb
GET /template/company/955yx/js/searchword.js HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:03 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff1-fb5"
Expires: Sat, 04 Feb 2023 20:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
url.tudown.com/template/company/955yx/js/week_rank.js
154.218.151.71200 OK 656 B URL HTTP/1.1 url.tudown.com/template/company/955yx/js/week_rank.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 00ac918b54dd742e0ec507274205038a
6a2976eb86376f33eb4f7b587f71296f07940da5
11624c98f05816c06f80e2ea5ef22376ce5509cb2c076003f9d5f27ac81f4ec9
GET /template/company/955yx/js/week_rank.js HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:03 GMT
Content-Type: application/javascript
Content-Length: 656
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-290"
Expires: Sat, 04 Feb 2023 20:06:03 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
url.tudown.com/template/company/955yx/js/script_index2.js
154.218.151.71200 OK 2.3 kB URL HTTP/1.1 url.tudown.com/template/company/955yx/js/script_index2.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ISO-8859 text, with CRLF line terminators
Hash e3f1b130f72b9756f002c6bbbc284fb7
d51b59da45422005ca5f02b66cb02eaf1b44a8fd
3c0e569d33461414b263a4a7e6602577873e4843bb450d5de979f263d02644c9
GET /template/company/955yx/js/script_index2.js HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:03 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86ff2-1f77"
Expires: Sat, 04 Feb 2023 20:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
url.tudown.com/template/company/955yx/js/api.js
154.218.151.71200 OK 22 B URL HTTP/1.1 url.tudown.com/template/company/955yx/js/api.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with CRLF line terminators
Hash 143a35d673d243f56603ac04a89d8099
677acddc2a341ec711d74ecfd05bb919208c23df
ab368ffd11e345075f085c40cfdd9254280e0db19ed65e2668c287b17508170f
GET /template/company/955yx/js/api.js HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:03 GMT
Content-Type: application/javascript
Content-Length: 22
Last-Modified: Tue, 15 Jun 2021 09:16:34 GMT
Connection: keep-alive
ETag: "60c86ff2-16"
Expires: Sat, 04 Feb 2023 20:06:03 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
154.218.151.71200 OK 41 kB URL HTTP/1.1 url.tudown.com/template/company/955yx/js/jquery-1.8.3.min.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (65483)
Hash aef63d51fe884fe89d488a2abc96381b
ed39edfb824178566b87b08164c7d382a119705b
51826bef0d69d08144d8605e1c56e1602cb1b6f620f854972c31080cf17d11f5
GET /template/company/955yx/js/jquery-1.8.3.min.js HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:03 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-198c3"
Expires: Sat, 04 Feb 2023 20:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
url.tudown.com/template/company/955yx/js/gb.js
154.218.151.71200 OK 7.7 kB URL HTTP/1.1 url.tudown.com/template/company/955yx/js/gb.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2a105ecd23c8abe20d0f84a4d10903a7
f3a1339005455be7df05412b2bde5d33ed096da0
9e8e3180840152689c4d7732c3660da6c766645aad88f695c041720ff5ec0a67
GET /template/company/955yx/js/gb.js HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:03 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60c86fef-7685"
Expires: Sat, 04 Feb 2023 20:06:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5307
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:06:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5307
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:06:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5307
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:06:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5307
Expires: Sat, 04 Feb 2023 09:34:31 GMT
Date: Sat, 04 Feb 2023 08:06:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 35731
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 37080
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 35732
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f926cd4f39b1a10b152e5959b28ae29e
2b1982d21321071394e363888e007598e968fb35
a51b246a9aa5a2583cae7fd4f0a3bdf73f0b318b7838828d36ea5674a5f26753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13309
x-amzn-requestid: f6a3f0f3-d91b-4f4d-8265-0f87742ba5d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFeBFX4oAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd82bf-5808ceec265756c702d212dc;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:55:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WWjzs8W8GmSAM0-Uc8XBTxz67RJJCIzp3fBYhkoIWZ26UrobmZV8mw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:28:17 GMT
age: 34667
etag: "2b1982d21321071394e363888e007598e968fb35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 27921
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 35554
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
url.tudown.com/static/api/http://url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465415
154.218.151.71404 Not Found 146 B URL HTTP/1.1 url.tudown.com/static/api/http://url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465415
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /static/api/http://url.tudown.com/template/company/955yx/js/share.js?v=89860593.js?cdnversion=465415 HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
url.tudown.com/uploads/images/631872.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/631872.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/631872.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2896690584,1677344545&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
url.tudown.com/uploads/images/278618.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/278618.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/278618.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3360902452,3356044503&fm=253&app=120&f=JPEG?w=1422&h=800
url.tudown.com/uploads/images/19703.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/19703.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/19703.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=747219856,330224471&fm=224&app=112&f=JPEG?w=500&h=500
url.tudown.com/uploads/images/756624.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/756624.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/756624.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3085595476,1677580342&fm=224&app=112&f=JPEG?w=500&h=500
url.tudown.com/template/company/955yx/images/home.png
154.218.151.71200 OK 1.3 kB URL HTTP/1.1 url.tudown.com/template/company/955yx/images/home.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 302b4d0465daebb6a02b59b721d92a41
20d18d0cb9f052ec48b775ec2de2e8ce1a233c1e
a7fa550286b2b0974ab70bbadbe26cfa5b6770da8a71445b3b3f87abd896d3f2
GET /template/company/955yx/images/home.png HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/template/company/955yx/css/gb.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/png
Content-Length: 1270
Last-Modified: Tue, 15 Jun 2021 09:16:32 GMT
Connection: keep-alive
ETag: "60c86ff0-4f6"
Accept-Ranges: bytes
url.tudown.com/uploads/images/208892.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/208892.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/208892.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=493302012,3880396171&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=715
url.tudown.com/uploads/images/869935.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/869935.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/869935.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1366117668,445669186&fm=253&app=120&f=JPEG?w=1280&h=800
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fc91044ea257e54846f8dd907b48d29e
6d2231e05dabe5ee55f8dbf8687d7b7a92c25d64
8e77e1a87ab035ed1affd01159d1c899e46d7c247d0bc085dd57d1b1c6fed830
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E77E1A87AB035ED1AFFD01159D1C899E46D7C247D0BC085DD57D1B1C6FED830"
Last-Modified: Thu, 02 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1530
Expires: Sat, 04 Feb 2023 08:31:34 GMT
Date: Sat, 04 Feb 2023 08:06:04 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash fd85c457807ba420192d9fdb1e3b2e76
1309191996088c5e1bce3f6d5ca5b8ea2ff489ad
7d1c4dba2f7a95c9ec75b4f5abeb2b9d66abc8650424b896152f4d27fd3b4a8c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 06:27:25 GMT
ETag: "1309191996088c5e1bce3f6d5ca5b8ea2ff489ad"
Last-Modified: Sat, 04 Feb 2023 06:27:26 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3256
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941e7a639f40b61-OSL
url.tudown.com/uploads/images/499460.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/499460.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/499460.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2847222776,1314129012&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=800
url.tudown.com/uploads/images/987349.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/987349.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/987349.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=4051546823,2834359803&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=363
url.tudown.com/uploads/images/434764.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/434764.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/434764.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3749494177,2848277549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
url.tudown.com/uploads/images/832116.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/832116.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/832116.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3223590873,3488362853&fm=224&app=112&f=JPEG?w=500&h=500
url.tudown.com/uploads/images/457203.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/457203.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/457203.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=4172530258,1420709609&fm=253&app=120&f=JPEG?w=1280&h=800
url.tudown.com/uploads/images/572202.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/572202.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/572202.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=398686810,599242411&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
url.tudown.com/uploads/images/362083.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/362083.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/362083.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3852046085,256603671&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1280
url.tudown.com/template/company/955yx/images/litterstar.png
154.218.151.71200 OK 1.7 kB URL HTTP/1.1 url.tudown.com/template/company/955yx/images/litterstar.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 73 x 143, 8-bit colormap, non-interlaced\012- data
Hash d130270dc6abd41d1d40acbe01e36739
5dec8c0c88e9c3dfb13cbfc7d1d9818baa7ee96c
8b31f0ef117010f8ad5e5c8c73ede7468072e1cb08f994fce90ada97f461b59b
GET /template/company/955yx/images/litterstar.png HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/template/company/955yx/css/gb.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/png
Content-Length: 1706
Last-Modified: Tue, 15 Jun 2021 09:16:33 GMT
Connection: keep-alive
ETag: "60c86ff1-6aa"
Accept-Ranges: bytes
url.tudown.com/uploads/images/262702.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/262702.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/262702.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1353804839,1404123989&fm=253&fmt=auto&app=120&f=JPEG?w=405&h=500
url.tudown.com/uploads/images/782825.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/782825.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/782825.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1981489805,3317535769&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
url.tudown.com/template/company/955yx/images/bgs.png
154.218.151.71200 OK 101 kB URL HTTP/1.1 url.tudown.com/template/company/955yx/images/bgs.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 500 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size 101 kB (101362 bytes)
Hash 1621ecee9c5f80ff96ab42e1ee259f58
5867acc872a638e86b981dbd81632c219a8093ec
f7809c07dbf542cc134fa715f678d4fba323bffdc649c9fb85a866b55b0c47f9
GET /template/company/955yx/images/bgs.png HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/template/company/955yx/css/gb.css
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:04 GMT
Content-Type: image/png
Content-Length: 101362
Last-Modified: Tue, 15 Jun 2021 09:16:31 GMT
Connection: keep-alive
ETag: "60c86fef-18bf2"
Accept-Ranges: bytes
url.tudown.com/uploads/images/923114.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/923114.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/923114.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2629458014,1817116256&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
url.tudown.com/uploads/images/678803.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/678803.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/678803.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1587135024,2954503465&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=499
url.tudown.com/uploads/images/157993.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/157993.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/157993.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3733971035,489838136&fm=253&fmt=auto&app=138&f=JPEG?w=805&h=500
url.tudown.com/uploads/images/38156.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/38156.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/38156.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3178319854,3867087046&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
url.tudown.com/uploads/images/929475.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/929475.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/929475.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=512499957,3047088721&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
url.tudown.com/uploads/images/572800.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/572800.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/572800.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2661034057,3206951886&fm=224&app=112&f=JPEG?w=396&h=500
s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
54.230.111.4200 OK 478 B URL HTTP/2 s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
IP 54.230.111.4:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /ssl/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s.ssl.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 478
date: Fri, 06 Jan 2023 02:40:18 GMT
x-qstatic-hit: 1
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"67d74adaac6d2f43"
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
expires: Mon, 03 Jan 2033 02:40:18 GMT
kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lato
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LzzcHIx_2Rqm8SzmCGT-fHwc5c_dyGSBr_9RN-t-KslzjOtY2eJUTQ==
age: 2525147
X-Firefox-Spdy: h2
url.tudown.com/uploads/images/973291.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/973291.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/973291.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=517972516,2234849688&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
url.tudown.com/uploads/images/439285.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/439285.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/439285.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=272990653,4117405755&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=424
url.tudown.com/uploads/images/728772.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/728772.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/728772.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2667678520,2276425492&fm=224&app=112&f=JPEG?w=500&h=500
url.tudown.com/uploads/images/221740.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/221740.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/221740.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=700058651,4013023672&fm=224&app=112&f=JPEG?w=500&h=500
url.tudown.com/uploads/images/991228.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/991228.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/991228.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3090275914,1834012815&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=654
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash a8327233db8f85d0895e30d815cfa1ac
c924776df05a66424e428c1e2a487eacd8806901
7433be619ec2f250b11ee756e992c1ad075c341c6ddbf027fdbb20da06f66438
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 08:06:05 GMT
Etag: 59165e040bde6b13e48078c4952eb88b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FB2D49190DBF05AC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
url.tudown.com/uploads/images/195620.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/195620.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/195620.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2411624537,2650866807&fm=253&fmt=auto?w=1280&h=800
url.tudown.com/uploads/images/840946.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/840946.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/840946.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2319336959,4184410600&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
img1.baidu.com/it/u=1981489805,3317535769&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
58.216.66.35200 OK 43 kB URL HTTP/2 img1.baidu.com/it/u=1981489805,3317535769&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c7b1c64f9a3454ab3c07dbbaa30b7d83
622e3613bebc1257d797536ce31e37c5ee466940
bc3608a0f5f13d185f813078718dc28009f8c63c56ef2774a3b11b1e5780900a
GET /it/u=1981489805,3317535769&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:05 GMT
content-type: image/webp
content-length: 42582
expires: Mon, 27 Feb 2023 13:26:28 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: c7b1c64f9a3454ab3c07dbbaa30b7d83
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 28 Jan 2023 13:26:28 GMT
ohc-cache-hit: cz4ct67 [1], xiangyix100 [2]
ohc-file-size: 42582
x-cache-status: MISS
X-Firefox-Spdy: h2
url.tudown.com/uploads/images/257088.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/257088.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/257088.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500
url.tudown.com/uploads/images/924613.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/924613.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/924613.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2369403815,841701763&fm=253&app=138&f=JPEG?w=500&h=889
url.tudown.com/uploads/images/456291.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/456291.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/456291.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3645142397,580630835&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
t14.baidu.com/it/u=3085595476,1677580342&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 31 kB URL HTTP/1.1 t14.baidu.com/it/u=3085595476,1677580342&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 3c2d8737570eaf7585ed16323c9739c3
d4685d29c9f8a8452b40ec98b7794973d5b9f2c8
2099fe7d9a98a8251a21617eeef8b3fd0557cf8631af9020c8e52c3cfbaa4ff5
GET /it/u=3085595476,1677580342&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpeg
Content-Length: 30587
Connection: keep-alive
Expires: Fri, 03 Mar 2023 23:39:15 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 3c2d8737570eaf7585ed16323c9739c3
Age: 197092
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Feb 2023 23:39:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache55 [1], suzix245 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 30587
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=747219856,330224471&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 25 kB URL HTTP/1.1 t14.baidu.com/it/u=747219856,330224471&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash cd0aa38991cdca4d30b63618418903e6
3d088c451fd07dbf96d91e676b9acfe9b949528b
384296281ec3dabae721056bacfc6b19bd1558b10efc9a867d4aa5e7ce29a3f0
GET /it/u=747219856,330224471&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpeg
Content-Length: 24814
Connection: keep-alive
Expires: Sat, 18 Feb 2023 04:22:15 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: cd0aa38991cdca4d30b63618418903e6
Age: 1383455
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 19 Jan 2023 04:22:15 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache61 [2], qdix61 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24814
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=2661034057,3206951886&fm=224&app=112&f=JPEG?w=396&h=500
185.10.104.124200 OK 27 kB URL HTTP/1.1 t13.baidu.com/it/u=2661034057,3206951886&fm=224&app=112&f=JPEG?w=396&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 396x500, components 3\012- data
Hash 477e5e77cadd941f62dfb3efa26c9a16
7862f561716d9a860f6224a0e576449c2cba941d
02a3bc61548a452a61c982b96cdd27949b962d952d156757702a23b6734b56e7
GET /it/u=2661034057,3206951886&fm=224&app=112&f=JPEG?w=396&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpeg
Content-Length: 27147
Connection: keep-alive
Expires: Fri, 10 Feb 2023 00:51:46 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 477e5e77cadd941f62dfb3efa26c9a16
Age: 2026726
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 00:51:46 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache60 [4], suzix236 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 27147
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=3223590873,3488362853&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 60 kB URL HTTP/1.1 t13.baidu.com/it/u=3223590873,3488362853&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 91c9302afde7d91161a91e3bf6a61789
01fb1a3cabd83d3aa078d4d983345b207fd7851d
13dbc4b31724b01e753d1b5c71ca91820d31773709a36c157f138f23d1e642a1
GET /it/u=3223590873,3488362853&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpeg
Content-Length: 60530
Connection: keep-alive
Expires: Fri, 10 Feb 2023 05:23:36 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 91c9302afde7d91161a91e3bf6a61789
Age: 2026808
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 05:23:35 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache55 [1], wzix112 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 60530
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=700058651,4013023672&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 19 kB URL HTTP/1.1 t13.baidu.com/it/u=700058651,4013023672&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 8645600c5ab10289c3fb26e4127dfbf2
6d13f033f40221d804a66c459cf49067620294e0
10b360f6eadbc04992ecedbab57182ed3aa76d6b6f090c1ee44292c2ab8bc559
GET /it/u=700058651,4013023672&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpeg
Content-Length: 19041
Connection: keep-alive
Expires: Wed, 08 Feb 2023 08:34:17 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 8645600c5ab10289c3fb26e4127dfbf2
Age: 327823
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 08:34:17 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache55 [1], bdix55 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 19041
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=3178319854,3867087046&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
58.216.66.35200 OK 50 kB URL HTTP/2 img1.baidu.com/it/u=3178319854,3867087046&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b48f0f8830b29fb3b47f63881b541842
ac5642ca09f8d4218c0d24cb44dc44c41536f2e7
71149ad3d53cf8a75675432b8f8676269d2f5f72b1c4592e6973675d348015b6
GET /it/u=3178319854,3867087046&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:05 GMT
content-type: image/webp
content-length: 50286
expires: Tue, 21 Feb 2023 09:34:07 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: b48f0f8830b29fb3b47f63881b541842
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 09:34:07 GMT
ohc-cache-hit: cz4ct51 [1], wzix69 [4]
ohc-file-size: 50286
x-cache-status: MISS
X-Firefox-Spdy: h2
url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675498000323
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 url.tudown.com/index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675498000323
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (365), with CRLF, LF line terminators
Hash bccbb3c6c8bd8d472c34a2426e874462
e08e0a5f06a61e94c31504db8a9383a276d665ac
97d9d2efaf83beb78654370c5201cdc23f1598bddd400a36106dde396a134ce2
GET /index.php?m=content&c=index&a=get_searchkey&pc_hash=WrCDxe&_=1675498000323 HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
img1.baidu.com/it/u=493302012,3880396171&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=715
58.216.66.35200 OK 29 kB URL HTTP/2 img1.baidu.com/it/u=493302012,3880396171&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=715
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x715, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4bfb9d8d6954eac890fdc505703c1bbd
9f16f311bde84131662f70e6077c9d96d72c2e3a
6948e025fff67fa22c8579b499e75d120fcacddd8ab61bbaccb03adf92e38bce
GET /it/u=493302012,3880396171&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=715 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:05 GMT
content-type: image/webp
content-length: 28692
expires: Thu, 02 Mar 2023 11:15:34 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 4bfb9d8d6954eac890fdc505703c1bbd
age: 154715
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 11:15:34 GMT
ohc-cache-hit: cz4ct65 [4], csix109 [2]
ohc-file-size: 28692
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2896690584,1677344545&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
58.216.66.35200 OK 15 kB URL HTTP/2 img1.baidu.com/it/u=2896690584,1677344545&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x501, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00f7b17d326dad3dd011205e66dac7b3
e8723e131433a488024a5d7ecbc6ccb158ddfe6d
1a937565ae3238552ab707cbdc84dfa452c4f8c0aa4db04a6040caa5d480da7b
GET /it/u=2896690584,1677344545&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:05 GMT
content-type: image/webp
content-length: 14752
expires: Sat, 25 Feb 2023 12:34:31 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 00f7b17d326dad3dd011205e66dac7b3
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 26 Jan 2023 12:34:31 GMT
ohc-cache-hit: cz4ct51 [1], czix239 [4]
ohc-file-size: 14752
x-cache-status: MISS
X-Firefox-Spdy: h2
api.share.baidu.com/s.gif?l=http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
39.156.68.163200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
IP 39.156.68.163:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 08:06:06 GMT
url.tudown.com/uploads/images/327073.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/327073.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/327073.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3948023687,1486383203&fm=253&app=120&f=JPEG?w=1280&h=800
url.tudown.com/uploads/images/811380.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/811380.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/811380.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=979683215,374542884&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=484
img2.baidu.com/it/u=2369403815,841701763&fm=253&app=138&f=JPEG?w=500&h=889
114.232.92.35200 OK 26 kB URL HTTP/1.1 img2.baidu.com/it/u=2369403815,841701763&fm=253&app=138&f=JPEG?w=500&h=889
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x889, components 3\012- data
Hash 3c985d138e6ea2ddd5f882aac7b33b37
346125a3be4e96743ba20434db94fc41b30926bc
c7f9b0e8057a66fba4f40c0de0ae6646a2fb09386df57a3e8d5c2bb7796f936f
GET /it/u=2369403815,841701763&fm=253&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpeg
Content-Length: 25709
Connection: keep-alive
Expires: Wed, 15 Feb 2023 02:42:16 GMT
Last-Modified: Mon, 05 Jan 1970 00:00:00 GMT
ETag: 3c985d138e6ea2ddd5f882aac7b33b37
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 02:42:16 GMT
Ohc-Cache-HIT: nt2ct72 [1], xiangyix150 [2]
Ohc-File-Size: 25709
X-Cache-Status: MISS
url.tudown.com/uploads/images/817688.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/817688.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/817688.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2952547303,1165920386&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1422
img1.baidu.com/it/u=1587135024,2954503465&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=499
58.216.66.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=1587135024,2954503465&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=499
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 281x499, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c52a28c8aaab1cdc9d98ccc40876af8d
a5d3fd70eb01e15700ecba22afff07dc07bfe2cc
d756938a9e10340248e8b17cf4f0354bb63d0a5dd2f784da33dacd75726d93ac
GET /it/u=1587135024,2954503465&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=499 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:05 GMT
content-type: image/webp
content-length: 19962
expires: Mon, 20 Feb 2023 15:24:23 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: c52a28c8aaab1cdc9d98ccc40876af8d
age: 1308
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 15:24:23 GMT
ohc-cache-hit: cz4ct64 [4], czix116 [2]
ohc-file-size: 19962
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3360902452,3356044503&fm=253&app=120&f=JPEG?w=1422&h=800
114.232.92.35200 OK 192 kB URL HTTP/1.1 img2.baidu.com/it/u=3360902452,3356044503&fm=253&app=120&f=JPEG?w=1422&h=800
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size 192 kB (191615 bytes)
Hash caa6da902918772cedc0257bb6f2a68f
8e10f1ab6150d18728b8cfb55621b474f4863a5d
ea30cf8c08b1fad0223c9c80ed2956150cb3f9c5e2c594f1c465f04d0a859b58
GET /it/u=3360902452,3356044503&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:05 GMT
Content-Type: image/jpeg
Content-Length: 191615
Connection: keep-alive
Expires: Sun, 12 Feb 2023 12:18:28 GMT
Last-Modified: Wed, 14 Jan 1970 00:00:00 GMT
ETag: caa6da902918772cedc0257bb6f2a68f
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 13 Jan 2023 12:18:28 GMT
Ohc-Cache-HIT: nt2ct81 [2], xaix229 [4]
Ohc-File-Size: 191615
X-Cache-Status: MISS
url.tudown.com/uploads/images/539882.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/539882.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/539882.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1264652813,2208244790&fm=253&fmt=auto&app=138&f=JPEG?w=647&h=500
img1.baidu.com/it/u=3090275914,1834012815&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=654
58.216.66.35200 OK 29 kB URL HTTP/2 img1.baidu.com/it/u=3090275914,1834012815&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=654
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x654, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d43031817bf25505291b60f2036de72
ac1483175fa3bf7a56b0f9f812acc803b5346a16
2cd0bc6dc6dfd74bd257ab07a3e94d84813ce1edf795c93c0fe0b859183743fd
GET /it/u=3090275914,1834012815&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=654 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:05 GMT
content-type: image/webp
content-length: 28722
expires: Sun, 05 Mar 2023 11:05:54 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 9d43031817bf25505291b60f2036de72
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 03 Feb 2023 11:05:54 GMT
ohc-cache-hit: cz4ct51 [1], qdix242 [4]
ohc-file-size: 28722
x-cache-status: MISS
X-Firefox-Spdy: h2
url.tudown.com/uploads/images/416340.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/416340.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/416340.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1816568822,2224693615&fm=253&fmt=auto?w=889&h=500
img1.baidu.com/it/u=2411624537,2650866807&fm=253&fmt=auto?w=1280&h=800
58.216.66.35200 OK 52 kB URL HTTP/2 img1.baidu.com/it/u=2411624537,2650866807&fm=253&fmt=auto?w=1280&h=800
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0748a1e432c155a5327c62d543766eb8
983154e7e0f0755392727c33718e91b23e4e9b6e
9d3c3e96db81f27288c870ea086842bcf76dbbad2e67379e100b016e4bd6c7bd
GET /it/u=2411624537,2650866807&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 51756
expires: Fri, 24 Feb 2023 13:56:00 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0748a1e432c155a5327c62d543766eb8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 13:56:00 GMT
ohc-cache-hit: cz4ct65 [1], suzix191 [2]
ohc-file-size: 51756
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2319336959,4184410600&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
58.216.66.35200 OK 35 kB URL HTTP/2 img1.baidu.com/it/u=2319336959,4184410600&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e732a78c069b21374c0b9dca1a5a71e3
75392e30a1b3cc482a94ff1e4a4e99d3ffaec581
5873c1c0a9f6a218cd12fe41e7d4ee65f95105170f527f7d1a967fe87b979d48
GET /it/u=2319336959,4184410600&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=360 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 35032
expires: Sat, 04 Feb 2023 08:56:34 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: e732a78c069b21374c0b9dca1a5a71e3
age: 64567
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 08:56:34 GMT
ohc-cache-hit: cz4ct60 [4], xiangyix123 [2]
ohc-file-size: 35032
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=4172530258,1420709609&fm=253&app=120&f=JPEG?w=1280&h=800
114.232.92.35200 OK 82 kB URL HTTP/1.1 img2.baidu.com/it/u=4172530258,1420709609&fm=253&app=120&f=JPEG?w=1280&h=800
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 664201ccc659ab4e0db33b287d2f5893
3a2fa50a0d4610151145fc78438c8501da4aae6f
36e4c0ee8bd90892d7ec9d5c4d372f922eb5d9e0728e8dbbefdd222f9d8a49c9
GET /it/u=4172530258,1420709609&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpeg
Content-Length: 81827
Connection: keep-alive
Expires: Thu, 09 Feb 2023 15:50:39 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 664201ccc659ab4e0db33b287d2f5893
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 10 Jan 2023 15:50:39 GMT
Ohc-Cache-HIT: nt2ct57 [1], qdix166 [4]
Ohc-File-Size: 81827
X-Cache-Status: MISS
url.tudown.com/api.php?op=digg&action=show&id=23038
154.218.151.71404 Not Found 146 B URL HTTP/1.1 url.tudown.com/api.php?op=digg&action=show&id=23038
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /api.php?op=digg&action=show&id=23038 HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
img1.baidu.com/it/u=3645142397,580630835&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
58.216.66.35200 OK 47 kB URL HTTP/2 img1.baidu.com/it/u=3645142397,580630835&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75219f9bfd4eabc6335f07034cdf015f
0211ded696286da097a7c3999e9bbeba160160bc
31f32dfb318ddb2ea7e7a25a80056cafae833f65b9d78b3fdf1230a5a845d822
GET /it/u=3645142397,580630835&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 46688
expires: Mon, 20 Feb 2023 07:19:31 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 75219f9bfd4eabc6335f07034cdf015f
age: 1103383
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 07:19:31 GMT
ohc-cache-hit: cz4ct51 [4], xaix215 [2]
ohc-file-size: 46688
x-cache-status: HIT
X-Firefox-Spdy: h2
url.tudown.com/uploads/images/356678.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/356678.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/356678.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2618689501,1704384219&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
img2.baidu.com/it/u=398686810,599242411&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
114.232.92.35200 OK 105 kB URL HTTP/2 img2.baidu.com/it/u=398686810,599242411&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1422x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 105 kB (105444 bytes)
Hash 7786b866d9b140639635125f0933d7b5
4044b34c6eb1b11ac74947993f74a6c25a56133f
942c77d4ffdc4220ab24d9a591f12376b5043ffc07276efef49ead7c5960ad08
GET /it/u=398686810,599242411&fm=253&fmt=auto&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 105444
expires: Sat, 18 Feb 2023 04:48:15 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 7786b866d9b140639635125f0933d7b5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 04:48:15 GMT
ohc-cache-hit: nt2ct72 [1], bdix194 [2]
ohc-file-size: 105444
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=517972516,2234849688&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
114.232.92.35200 OK 27 kB URL HTTP/2 img2.baidu.com/it/u=517972516,2234849688&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 533fc68f26e5a6fd0c61bcf4892bcb7e
513866379997094606da144f5327f6fe6fae549f
e02ede0c69da16bcf656d3d0837852df7625c425bc4b4d37242bddb9db8c00dc
GET /it/u=517972516,2234849688&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 27356
expires: Thu, 02 Mar 2023 03:51:59 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 533fc68f26e5a6fd0c61bcf4892bcb7e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 03:51:59 GMT
ohc-cache-hit: nt2ct72 [1], qdix72 [4]
ohc-file-size: 27356
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=2952547303,1165920386&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1422
58.216.66.35200 OK 17 kB URL HTTP/2 img1.baidu.com/it/u=2952547303,1165920386&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1422
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1422, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a0b95e1315364105c8bc21a52933bd49
7f74307aa6a90504d3b7cc6a949cb38bbe6b3fb3
91b5990ef3a05a766509f1b6c95466fd96fc2ef59f4c45c1d2cfa2d9d3bb399c
GET /it/u=2952547303,1165920386&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1422 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 17038
expires: Sun, 26 Feb 2023 11:38:35 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: a0b95e1315364105c8bc21a52933bd49
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 11:38:35 GMT
ohc-cache-hit: cz4ct68 [1], wzix82 [4]
ohc-file-size: 17038
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675498001&rnd=1456215137&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=30191&r=0&ww=1280&u=http%3A%2F%2Furl.tudown.com%2Fxiaz%2Flumion8.3%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40560_352844.exe&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E4%BD%93%E8%82%B2%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC%E7%99%BB%E5%BD%95-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675498001&rnd=1456215137&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=30191&r=0&ww=1280&u=http%3A%2F%2Furl.tudown.com%2Fxiaz%2Flumion8.3%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40560_352844.exe&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E4%BD%93%E8%82%B2%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC%E7%99%BB%E5%BD%95-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675498001&rnd=1456215137&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=2&sn=30191&r=0&ww=1280&u=http%3A%2F%2Furl.tudown.com%2Fxiaz%2Flumion8.3%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40560_352844.exe&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E4%BD%93%E8%82%B2%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC%E7%99%BB%E5%BD%95-%E5%B9%B3%E5%8F%B0%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%C2%B7%E7%99%BB%E5%BD%95%E5%B9%B3%E5%8F%B0iOS%2F%E5%AE%89%E5%8D%93%E5%AE%98%E6%96%B9%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 08:06:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=60067ABF2A592867; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
s.360.cn/so/zz.gif?url=http%3A%2F%2Furl.tudown.com%2Fxiaz%2Flumion8.3%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40560_352844.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b434f82285532_50f625d@b8
180.163.251.230200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2Furl.tudown.com%2Fxiaz%2Flumion8.3%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40560_352844.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b434f82285532_50f625d@b8
IP 180.163.251.230:0
ASN #4812 China Telecom Group
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2Furl.tudown.com%2Fxiaz%2Flumion8.3%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588%40560_352844.exe&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1x8e2.b434f82285532_50f625d@b8 HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Fri, 27 Jul 2018 07:15:40 GMT
Connection: keep-alive
ETag: "5b5ac69c-0"
Accept-Ranges: bytes
url.tudown.com/uploads/images/996169.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/996169.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/996169.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=295950997,1073530917&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708
url.tudown.com/uploads/images/959986.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/959986.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/959986.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=790253309,3737151415&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=696
img2.baidu.com/it/u=3948023687,1486383203&fm=253&app=120&f=JPEG?w=1280&h=800
114.232.92.35200 OK 94 kB URL HTTP/1.1 img2.baidu.com/it/u=3948023687,1486383203&fm=253&app=120&f=JPEG?w=1280&h=800
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash fc3eb42bd05ca7a69eacef88b946fd89
59991574783de214fbd3e7821dce8f3b3940a1da
461e710c9bfaebf71a87dcbdad22c6b98b4a189123660f0aff0b002fb7ae2570
GET /it/u=3948023687,1486383203&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpeg
Content-Length: 94192
Connection: keep-alive
Expires: Sun, 05 Feb 2023 20:21:08 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: fc3eb42bd05ca7a69eacef88b946fd89
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 20:21:08 GMT
Ohc-Cache-HIT: nt2ct57 [1], suzix57 [4]
Ohc-File-Size: 94192
X-Cache-Status: MISS
img1.baidu.com/it/u=2618689501,1704384219&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
58.216.66.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=2618689501,1704384219&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 43cc86d4260ccd4f8e440d61bedb4d5f
562e49b55890ab4ba6d9bbd567f89a87f4effa9c
35198f4ecc9b342955f981be580b90ea6744824bd6151526a1a8fcd39e8c807b
GET /it/u=2618689501,1704384219&fm=253&fmt=auto&app=120&f=JPEG?w=889&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 26778
expires: Tue, 07 Feb 2023 18:14:40 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 43cc86d4260ccd4f8e440d61bedb4d5f
age: 178415
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 18:14:40 GMT
ohc-cache-hit: cz4ct64 [4], bdix131 [2]
ohc-file-size: 26778
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2847222776,1314129012&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=800
114.232.92.35200 OK 105 kB URL HTTP/2 img2.baidu.com/it/u=2847222776,1314129012&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=800
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 105 kB (105184 bytes)
Hash 6e4aac3342cad28a8220d672b4f6c5af
3e459bc75711714125ceadff4f8e22a00d24af9a
fc42545e5057f9e85a6b0bb1b330960c5b7f2983bb8d763abfeee07cbeb90577
GET /it/u=2847222776,1314129012&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 105184
expires: Tue, 21 Feb 2023 02:03:47 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 6e4aac3342cad28a8220d672b4f6c5af
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 02:03:47 GMT
ohc-cache-hit: nt2ct73 [1], suzix156 [4]
ohc-file-size: 105184
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3749494177,2848277549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
114.232.92.35200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=3749494177,2848277549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 21101cfb3a9b4f1579d5b1c9ce352960
54e45aa443a60626526f7ee794288c346a42cb1e
b5f7d7744c5f2ffc322cf028286e0e0698d62f6c95b7a364ba7f19c9db7d1c9d
GET /it/u=3749494177,2848277549&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 18824
expires: Fri, 10 Feb 2023 19:31:04 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 21101cfb3a9b4f1579d5b1c9ce352960
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 19:31:04 GMT
ohc-cache-hit: nt2ct56 [1], csix56 [4]
ohc-file-size: 18824
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2629458014,1817116256&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
114.232.92.35200 OK 59 kB URL HTTP/2 img2.baidu.com/it/u=2629458014,1817116256&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5236cfbb4bfa3e6257ad87bf2d890372
c2b0de6303d605dcdbd8b8d64204397cb302d11f
c388b485666ddb26db5a66b243601d6bc6ceaa8359f7e09db3e455fdb39d61e2
GET /it/u=2629458014,1817116256&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 59188
expires: Sat, 18 Feb 2023 09:28:03 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 5236cfbb4bfa3e6257ad87bf2d890372
age: 168891
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 09:28:03 GMT
ohc-cache-hit: nt2ct68 [4], xaix68 [2]
ohc-file-size: 59188
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3733971035,489838136&fm=253&fmt=auto&app=138&f=JPEG?w=805&h=500
114.232.92.35200 OK 73 kB URL HTTP/2 img2.baidu.com/it/u=3733971035,489838136&fm=253&fmt=auto&app=138&f=JPEG?w=805&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 805x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1976b1b2f9a3cc312d824ddde22df6ed
322e3044539b38a6bc912ddefe5f2b3dc39c4af0
c96fd6408a90e0d4837c2ef788e917d8bc08c362036a8b161f3404fa53150507
GET /it/u=3733971035,489838136&fm=253&fmt=auto&app=138&f=JPEG?w=805&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 72780
expires: Tue, 21 Feb 2023 05:00:49 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1976b1b2f9a3cc312d824ddde22df6ed
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:00:49 GMT
ohc-cache-hit: nt2ct79 [1], qdix140 [2]
ohc-file-size: 72780
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=979683215,374542884&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=484
114.232.92.35200 OK 22 kB URL HTTP/2 img2.baidu.com/it/u=979683215,374542884&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=484
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x484, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1c8e3d1119e1009b1cd7562b04fb8e0c
f8272fd6272ff31b59eb65311db67517a43011e1
8e6c9da45b76daf9df072e2d96da74936cedf01a2b1a2b553b182ccb6450d1f9
GET /it/u=979683215,374542884&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=484 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 21800
expires: Sun, 19 Feb 2023 11:38:16 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 1c8e3d1119e1009b1cd7562b04fb8e0c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 11:38:16 GMT
ohc-cache-hit: nt2ct51 [1], czix140 [2]
ohc-file-size: 21800
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=1816568822,2224693615&fm=253&fmt=auto?w=889&h=500
114.232.92.35200 OK 22 kB URL HTTP/2 img2.baidu.com/it/u=1816568822,2224693615&fm=253&fmt=auto?w=889&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66e216ed4cfcb65ff2bf5a88ad1d12d4
dae8c2affcf2b9eebe16bdba95e1946bc0ccd1f9
78a32f1e8ba91de5a0765725c062864303aed782485a42fcbf66ae435ffa4a57
GET /it/u=1816568822,2224693615&fm=253&fmt=auto?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:06 GMT
content-type: image/webp
content-length: 21578
expires: Fri, 24 Feb 2023 16:53:18 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 66e216ed4cfcb65ff2bf5a88ad1d12d4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 16:53:18 GMT
ohc-cache-hit: nt2ct50 [1], xiangyix99 [2]
ohc-file-size: 21578
x-cache-status: MISS
X-Firefox-Spdy: h2
url.tudown.com/uploads/images/680732.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/680732.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/680732.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1959366521,976641923&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=879
url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.6 kB URL HTTP/1.1 url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (365), with CRLF, LF line terminators
Hash b9c2298f0eb2d5851d13fe7f00e49c22
4136ba7ad4de56812875e5b574fbf543d9921cd0
1a595d598b459b7e533bcbe9a02ea6757982227b71358b987ca7166ed36dc155
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
154.218.151.71200 OK 8.7 kB URL HTTP/1.1 url.tudown.com/index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (365), with CRLF, LF line terminators
Hash 4ad34fae31ef445603ab03bdc2b60ea6
ed79faafc7c118cde3d4b2363ed45a64f1374931
6c1cb2f9c631b5c15efc5c7afb60ef8d10302a66d4c4d30fd79fc71e414fc099
GET /index.php?m=content&c=index&a=get_week_rank&catid=undefined&num=16 HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
url.tudown.com/uploads/images/787932.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/787932.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/787932.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:06 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2743999333,3596976716&fm=253&fmt=auto&app=138&f=JPEG?w=218&h=160
url.tudown.com/uploads/images/100463.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/100463.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/100463.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3507327010,980469667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
url.tudown.com/uploads/images/logo.png?n=4wc3bznxt3s3raxexovolgni4s52v2fbvdsy5aq&w=250
154.218.151.71200 OK 3.2 kB URL HTTP/1.1 url.tudown.com/uploads/images/logo.png?n=4wc3bznxt3s3raxexovolgni4s52v2fbvdsy5aq&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash 9f3151a7d46175138905e5f9a7c57a8d
666f5b88259e90838682e72ebe40b15eb82d23ad
71477d7e95179a758d84ed0615e9ae390827e585659fca4cb0ba618d909cd32a
GET /uploads/images/logo.png?n=4wc3bznxt3s3raxexovolgni4s52v2fbvdsy5aq&w=250 HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
img1.baidu.com/it/u=1959366521,976641923&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=879
58.216.66.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=1959366521,976641923&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=879
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x879, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e5b7ae38fc916d5868573ad0c23b850
d7760b1df9d3c26b51a5abb50564377e2dbc3e23
576c15267ca0d40c2d351bc7738de079e17ac8d80c33d10384688aa3730dab00
GET /it/u=1959366521,976641923&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=879 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 28114
expires: Sat, 18 Feb 2023 14:58:09 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 9e5b7ae38fc916d5868573ad0c23b850
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 14:58:09 GMT
ohc-cache-hit: cz4ct61 [1], bdix215 [2]
ohc-file-size: 28114
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2743999333,3596976716&fm=253&fmt=auto&app=138&f=JPEG?w=218&h=160
114.232.92.35200 OK 8.4 kB URL HTTP/2 img2.baidu.com/it/u=2743999333,3596976716&fm=253&fmt=auto&app=138&f=JPEG?w=218&h=160
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 218x160, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7acd8dc32d4bf4b75aed176157699639
92a7b3b9ddd7222b6f3c4e89ba4fb9811842ef12
78e3af890605edca3c8abd72aeb245604cf9bab70a8b81d67f2d81095ea100d1
GET /it/u=2743999333,3596976716&fm=253&fmt=auto&app=138&f=JPEG?w=218&h=160 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 8420
expires: Wed, 22 Feb 2023 06:17:42 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 7acd8dc32d4bf4b75aed176157699639
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 06:17:42 GMT
ohc-cache-hit: nt2ct79 [1], wzix79 [2]
ohc-file-size: 8420
x-cache-status: MISS
X-Firefox-Spdy: h2
url.tudown.com/uploads/images/688864.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/688864.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/688864.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1336320683,864420967&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
url.tudown.com/uploads/images/836907.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/836907.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/836907.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2934768764,3689929803&fm=253&fmt=auto&app=138&f=JPEG?w=858&h=500
img0.baidu.com/it/u=3852046085,256603671&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1280
58.216.66.35200 OK 97 kB URL HTTP/2 img0.baidu.com/it/u=3852046085,256603671&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1280
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x1280, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8894ae7a0c5e81788c5b078ad6919f32
cac1f0ff7982618b14df3d78fc15ee14417127a5
e7668d06fba4d0bb7c3904090911566375a569ceb4314b81907fcd11e692b77f
GET /it/u=3852046085,256603671&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=1280 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 97362
expires: Sat, 18 Feb 2023 13:29:06 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 8894ae7a0c5e81788c5b078ad6919f32
age: 152560
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 13:29:06 GMT
ohc-cache-hit: cz4ct61 [4], xaix132 [4]
ohc-file-size: 97362
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1353804839,1404123989&fm=253&fmt=auto&app=120&f=JPEG?w=405&h=500
58.216.66.35200 OK 16 kB URL HTTP/2 img0.baidu.com/it/u=1353804839,1404123989&fm=253&fmt=auto&app=120&f=JPEG?w=405&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 405x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0a3475561ab9090ff84da3be7b7af2f5
fe39264ffe688ef812736bcaa0763c7c1d0d087e
d2bcc4b4fd316c78c2b6e7e4ed8ef8ad74bddbbaabb214177cb5030f6ac14b29
GET /it/u=1353804839,1404123989&fm=253&fmt=auto&app=120&f=JPEG?w=405&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 15878
expires: Thu, 23 Feb 2023 06:24:34 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 0a3475561ab9090ff84da3be7b7af2f5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 06:24:34 GMT
ohc-cache-hit: cz4ct65 [1], qdix225 [4]
ohc-file-size: 15878
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=4051546823,2834359803&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=363
58.216.66.35200 OK 24 kB URL HTTP/2 img0.baidu.com/it/u=4051546823,2834359803&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=363
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x363, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c0e6a691238ddf46616d2424e1f12d3a
351ce7905a4cfcc6801d1d474ef1449efe0dd5b2
3602300fa029632babaa65291b3267b4b2fc6dc69279ebfa39aac7556917a193
GET /it/u=4051546823,2834359803&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=363 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 24480
expires: Mon, 20 Feb 2023 04:30:56 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: c0e6a691238ddf46616d2424e1f12d3a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 04:30:56 GMT
ohc-cache-hit: cz4ct60 [1], xiangyix60 [2]
ohc-file-size: 24480
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500
58.216.66.35200 OK 18 kB URL HTTP/2 img0.baidu.com/it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 312x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 255f9deccf59b81cb123d6b6ff32ec0b
d8211788ed755d4f25d0794a650c53fc904e132f
3f510906a37dfa9a14a23e77fd76ff2714b447d4c0324384b522bb600dc80a67
GET /it/u=1913879091,490375149&fm=253&fmt=auto&app=138&f=JPEG?w=312&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 18362
expires: Sat, 04 Mar 2023 07:55:11 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 255f9deccf59b81cb123d6b6ff32ec0b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 02 Feb 2023 07:55:11 GMT
ohc-cache-hit: cz4ct65 [1], csix111 [2]
ohc-file-size: 18362
x-cache-status: MISS
X-Firefox-Spdy: h2
url.tudown.com/uploads/images/151188.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/151188.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/151188.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1824927846,2258898264&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=647
url.tudown.com/uploads/images/609416.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/609416.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/609416.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3702322570,1315718190&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=429
img0.baidu.com/it/u=272990653,4117405755&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=424
58.216.66.35200 OK 44 kB URL HTTP/2 img0.baidu.com/it/u=272990653,4117405755&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=424
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x424, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fe6bbc22d9014f0aae030f36acdb56f6
07131e0cf527752ff1369722969680c1fbc92f4d
e23a006dbcedd18b5dde7dc7f4b0f590c55f94f1f0151fe5f2f5824ab28a2e7f
GET /it/u=272990653,4117405755&fm=253&fmt=auto&app=120&f=JPEG?w=640&h=424 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 43950
expires: Tue, 07 Feb 2023 11:27:15 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: fe6bbc22d9014f0aae030f36acdb56f6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 11:27:15 GMT
ohc-cache-hit: cz4ct50 [1], bdix221 [4]
ohc-file-size: 43950
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=512499957,3047088721&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
58.216.66.35200 OK 33 kB URL HTTP/2 img0.baidu.com/it/u=512499957,3047088721&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 668x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5516da7e2f469ce85169b3c46ae26637
4f50e80258f02e280cb07f17fd9d1c9d55888e6a
b5a12ac53e167dc15b5ab17be9ba266432b048d742623c89ea79c9cd36c6a49b
GET /it/u=512499957,3047088721&fm=253&fmt=auto&app=138&f=JPEG?w=668&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 32592
expires: Sat, 11 Feb 2023 22:19:02 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 5516da7e2f469ce85169b3c46ae26637
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 12 Jan 2023 22:19:02 GMT
ohc-cache-hit: cz4ct63 [1], xaix187 [4]
ohc-file-size: 32592
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1264652813,2208244790&fm=253&fmt=auto&app=138&f=JPEG?w=647&h=500
58.216.66.35200 OK 31 kB URL HTTP/2 img0.baidu.com/it/u=1264652813,2208244790&fm=253&fmt=auto&app=138&f=JPEG?w=647&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 647x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 436f51ba885b72c3d5f50c9e483dc1ac
494bee249125dff5f51f664678df0babf748d4c1
6b28481c25258b7357af7923f062978e566419d84b676c2a7d5a1f70167214e0
GET /it/u=1264652813,2208244790&fm=253&fmt=auto&app=138&f=JPEG?w=647&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 31044
expires: Wed, 22 Feb 2023 03:43:58 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 436f51ba885b72c3d5f50c9e483dc1ac
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:43:58 GMT
ohc-cache-hit: cz4ct55 [1], bdix244 [4]
ohc-file-size: 31044
x-cache-status: MISS
X-Firefox-Spdy: h2
url.tudown.com/uploads/images/346649.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/346649.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/346649.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3089264529,2693077460&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=374
url.tudown.com/uploads/images/978699.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/978699.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/978699.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3370086540,2463674630&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
img2.baidu.com/it/u=1336320683,864420967&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
114.232.92.35200 OK 50 kB URL HTTP/2 img2.baidu.com/it/u=1336320683,864420967&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cecb44a721402831d82d46f046aeacb7
5b107187f47960fb0359311ed4de191410be6d73
afa0e126be32320725930a2bf9ea35b3dbe4aee854964b320aab11c895176876
GET /it/u=1336320683,864420967&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 49706
expires: Tue, 28 Feb 2023 11:20:30 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: cecb44a721402831d82d46f046aeacb7
age: 168627
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 11:20:30 GMT
ohc-cache-hit: nt2ct83 [4], csix83 [2]
ohc-file-size: 49706
x-cache-status: HIT
X-Firefox-Spdy: h2
img2.baidu.com/it/u=2934768764,3689929803&fm=253&fmt=auto&app=138&f=JPEG?w=858&h=500
114.232.92.35200 OK 43 kB URL HTTP/2 img2.baidu.com/it/u=2934768764,3689929803&fm=253&fmt=auto&app=138&f=JPEG?w=858&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 858x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5de568ae53583efc8db40490092409d5
a63c60f3fdfb1f66d6f441f1cdc95aeea183b000
7f62189e926c464f4913dd822e58eaaaf66b7e5d7ee63d8d0cfa474e984fd4b2
GET /it/u=2934768764,3689929803&fm=253&fmt=auto&app=138&f=JPEG?w=858&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 43312
expires: Mon, 20 Feb 2023 11:49:06 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 5de568ae53583efc8db40490092409d5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 11:49:06 GMT
ohc-cache-hit: nt2ct71 [1], czix199 [2]
ohc-file-size: 43312
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=790253309,3737151415&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=696
58.216.66.35200 OK 67 kB URL HTTP/2 img0.baidu.com/it/u=790253309,3737151415&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=696
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x696, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c2cf58b8c138576fe3d67536c2a5d32
3d9d639c03446d89c2499ed2a2303c5b14c34ffc
685d3eff427255b1687a066a76b490393b98a6175696849805586cb943bd7b31
GET /it/u=790253309,3737151415&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=696 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 67366
expires: Sun, 19 Feb 2023 12:04:20 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: 4c2cf58b8c138576fe3d67536c2a5d32
age: 692383
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 12:04:20 GMT
ohc-cache-hit: cz4ct62 [4], xaix241 [4]
ohc-file-size: 67366
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=295950997,1073530917&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708
58.216.66.35200 OK 14 kB URL HTTP/2 img0.baidu.com/it/u=295950997,1073530917&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x708, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b9b19cdef4898f79ac91921b002120f
ae43941b3151c4e41f9690401e98079ff9659a6d
c3d05dae707ac66a65013200c196dbaf72d1a3ddcb6115f335b9a5d0fb8a9e96
GET /it/u=295950997,1073530917&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=708 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 13678
expires: Fri, 24 Feb 2023 06:40:51 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 2b9b19cdef4898f79ac91921b002120f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 06:40:51 GMT
ohc-cache-hit: cz4ct58 [1], xiangyix210 [4]
ohc-file-size: 13678
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3507327010,980469667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
58.216.66.35200 OK 41 kB URL HTTP/2 img0.baidu.com/it/u=3507327010,980469667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x667, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1c6feb0332c589f689378e332fe5395b
b7b3c7abbfe22bab1bea5f9bbc398eae74cd89bf
2c6f366a2f802e3ef01802d1265e2238015c6bf285b63d860e9c462deb216f78
GET /it/u=3507327010,980469667&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=667 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:07 GMT
content-type: image/webp
content-length: 41042
expires: Sun, 26 Feb 2023 02:40:55 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 1c6feb0332c589f689378e332fe5395b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 02:40:55 GMT
ohc-cache-hit: cz4ct67 [1], xaix232 [4]
ohc-file-size: 41042
x-cache-status: MISS
X-Firefox-Spdy: h2
url.tudown.com/uploads/images/802584.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/802584.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/802584.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=602985293,2551316718&fm=224&app=112&f=JPEG?w=400&h=400
url.tudown.com/uploads/images/287233.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/287233.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/287233.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2862397343,2980184886&fm=253&fmt=auto&app=138&f=JPEG?w=757&h=500
t14.baidu.com/it/u=602985293,2551316718&fm=224&app=112&f=JPEG?w=400&h=400
185.10.104.124200 OK 47 kB URL HTTP/1.1 t14.baidu.com/it/u=602985293,2551316718&fm=224&app=112&f=JPEG?w=400&h=400
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash 3bdad709eac831aafb548e9b7751ebb7
b65c347000e2647f8632d118c8edf8c88d640bec
94c9628d601ed3a00688a7f594c96acb4d3147d03c50d338afa7653c89d8cd3f
GET /it/u=602985293,2551316718&fm=224&app=112&f=JPEG?w=400&h=400 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpeg
Content-Length: 47226
Connection: keep-alive
Expires: Fri, 24 Feb 2023 19:24:11 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 3bdad709eac831aafb548e9b7751ebb7
Age: 710706
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 19:24:11 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache52 [1], xiangyix102 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 47226
X-Cache-Status: HIT
Timing-Allow-Origin: *
url.tudown.com/uploads/images/797251.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/797251.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/797251.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=361379517,1180922377&fm=253&fmt=auto?w=500&h=666
url.tudown.com/uploads/images/725768.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/725768.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/725768.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1036531482,2103024523&fm=253&fmt=auto?w=1280&h=800
url.tudown.com/uploads/images/121422.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/121422.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/121422.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3431745017,3537102331&fm=224&app=112&f=JPEG?w=500&h=500
img0.baidu.com/it/u=1366117668,445669186&fm=253&app=120&f=JPEG?w=1280&h=800
110.185.186.35200 OK 87 kB URL HTTP/1.1 img0.baidu.com/it/u=1366117668,445669186&fm=253&app=120&f=JPEG?w=1280&h=800
IP 110.185.186.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 77b962c064433cbbaaa4878d2b9ba380
279987ace2043ba5c15f62cad164d5f64394492e
3b4d7bb3c3f918c779e71a0f52221b721073b5c2a5fbe1416eae3a9ea9e12752
GET /it/u=1366117668,445669186&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpeg
Content-Length: 87090
Connection: keep-alive
Expires: Fri, 10 Feb 2023 23:32:47 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 77b962c064433cbbaaa4878d2b9ba380
Age: 3099
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 11 Jan 2023 23:32:47 GMT
Ohc-Cache-HIT: cd2ct62 [4], xiangyix122 [4]
Ohc-File-Size: 87090
X-Cache-Status: HIT
url.tudown.com/uploads/images/815334.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/815334.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/815334.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:07 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3274269949,1763585853&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
t15.baidu.com/it/u=3431745017,3537102331&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 29 kB URL HTTP/1.1 t15.baidu.com/it/u=3431745017,3537102331&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash b78a5bb7f875a766b8afbbe30c1cd9ea
6e1e73dcb307671209ccae875361742cae8c51b5
b1920896a5e3fd3b7110d95f83b9fe0890dadddc5dacb50b0c7d0da8518778e5
GET /it/u=3431745017,3537102331&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:08 GMT
Content-Type: image/jpeg
Content-Length: 28605
Connection: keep-alive
Expires: Wed, 08 Feb 2023 07:47:53 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: b78a5bb7f875a766b8afbbe30c1cd9ea
Age: 2026636
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 07:47:53 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache50 [4], xiangyix120 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 28605
X-Cache-Status: HIT
Timing-Allow-Origin: *
url.tudown.com/uploads/images/820223.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/820223.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/820223.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2655296532,3511592350&fm=253&app=120&f=JPEG?w=1280&h=800
url.tudown.com/uploads/images/147052.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/147052.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/147052.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=1487829232,3841643433&fm=253&fmt=auto?w=1280&h=800
t15.baidu.com/it/u=2667678520,2276425492&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 40 kB URL HTTP/1.1 t15.baidu.com/it/u=2667678520,2276425492&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f62a80c8b631dcf155feb66b3ad7720f
c5a0171194c8e2c1ea2194fb72f384c2785d082d
552240c6e5715266996a257959f31c6de2bf641ef6eeaa60abcab3cdbc606271
GET /it/u=2667678520,2276425492&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:08 GMT
Content-Type: image/jpeg
Content-Length: 39490
Connection: keep-alive
Expires: Tue, 07 Feb 2023 08:11:26 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: f62a80c8b631dcf155feb66b3ad7720f
Age: 2025704
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 08:11:26 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache51 [2], xaix216 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39490
X-Cache-Status: HIT
Timing-Allow-Origin: *
url.tudown.com/uploads/images/826596.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 url.tudown.com/uploads/images/826596.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/826596.jpg HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 08:06:08 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3057271116,345724961&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
img2.baidu.com/it/u=3274269949,1763585853&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
114.232.92.35200 OK 48 kB URL HTTP/2 img2.baidu.com/it/u=3274269949,1763585853&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0865d044b466c86d7ffa015a136afcf2
5c53721169752ea4d82c8b1150030876a4ced814
bb5412922a992e5fe2f504ea479fe772e4334c77ff23b5b81056f0ce49115246
GET /it/u=3274269949,1763585853&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:08 GMT
content-type: image/webp
content-length: 48450
expires: Mon, 06 Mar 2023 07:54:04 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 0865d044b466c86d7ffa015a136afcf2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 07:54:04 GMT
ohc-cache-hit: nt2ct55 [1], xiangyix159 [4]
ohc-file-size: 48450
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2655296532,3511592350&fm=253&app=120&f=JPEG?w=1280&h=800
110.185.186.35200 OK 89 kB URL HTTP/1.1 img0.baidu.com/it/u=2655296532,3511592350&fm=253&app=120&f=JPEG?w=1280&h=800
IP 110.185.186.35:0
ASN #38283 CHINANET SiChuan Telecom Internet Data Center
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Hash 7cf2f11a3f5b20ffe8f64acce124c7df
eabcfc93c156cc1a1e8546a13304499e4bfcf4a5
59ea1f952a111c60f9ea643968c8f2396ba6c3226260f01426eb49ad8991e73d
GET /it/u=2655296532,3511592350&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:08 GMT
Content-Type: image/jpeg
Content-Length: 88732
Connection: keep-alive
Expires: Thu, 16 Feb 2023 07:23:08 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 7cf2f11a3f5b20ffe8f64acce124c7df
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Tue, 17 Jan 2023 07:23:08 GMT
Ohc-Cache-HIT: cd2ct55 [1], czix80 [2]
Ohc-File-Size: 88732
X-Cache-Status: MISS
img2.baidu.com/it/u=3057271116,345724961&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
114.232.92.35200 OK 26 kB URL HTTP/2 img2.baidu.com/it/u=3057271116,345724961&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 114.232.92.35:0
ASN #131325 CHINATELECOM JIANGSU province NANTONG MAN network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5c79f62556b957935cda232e14452cb3
f746167265ab9ced84957c542e0573942b59e0ed
49a47e1dcde433ba52c58c3d0cbbe6a8eda04dc51d85883beae1982ae7d308fe
GET /it/u=3057271116,345724961&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:08 GMT
content-type: image/webp
content-length: 26116
expires: Thu, 23 Feb 2023 13:49:22 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 5c79f62556b957935cda232e14452cb3
age: 346649
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 24 Jan 2023 13:49:22 GMT
ohc-cache-hit: nt2ct70 [4], wzix70 [2]
ohc-file-size: 26116
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2862397343,2980184886&fm=253&fmt=auto&app=138&f=JPEG?w=757&h=500
58.216.66.35200 OK 30 kB URL HTTP/2 img0.baidu.com/it/u=2862397343,2980184886&fm=253&fmt=auto&app=138&f=JPEG?w=757&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 757x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 30fef4ad875497cd5d03ab0f47eba022
451ce221075fab5cd54c0947f5f787ba720b50d4
a56e05ae363664e7be87f0a5b4a08c0070f0b567591840a33050e05497ef56d2
GET /it/u=2862397343,2980184886&fm=253&fmt=auto&app=138&f=JPEG?w=757&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:08 GMT
content-type: image/webp
content-length: 29828
expires: Wed, 22 Feb 2023 20:45:04 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: 30fef4ad875497cd5d03ab0f47eba022
age: 182890
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 20:45:04 GMT
ohc-cache-hit: cz4ct56 [4], suzix56 [2]
ohc-file-size: 29828
x-cache-status: HIT
X-Firefox-Spdy: h2
img0.baidu.com/it/u=3370086540,2463674630&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
58.216.66.35200 OK 20 kB URL HTTP/2 img0.baidu.com/it/u=3370086540,2463674630&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f1db5c4b07251346ea638ca37eb00ce2
ae7bae2773cec7a20f463c49b0df5a0002a570c7
015af7d97a0aca74038ededd86054e64e75e026e274852b6bb9e1378cc8a449d
GET /it/u=3370086540,2463674630&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:08 GMT
content-type: image/webp
content-length: 20250
expires: Mon, 20 Feb 2023 06:30:40 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: f1db5c4b07251346ea638ca37eb00ce2
age: 622054
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:30:40 GMT
ohc-cache-hit: cz4ct57 [4], wzix71 [2]
ohc-file-size: 20250
x-cache-status: HIT
X-Firefox-Spdy: h2
img1.baidu.com/it/u=361379517,1180922377&fm=253&fmt=auto?w=500&h=666
58.216.66.35200 OK 18 kB URL HTTP/2 img1.baidu.com/it/u=361379517,1180922377&fm=253&fmt=auto?w=500&h=666
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x666, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 51755800a95a363182a79ce4fae6feed
3fd195843ed6c6bceb509a31f1692748d94ecd9e
5553151d55c3457bc6390ac5bc9203137ca8d4f28cf9fdcc3503db892a9c86dd
GET /it/u=361379517,1180922377&fm=253&fmt=auto?w=500&h=666 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:08 GMT
content-type: image/webp
content-length: 18526
expires: Thu, 09 Feb 2023 10:08:41 GMT
last-modified: Sun, 04 Jan 1970 00:00:00 GMT
etag: 51755800a95a363182a79ce4fae6feed
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 10 Jan 2023 10:08:41 GMT
ohc-cache-hit: cz4ct61 [1], wzix61 [2]
ohc-file-size: 18526
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3089264529,2693077460&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=374
58.216.66.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=3089264529,2693077460&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=374
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x374, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb0902fb8966f4dcd98c07b86c39b9a7
8043131d06fc4dcc6d30d0c4005842c565df2a3b
a464cfbccfbfac69cd156e0df1940d26afe9971404d6e90d733d0cf9cb6a1176
GET /it/u=3089264529,2693077460&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=374 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:08 GMT
content-type: image/webp
content-length: 28466
expires: Mon, 06 Mar 2023 07:05:51 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: bb0902fb8966f4dcd98c07b86c39b9a7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 07:05:51 GMT
ohc-cache-hit: cz4ct57 [1], xiangyix218 [4]
ohc-file-size: 28466
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=3702322570,1315718190&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=429
58.216.66.35200 OK 16 kB URL HTTP/2 img1.baidu.com/it/u=3702322570,1315718190&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=429
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 580x429, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 02a904f1448e3622bf61d4f4dd3af797
7eb179cfc208566f8c4345c159bf10ebb81961ca
bc871de137676ba8f59fc5bf5e3943abb6d8b4f18a20de2927cdf0d204339d34
GET /it/u=3702322570,1315718190&fm=253&fmt=auto&app=138&f=JPEG?w=580&h=429 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:08 GMT
content-type: image/webp
content-length: 15990
expires: Mon, 06 Mar 2023 05:31:53 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 02a904f1448e3622bf61d4f4dd3af797
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 05:31:53 GMT
ohc-cache-hit: cz4ct66 [1], xiangyix152 [2]
ohc-file-size: 15990
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1824927846,2258898264&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=647
58.216.66.35200 OK 19 kB URL HTTP/2 img0.baidu.com/it/u=1824927846,2258898264&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=647
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x647, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec1ecfc9050e76d62ba5d7709a9c17a8
e040462a20045c2f319dfb66291a14a4cd4b03b8
26e295ddf91ce8376fcb1da2b7051b98d4b60f2b14d088df74f235569215627b
GET /it/u=1824927846,2258898264&fm=253&fmt=auto&app=120&f=JPEG?w=500&h=647 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:08 GMT
content-type: image/webp
content-length: 18814
expires: Wed, 22 Feb 2023 02:14:04 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: ec1ecfc9050e76d62ba5d7709a9c17a8
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:14:04 GMT
ohc-cache-hit: cz4ct67 [1], xaix172 [2]
ohc-file-size: 18814
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=1036531482,2103024523&fm=253&fmt=auto?w=1280&h=800
58.216.66.35200 OK 43 kB URL HTTP/2 img0.baidu.com/it/u=1036531482,2103024523&fm=253&fmt=auto?w=1280&h=800
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 792c11a4952198b33acc5bfd8ae6837c
f0309b4007bf11ef505750095a280945bec9329b
16096eb653b836894bee5b814e85fcb15b2e68c8de9d5598e7511b30b2908f36
GET /it/u=1036531482,2103024523&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 08:06:08 GMT
content-type: image/webp
content-length: 43114
expires: Thu, 16 Feb 2023 07:46:44 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 792c11a4952198b33acc5bfd8ae6837c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 17 Jan 2023 07:46:44 GMT
ohc-cache-hit: cz4ct50 [1], xaix173 [4]
ohc-file-size: 43114
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1487829232,3841643433&fm=253&fmt=auto?w=1280&h=800
58.216.66.35200 OK 148 kB URL HTTP/1.1 img1.baidu.com/it/u=1487829232,3841643433&fm=253&fmt=auto?w=1280&h=800
IP 58.216.66.35:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 148 kB (147864 bytes)
Hash 97c66c6ec67bfb9182d851d7ad33b8b7
2a9dcac19fba4b56660a0a3b3fdb850c95848d41
d44c35c85c4a77296e32dd6a103d4c19626916aa685f155aa03a00d37429af4c
GET /it/u=1487829232,3841643433&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 08:06:08 GMT
Content-Type: image/webp
Content-Length: 147864
Connection: keep-alive
Expires: Tue, 14 Feb 2023 06:36:40 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 97c66c6ec67bfb9182d851d7ad33b8b7
Age: 1556053
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 06:36:40 GMT
Ohc-Cache-HIT: cz4ct56 [4], czix74 [2]
Ohc-File-Size: 147864
X-Cache-Status: HIT
url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.tudown.com/xiaz/lumion8.3%E4%B8%AD%E6%96%87%E7%89%88@560_352844.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675497278,1675498001; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675498001
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:06:09 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
54.230.111.58200 OK 0 B URL HTTP/2 jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
IP 54.230.111.58:0
GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1
Host: jspassport.ssl.qhimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc01.lato;REVALIDATED from w-sc01.lato
date: Sat, 04 Feb 2023 07:58:45 GMT
cache-control: max-age=600
expires: Sat, 04 Feb 2023 08:08:43 GMT
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zAnKJ89mC0zud3yy_H2rb2fdinW7IlD2f8lXCfgM1__87XR7IMKpHg==
age: 441
X-Firefox-Spdy: h2