r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8135
Expires: Sat, 04 Feb 2023 08:52:26 GMT
Date: Sat, 04 Feb 2023 06:36:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e051e6e01b12b9ad6e0014603f93431a
ada9efe77054d8593f2687fb3a7eada8908ef7e8
c41be8ffe176ca674efb0588164fdfd237754c6b5b461f8f46387b96ae7d6090
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41BE8FFE176CA674EFB0588164FDFD237754C6B5B461F8F46387B96AE7D6090"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17952
Expires: Sat, 04 Feb 2023 11:36:03 GMT
Date: Sat, 04 Feb 2023 06:36:51 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12552
Expires: Sat, 04 Feb 2023 10:06:03 GMT
Date: Sat, 04 Feb 2023 06:36:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 05:43:35 GMT
content-type: application/json
age: 3196
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PXMi4+yBvKCYSBaAsMrakRvkxrwJ8gxdRtJf3zx0R3r7/GW7I/e/YQcYvGqSSyGXNLDr0bJ2jYY=
x-amz-request-id: 51W20BGX53AEX19C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 05:52:43 GMT
age: 2648
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:36:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 05:49:07 GMT
age: 2864
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
154.218.151.71200 OK 6.5 kB URL HTTP/1.1 18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (310), with CRLF, LF line terminators
Hash d928a31d17a9e9c6672b85bfaf6ad41a
b79d67124ed746e76f0f8a156540977c5eec8337
15ece21af07a72250b9965bb1a924f8fd69149cdfdfc8cbaef45f1438309ab6c
Analyzer Verdict Alert fortinet Malware
GET /xiaz/plants.vs.zombies-v2.2@248_27706.exe HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16292
Expires: Sat, 04 Feb 2023 11:08:23 GMT
Date: Sat, 04 Feb 2023 06:36:51 GMT
Connection: keep-alive
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HNHXlrrvJadnxWZIIaHatg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +7oY4Zlw+j/ZIc1qiMogOEr9y0M=
18495.url.tudown.com/template/company/42xz/css/common.css
154.218.151.71200 OK 1.9 kB URL HTTP/1.1 18495.url.tudown.com/template/company/42xz/css/common.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5
GET /template/company/42xz/css/common.css HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Sat, 04 Feb 2023 18:36:52 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
18495.url.tudown.com/js/orsxg5a.script
154.218.151.71200 OK 531 B URL HTTP/1.1 18495.url.tudown.com/js/orsxg5a.script
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15
GET /js/orsxg5a.script HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
18495.url.tudown.com/template/company/42xz/css/soft.css
154.218.151.71200 OK 6.6 kB URL HTTP/1.1 18495.url.tudown.com/template/company/42xz/css/soft.css
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356
GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Sat, 04 Feb 2023 18:36:52 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
18495.url.tudown.com/template/company/42xz/js/soft.js
154.218.151.71200 OK 3.6 kB URL HTTP/1.1 18495.url.tudown.com/template/company/42xz/js/soft.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d
GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Sat, 04 Feb 2023 18:36:52 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fc91044ea257e54846f8dd907b48d29e
6d2231e05dabe5ee55f8dbf8687d7b7a92c25d64
8e77e1a87ab035ed1affd01159d1c899e46d7c247d0bc085dd57d1b1c6fed830
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E77E1A87AB035ED1AFFD01159D1C899E46D7C247D0BC085DD57D1B1C6FED830"
Last-Modified: Thu, 02 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4967
Expires: Sat, 04 Feb 2023 07:59:40 GMT
Date: Sat, 04 Feb 2023 06:36:53 GMT
Connection: keep-alive
18495.url.tudown.com/uploads/images/logo.png?n=5g5yjzmgrds3raxjusiotjno46xkdz4qq3ul7ehiscs6ta5i&w=250
154.218.151.71200 OK 3.5 kB URL HTTP/1.1 18495.url.tudown.com/uploads/images/logo.png?n=5g5yjzmgrds3raxjusiotjno46xkdz4qq3ul7ehiscs6ta5i&w=250
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Hash a5dc02731c3f735ce163bb0ea03b16d3
c5990d1d0f8862cd4ca3d0f5c7901cde194faca0
9dc3782a86f800b1f48b0facb8a2bc22f7fdb509873713bff13f911d7d7b8486
GET /uploads/images/logo.png?n=5g5yjzmgrds3raxjusiotjno46xkdz4qq3ul7ehiscs6ta5i&w=250 HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
18495.url.tudown.com/uploads/images/481836.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/481836.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/481836.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3854596382,2878485949&fm=224&app=112&f=JPEG?w=500&h=500
18495.url.tudown.com/uploads/images/136668.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/136668.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/136668.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3672415628,631277731&fm=253&fmt=auto&app=138&f=JPEG?w=482&h=265
18495.url.tudown.com/template/company/42xz/images/tab_line.png
154.218.151.71200 OK 1.2 kB URL HTTP/1.1 18495.url.tudown.com/template/company/42xz/images/tab_line.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 190 x 7\012- data
Hash 4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06
GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes
18495.url.tudown.com/template/company/42xz/images/dian1.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 18495.url.tudown.com/template/company/42xz/images/dian1.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685
GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes
18495.url.tudown.com/uploads/images/734665.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/734665.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/734665.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=148410135,1299247152&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=1024
18495.url.tudown.com/uploads/images/531825.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/531825.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/531825.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3778258229,1875708781&fm=224&app=112&f=JPEG?w=500&h=500
18495.url.tudown.com/template/company/42xz/js/jquery.js
154.218.151.71200 OK 46 kB URL HTTP/1.1 18495.url.tudown.com/template/company/42xz/js/jquery.js
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash 49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be
GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Sat, 04 Feb 2023 18:36:52 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash c45b5d23d78c603a4f679957cc907c55
c0c6131e462224b19bf52c269ffda26be7dcc3ce
7acbb574f2c3ce64da98b8bf9e8af19ba063535e4cbf9fadaf803c34381178dd
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:09:39 GMT
ETag: "c0c6131e462224b19bf52c269ffda26be7dcc3ce"
Last-Modified: Sat, 04 Feb 2023 04:09:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1512
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794165014843b527-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10293
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:36:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10293
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:36:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10293
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:36:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10293
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 06:36:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 29934
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
age: 30392
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 30380
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
18495.url.tudown.com/uploads/images/206579.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/206579.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/206579.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2974140527,791421799&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
18495.url.tudown.com/uploads/images/857856.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/857856.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/857856.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2554001494,2982271634&fm=224&app=112&f=JPEG?w=500&h=500
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:05 GMT
age: 31728
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 30494
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
18495.url.tudown.com/uploads/images/557549.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/557549.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/557549.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1238913684,398514549&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=398
18495.url.tudown.com/uploads/images/67327.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/67327.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/67327.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2311729909,995902721&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
18495.url.tudown.com/uploads/images/292517.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/292517.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/292517.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1677365075,3202113398&fm=224&app=112&f=JPEG?w=500&h=500
18495.url.tudown.com/uploads/images/880479.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/880479.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/880479.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1178444266,632526794&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=426
18495.url.tudown.com/uploads/images/857310.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/857310.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/857310.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1538948376,1368609904&fm=224&app=112&f=PNG?w=500&h=500
18495.url.tudown.com/uploads/images/236076.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/236076.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/236076.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2919101970,2613881782&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
18495.url.tudown.com/uploads/images/471261.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/471261.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/471261.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=584437732,2268459894&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
18495.url.tudown.com/uploads/images/624638.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/624638.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/624638.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=858552630,3355006432&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
18495.url.tudown.com/uploads/images/145036.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/145036.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/145036.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=890478861,1298540812&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=302
18495.url.tudown.com/uploads/images/924935.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/924935.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/924935.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:53 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=3264223961,2173061826&fm=224&app=112&f=JPEG?w=500&h=500
18495.url.tudown.com/uploads/images/505367.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/505367.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/505367.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=3388332642,1139882778&fm=224&app=112&f=JPEG?w=500&h=500
18495.url.tudown.com/uploads/images/222486.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/222486.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/222486.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=284852671,127318131&fm=253&fmt=auto&app=138&f=JPEG?w=701&h=500
18495.url.tudown.com/uploads/images/585780.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/585780.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/585780.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3422795707,1191374492&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 06:36:54 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 06:36:54 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=6C30955220AAC8D5E3D6BC2BBE8AA5D5:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 06:36:54 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
18495.url.tudown.com/uploads/images/210210.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/210210.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/210210.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1409919467,1656180023&fm=224&app=112&f=JPEG?w=500&h=500
18495.url.tudown.com/uploads/images/109557.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/109557.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/109557.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1194076453,1425750803&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
18495.url.tudown.com/uploads/images/359264.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/359264.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/359264.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2486204366,1818670457&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
18495.url.tudown.com/uploads/images/957465.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/957465.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/957465.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3511892000,1824655894&fm=253&app=120&f=PNG?w=800&h=1280
18495.url.tudown.com/uploads/images/615177.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/615177.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/615177.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800
18495.url.tudown.com/template/company/42xz/images/dian2.png
154.218.151.71200 OK 1.1 kB URL HTTP/1.1 18495.url.tudown.com/template/company/42xz/images/dian2.png
IP 154.218.151.71:0
ASN #137951 Clayer Limited
File type GIF image data, version 89a, 4 x 4\012- data
Hash 3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1
GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/template/company/42xz/css/soft.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes
18495.url.tudown.com/uploads/images/789700.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/789700.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/789700.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4236532794,2495700365&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
18495.url.tudown.com/uploads/images/348562.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/348562.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/348562.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3082888856,4264739488&fm=253&fmt=auto&app=138&f=JPEG?w=700&h=500
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (633)
Hash 472447b47f0ed18cd19beb6cf7d5eda6
8db28ea2447ef4a4bb50cf28479225525961e972
875f382504b27b8c5a3b3d7dae31a97ef10756a40f0ec2deb30cfc30132f3699
GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18495.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 06:36:53 GMT
Etag: 85e28f00a717ad4a3e39412f7b8d5ad0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2A0EF2FD4BD73933; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img2.baidu.com/it/u=2311729909,995902721&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
183.134.239.1200 OK 9.7 kB URL HTTP/2 img2.baidu.com/it/u=2311729909,995902721&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f9f333d5bb81ba3c7b29035d2e20d184
f5bf2f9011f7b0b830c313cb29670961166c0889
b177baec96380314284f54d43d3337132856f89bf7f717bfe15f31f9400e2621
GET /it/u=2311729909,995902721&fm=253&fmt=auto&app=138&f=JPEG?w=200&h=200 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 9652
expires: Mon, 20 Feb 2023 11:49:00 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: f9f333d5bb81ba3c7b29035d2e20d184
age: 5494
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 11:49:00 GMT
ohc-cache-hit: nb7ct59 [4], qdix171 [4]
ohc-file-size: 9652
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 2d1a15af936b883451dbf3d75568f863
fc4961b5f0041dc198464c6dda01183cb07ef0ae
b85ef4c0fe7a48d851368152ecd1cf3f17611ed52c2a11936e5d3ae01d932e9d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:50:17 GMT
ETag: "fc4961b5f0041dc198464c6dda01183cb07ef0ae"
Last-Modified: Sat, 04 Feb 2023 04:50:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3496
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79416509e8611c12-OSL
img2.baidu.com/it/u=3672415628,631277731&fm=253&fmt=auto&app=138&f=JPEG?w=482&h=265
183.134.239.1200 OK 14 kB URL HTTP/2 img2.baidu.com/it/u=3672415628,631277731&fm=253&fmt=auto&app=138&f=JPEG?w=482&h=265
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 482x265, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fd601c0dc5ef58bbdd307eca1b19e00d
78c5464632c902d8f390f6503f182cbacb25f8b7
2e5447b27fe4502505693f64593910baa6e3655683ac7dcde3ad3353bba74c5f
GET /it/u=3672415628,631277731&fm=253&fmt=auto&app=138&f=JPEG?w=482&h=265 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 13750
expires: Tue, 21 Feb 2023 10:21:12 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: fd601c0dc5ef58bbdd307eca1b19e00d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 10:21:12 GMT
ohc-cache-hit: nb7ct52 [1], czix230 [4]
ohc-file-size: 13750
x-cache-status: MISS
X-Firefox-Spdy: h2
t14.baidu.com/it/u=1677365075,3202113398&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t14.baidu.com/it/u=1677365075,3202113398&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 07f199283ce4c378ede496c395bd8daf
e5500ad063d752962280567c97e552123b1b9ebb
9c6f4254ef321886f03697da4d85c34513a9c7b32c814cc5c6af9bcddecc8e76
GET /it/u=1677365075,3202113398&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpeg
Content-Length: 38751
Connection: keep-alive
Expires: Fri, 24 Feb 2023 03:26:37 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 07f199283ce4c378ede496c395bd8daf
Age: 347979
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 25 Jan 2023 03:26:37 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache52 [4], csix83 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 38751
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=3854596382,2878485949&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 58 kB URL HTTP/1.1 t13.baidu.com/it/u=3854596382,2878485949&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 0054a6a26b17fa46af3c250af31da10d
43c09a61bc4f849dd55f3d87139dc44d6332e60c
82ea0b0ec7377be1467a510c3fde4a3ca9ed506c8c56395221c2f6622ce20c5c
GET /it/u=3854596382,2878485949&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpeg
Content-Length: 57928
Connection: keep-alive
Expires: Tue, 21 Feb 2023 21:34:34 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: 0054a6a26b17fa46af3c250af31da10d
Age: 1069340
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 21:34:34 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [2], jnuncache58 [4], qdix126 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 57928
X-Cache-Status: HIT
Timing-Allow-Origin: *
t13.baidu.com/it/u=3388332642,1139882778&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 74 kB URL HTTP/1.1 t13.baidu.com/it/u=3388332642,1139882778&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 5a60f30cabcec75eaea1c997a2d887e1
1791f8793ac179301a9e65c0cda33b78a342c5f5
1f054c55df00c25f695113de13be9b6519f92425dfe61d7c804693efc42ef2c6
GET /it/u=3388332642,1139882778&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpeg
Content-Length: 73950
Connection: keep-alive
Expires: Sat, 04 Feb 2023 23:41:25 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 5a60f30cabcec75eaea1c997a2d887e1
Age: 2019790
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 23:41:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache55 [1], bdix240 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 73950
X-Cache-Status: HIT
Timing-Allow-Origin: *
18495.url.tudown.com/uploads/images/515157.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/515157.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/515157.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3339499544,2554994596&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
t13.baidu.com/it/u=3778258229,1875708781&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 50 kB URL HTTP/1.1 t13.baidu.com/it/u=3778258229,1875708781&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ffda7742d06a2d7a544484c3ab101af6
dd611bf6bd339b2a944f0ad413e0db90e3e89342
f1768c462e298fdcc23590cd607139fbbf218fd71d8a5f33e0d1d53d163ead39
GET /it/u=3778258229,1875708781&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpeg
Content-Length: 49679
Connection: keep-alive
Expires: Wed, 15 Feb 2023 02:55:25 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: ffda7742d06a2d7a544484c3ab101af6
Age: 353797
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 02:55:25 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache53 [4], wzix88 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 49679
X-Cache-Status: HIT
Timing-Allow-Origin: *
t14.baidu.com/it/u=3264223961,2173061826&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 63 kB URL HTTP/1.1 t14.baidu.com/it/u=3264223961,2173061826&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 4774ecc88476effa687e04eae9292298
6f12cb7f2577623eb6901c9d6cafbac2532514c2
8486db17601fae9e48c972edcdc59a46178b0ab9e9f3dfe22de7b210d3a71775
GET /it/u=3264223961,2173061826&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpeg
Content-Length: 63328
Connection: keep-alive
Expires: Tue, 28 Feb 2023 19:15:07 GMT
Last-Modified: Tue, 13 Jan 1970 00:00:00 GMT
ETag: 4774ecc88476effa687e04eae9292298
Age: 359960
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 19:15:07 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache50 [1], xaix219 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 63328
X-Cache-Status: HIT
Timing-Allow-Origin: *
img1.baidu.com/it/u=4236532794,2495700365&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
1.193.146.35200 OK 19 kB URL HTTP/2 img1.baidu.com/it/u=4236532794,2495700365&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x501, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash acee3e9523acbe0058b7990433f6523e
b26cfa6c1918038220ce82cabbfc318ea7d5dcbf
efdc6a214ab019b86af054e4d94aa3139d26fa5534144caf80f16088325ac222
GET /it/u=4236532794,2495700365&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=501 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 18608
expires: Wed, 22 Feb 2023 02:21:06 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: acee3e9523acbe0058b7990433f6523e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 02:21:06 GMT
ohc-cache-hit: ly5ct62 [1], bdix192 [2]
ohc-file-size: 18608
x-cache-status: MISS
X-Firefox-Spdy: h2
18495.url.tudown.com/uploads/images/786344.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/786344.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/786344.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3927920603,2173831038&fm=224&app=112&f=JPEG?w=500&h=500
18495.url.tudown.com/uploads/images/541313.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/541313.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/541313.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1464025207,1601930707&fm=224&app=112&f=JPEG?w=500&h=500
img2.baidu.com/it/u=148410135,1299247152&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=1024
183.134.239.1200 OK 25 kB URL HTTP/2 img2.baidu.com/it/u=148410135,1299247152&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=1024
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 479x1024, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4d22b1f204b2d2b8d4c299179c7cb047
5be8d8b3bbeb9f31007a56adcd596b43735eae0f
2d3c93479864799958fe00dbc1e89b98ea68c4cd0f15d7bb04d98e512652a015
GET /it/u=148410135,1299247152&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=1024 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 24766
expires: Mon, 06 Mar 2023 03:19:03 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 4d22b1f204b2d2b8d4c299179c7cb047
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 04 Feb 2023 03:19:03 GMT
ohc-cache-hit: nb7ct57 [1], czix102 [2]
ohc-file-size: 24766
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3082888856,4264739488&fm=253&fmt=auto&app=138&f=JPEG?w=700&h=500
183.134.239.1200 OK 27 kB URL HTTP/2 img2.baidu.com/it/u=3082888856,4264739488&fm=253&fmt=auto&app=138&f=JPEG?w=700&h=500
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f3dd3209c1ecc267ea8a01f89369a81f
13f1cc3e833bc6da876da16f0a6ba080d2a158a8
9b3acbc78b008bed28f2027df4c50dcae1fa60aaa8780467d702d56bbed7ec8f
GET /it/u=3082888856,4264739488&fm=253&fmt=auto&app=138&f=JPEG?w=700&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 26610
expires: Mon, 20 Feb 2023 04:46:19 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: f3dd3209c1ecc267ea8a01f89369a81f
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 04:46:19 GMT
ohc-cache-hit: nb7ct60 [1], bdix222 [4]
ohc-file-size: 26610
x-cache-status: MISS
X-Firefox-Spdy: h2
18495.url.tudown.com/uploads/images/339564.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/339564.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/339564.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=2984372504,817641720&fm=253&app=138&f=JPEG?w=800&h=500
18495.url.tudown.com/uploads/images/160198.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/160198.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/160198.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=88574731,3460932504&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
t14.baidu.com/it/u=1464025207,1601930707&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t14.baidu.com/it/u=1464025207,1601930707&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f9a188f54fce5ef5640948251066761d
e1c83e9c6d7fcf40526c91d3c3e7f211ea1010ae
07a49bf93a7d98902380045ed0c04ad26844f8b14d5903e17c37a901814e7c97
GET /it/u=1464025207,1601930707&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpeg
Content-Length: 39408
Connection: keep-alive
Expires: Tue, 07 Feb 2023 18:14:41 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: f9a188f54fce5ef5640948251066761d
Age: 2019459
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 08 Jan 2023 18:14:41 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [4], zhuzuncache52 [4], qdix80 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39408
X-Cache-Status: HIT
Timing-Allow-Origin: *
18495.url.tudown.com/uploads/images/446453.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/446453.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/446453.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:54 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3703390478,297776897&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
img2.baidu.com/it/u=3422795707,1191374492&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
183.134.239.1200 OK 7.6 kB URL HTTP/2 img2.baidu.com/it/u=3422795707,1191374492&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 753cf260d54eb818df955811164fcafc
5c081881beb9748cc8ae1b89b975de6f6f4411cd
565b095105879e9d4198c3278b58abc1d539d916f7f231e34897017a19db6772
GET /it/u=3422795707,1191374492&fm=253&fmt=auto&app=138&f=JPEG?w=300&h=300 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 7582
expires: Mon, 20 Feb 2023 02:55:39 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 753cf260d54eb818df955811164fcafc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 02:55:39 GMT
ohc-cache-hit: nb7ct53 [1], qdix53 [2]
ohc-file-size: 7582
x-cache-status: MISS
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=797643078&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=24839&r=0&ww=1280&u=http%3A%2F%2F18495.url.tudown.com%2Fxiaz%2Fplants.vs.zombies-v2.2%40248_27706.exe&tt=%E7%BD%91%E7%BB%9C%E7%9C%9F%E5%AE%9E%E6%8D%95%E9%B1%BC%E6%B8%B8%E6%88%8F%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=797643078&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=24839&r=0&ww=1280&u=http%3A%2F%2F18495.url.tudown.com%2Fxiaz%2Fplants.vs.zombies-v2.2%40248_27706.exe&tt=%E7%BD%91%E7%BB%9C%E7%9C%9F%E5%AE%9E%E6%8D%95%E9%B1%BC%E6%B8%B8%E6%88%8F%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=797643078&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=24839&r=0&ww=1280&u=http%3A%2F%2F18495.url.tudown.com%2Fxiaz%2Fplants.vs.zombies-v2.2%40248_27706.exe&tt=%E7%BD%91%E7%BB%9C%E7%9C%9F%E5%AE%9E%E6%8D%95%E9%B1%BC%E6%B8%B8%E6%88%8F%E4%B8%8B%E8%BD%BD(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E5%AE%A2%E6%88%B7%E7%AB%AF%E4%B8%8B%E8%BD%BDV6.37.142_IOS%2F%E5%AE%89%E5%8D%93%E9%80%9A%E7%94%A8%E7%89%88 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18495.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 06:36:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=667B88955C19644C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
api.share.baidu.com/s.gif?l=http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
112.34.113.148200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 06:36:55 GMT
img1.baidu.com/it/u=1194076453,1425750803&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
1.193.146.35200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=1194076453,1425750803&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3994120c8ee26ddd543bb5b842e4e137
fa939c0e7db0a6aa3d216180ecce175a7de4265e
d3c3f03706d10933bfe9500927e5f1bc7f4775b39942a9dc414e977a6e0aeb0d
GET /it/u=1194076453,1425750803&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 13528
expires: Mon, 20 Feb 2023 21:52:09 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 3994120c8ee26ddd543bb5b842e4e137
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 21:52:09 GMT
ohc-cache-hit: ly5ct55 [1], czix203 [4]
ohc-file-size: 13528
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=858552630,3355006432&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
1.193.146.35200 OK 20 kB URL HTTP/2 img1.baidu.com/it/u=858552630,3355006432&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d82c62735442dd56e1e47b58dd50eb8c
e796c30465e11b76eb981714d0005df0d5aa1cd5
f73b251782143eff7a760f452a938cbf4074587c64c49f84f07ba13934063e29
GET /it/u=858552630,3355006432&fm=253&fmt=auto&app=120&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 20514
expires: Mon, 27 Feb 2023 09:55:58 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: d82c62735442dd56e1e47b58dd50eb8c
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 28 Jan 2023 09:55:58 GMT
ohc-cache-hit: ly5ct54 [1], bdix198 [4]
ohc-file-size: 20514
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1178444266,632526794&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=426
1.193.146.35200 OK 14 kB URL HTTP/2 img1.baidu.com/it/u=1178444266,632526794&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=426
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x426, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fa1276781b0ab8e7cfb85abbc6635f9b
3ed76312db14b02e3c2781ddac1bfe282116ca47
2f183a3bed2afbacbb5a283f5c9fa971f8e2f384c167d8fb9eeb29a84bc11363
GET /it/u=1178444266,632526794&fm=253&fmt=auto&app=138&f=JPEG?w=640&h=426 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 14524
expires: Tue, 28 Feb 2023 02:59:52 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: fa1276781b0ab8e7cfb85abbc6635f9b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 29 Jan 2023 02:59:52 GMT
ohc-cache-hit: ly5ct64 [1], xaix144 [4]
ohc-file-size: 14524
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2974140527,791421799&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
183.134.239.1200 OK 19 kB URL HTTP/2 img0.baidu.com/it/u=2974140527,791421799&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1684019bfaa5643c66db1ad16d4f277a
456390bc2d3a891372eb0c77e0fa718338f0b907
dd5f6b1bc8b5d7a197b5090e96ff175bce05170ae1528510b1dc6b9296daf3d1
GET /it/u=2974140527,791421799&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=707 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 18920
expires: Wed, 22 Feb 2023 03:07:32 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1684019bfaa5643c66db1ad16d4f277a
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 23 Jan 2023 03:07:32 GMT
ohc-cache-hit: nb7ct53 [1], suzix109 [4]
ohc-file-size: 18920
x-cache-status: MISS
X-Firefox-Spdy: h2
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
180.97.251.250200 OK 20 B URL HTTP/2 s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP 180.97.251.250:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://18495.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 20
date: Sat, 04 Feb 2023 06:03:00 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sat, 04 Feb 2023 06:03:00 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1675490580
via: cache18.l2ea120-8[75,75,200-0,M], cache30.l2ea120-8[77,0], cache8.cn2205[0,0,200-0,H], cache17.cn2205[0,0]
age: 2035
x-cache: HIT TCP_MEM_HIT dirn:13:697875226
x-swift-savetime: Sat, 04 Feb 2023 06:03:00 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb2d16754926151023511e
X-Firefox-Spdy: h2
18495.url.tudown.com/uploads/images/533558.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/533558.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/533558.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2918160468,939598698&fm=253&fmt=auto?w=1280&h=800
img0.baidu.com/it/u=2486204366,1818670457&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
183.134.239.1200 OK 7.6 kB URL HTTP/2 img0.baidu.com/it/u=2486204366,1818670457&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44b02c95ba6c1bfa83105e96b9dad5c9
c031d56c629072d03ae12499229c2c7bcf4d69a7
d337638bc7c76921b27466a64bb362ea27bdf64270ab3c9885ac7debd7b4d62c
GET /it/u=2486204366,1818670457&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 7632
expires: Sat, 18 Feb 2023 04:28:32 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 44b02c95ba6c1bfa83105e96b9dad5c9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 04:28:32 GMT
ohc-cache-hit: nb7ct54 [1], bdix220 [2]
ohc-file-size: 7632
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=284852671,127318131&fm=253&fmt=auto&app=138&f=JPEG?w=701&h=500
183.134.239.1200 OK 37 kB URL HTTP/2 img2.baidu.com/it/u=284852671,127318131&fm=253&fmt=auto&app=138&f=JPEG?w=701&h=500
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 701x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d0a950b3c26f477d192d8cf972dd53ec
0cb1bc561504b7e1b3d99c1cf4b2f232e1f33184
6f20af05aaaa0f1e7b5bb8ee0017e13d6252209baf765b675caab7cc8ff4a023
GET /it/u=284852671,127318131&fm=253&fmt=auto&app=138&f=JPEG?w=701&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 36844
expires: Mon, 06 Feb 2023 04:08:59 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: d0a950b3c26f477d192d8cf972dd53ec
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 04:08:59 GMT
ohc-cache-hit: nb7ct61 [1], qdix83 [4]
ohc-file-size: 36844
x-cache-status: MISS
X-Firefox-Spdy: h2
18495.url.tudown.com/uploads/images/801395.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/801395.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/801395.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1798021489,1468780476&fm=253&fmt=auto&app=138&f=JPEG?w=355&h=500
img2.baidu.com/it/u=3339499544,2554994596&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
183.134.239.1200 OK 24 kB URL HTTP/2 img2.baidu.com/it/u=3339499544,2554994596&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 21c62b68016a1b5c0a14b80236efafe9
326e66210a84061b1898c322c652d2f23f790f0b
c5554efd5607792de2ff31bb6ba0a93483cc6c124975d6e67dcb60c349b88048
GET /it/u=3339499544,2554994596&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:55 GMT
content-type: image/webp
content-length: 23932
expires: Mon, 27 Feb 2023 13:30:53 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 21c62b68016a1b5c0a14b80236efafe9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 28 Jan 2023 13:30:53 GMT
ohc-cache-hit: nb7ct55 [1], xaix68 [4]
ohc-file-size: 23932
x-cache-status: MISS
X-Firefox-Spdy: h2
18495.url.tudown.com/uploads/images/774266.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/774266.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/774266.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3687507557,1328220146&fm=253&fmt=auto&app=138&f=JPEG?w=1379&h=500
img2.baidu.com/it/u=3703390478,297776897&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
183.134.239.1200 OK 26 kB URL HTTP/2 img2.baidu.com/it/u=3703390478,297776897&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 354x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 48f050ec213e6150303f6932590386e7
4445e7ca76beabcb8e51b5b51a6a055943c9ec40
1adb80a7132f8027a51b5870c2611b80c74a1302c08481e3cc4007fd056036ba
GET /it/u=3703390478,297776897&fm=253&fmt=auto&app=138&f=JPEG?w=354&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:55 GMT
content-type: image/webp
content-length: 25642
expires: Tue, 21 Feb 2023 07:20:59 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 48f050ec213e6150303f6932590386e7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 07:20:59 GMT
ohc-cache-hit: nb7ct58 [1], xaix211 [2]
ohc-file-size: 25642
x-cache-status: MISS
X-Firefox-Spdy: h2
18495.url.tudown.com/uploads/images/758714.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/758714.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/758714.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=3300357739,4041733719&fm=253&app=120&f=JPEG?w=1280&h=800
18495.url.tudown.com/uploads/images/850910.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/850910.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/850910.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1928007667,2265831670&fm=224&app=112&f=JPEG?w=500&h=500
18495.url.tudown.com/uploads/images/303063.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/303063.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/303063.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1947962905,77713644&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
img1.baidu.com/it/u=2919101970,2613881782&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
1.193.146.35200 OK 32 kB URL HTTP/2 img1.baidu.com/it/u=2919101970,2613881782&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x889, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81258ba1e242c48e83b09b94f7df023d
5591c3a5459ca8ff678467ffcb344447fca9fe3a
9e230f2cc80a1a908e745b90f7247466eacc800e27d0da890cda4af68f1ebf3b
GET /it/u=2919101970,2613881782&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=889 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 31568
expires: Tue, 21 Feb 2023 05:33:57 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 81258ba1e242c48e83b09b94f7df023d
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:33:57 GMT
ohc-cache-hit: ly5ct68 [1], czix199 [2]
ohc-file-size: 31568
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1238913684,398514549&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=398
1.193.146.35200 OK 9.3 kB URL HTTP/2 img1.baidu.com/it/u=1238913684,398514549&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=398
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 224x398, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0629e4fb0df8ac6d5638cf5428305300
c9d93ebbae1891b00643d6cd5053807f42d2cc4b
5391034d3e572a27a75f232eb674023836fbe3a1bbe960d5e70d4e5149f7e97e
GET /it/u=1238913684,398514549&fm=253&fmt=auto&app=138&f=JPEG?w=224&h=398 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 9264
expires: Tue, 14 Feb 2023 21:27:28 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 0629e4fb0df8ac6d5638cf5428305300
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 21:27:28 GMT
ohc-cache-hit: ly5ct50 [1], bdix80 [4]
ohc-file-size: 9264
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=890478861,1298540812&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=302
1.193.146.35200 OK 12 kB URL HTTP/2 img1.baidu.com/it/u=890478861,1298540812&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=302
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 236x302, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ca4e36a899b4cf9d3a8b98dc59cb56d2
64950e273b6ed274dc62af1cc1d2e2a8d587038a
c5457dbead75141f9519a1e0a69467c8a5a8f1e03417955f278698abf5a137f1
GET /it/u=890478861,1298540812&fm=253&fmt=auto&app=138&f=JPEG?w=236&h=302 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 12282
expires: Sun, 26 Feb 2023 03:59:36 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: ca4e36a899b4cf9d3a8b98dc59cb56d2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 03:59:36 GMT
ohc-cache-hit: ly5ct61 [1], qdix99 [4]
ohc-file-size: 12282
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=584437732,2268459894&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
1.193.146.35200 OK 16 kB URL HTTP/2 img1.baidu.com/it/u=584437732,2268459894&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 92333852b13fe3da50e02b5cb512f5c7
98c847af7f8426c7afe2d3a61aef440988c880a5
f8d079180b55f43ad475c54f0dd173e436046d2c3af9ccf08ce5b02e78994461
GET /it/u=584437732,2268459894&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:54 GMT
content-type: image/webp
content-length: 15486
expires: Fri, 03 Mar 2023 07:27:42 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 92333852b13fe3da50e02b5cb512f5c7
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 01 Feb 2023 07:27:42 GMT
ohc-cache-hit: ly5ct66 [1], csix115 [2]
ohc-file-size: 15486
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=88574731,3460932504&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
1.193.146.35200 OK 28 kB URL HTTP/2 img1.baidu.com/it/u=88574731,3460932504&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x375, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 539eda41ca1dd9c096a1a2edce7488b9
7b0643f31b5ca5036ff8008b5aa24dc5eed53c6b
eafc14d7cef996fc878353dcc04fcb5562b86da091f5f14d1c0b64fc81188d71
GET /it/u=88574731,3460932504&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=375 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:55 GMT
content-type: image/webp
content-length: 28042
expires: Sun, 26 Feb 2023 03:21:50 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 539eda41ca1dd9c096a1a2edce7488b9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 03:21:50 GMT
ohc-cache-hit: ly5ct62 [1], xiangyix168 [2]
ohc-file-size: 28042
x-cache-status: MISS
X-Firefox-Spdy: h2
18495.url.tudown.com/uploads/images/233855.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/233855.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/233855.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=976054514,2806933368&fm=253&fmt=auto&app=120&f=JPEG?w=410&h=410
img0.baidu.com/it/u=3687507557,1328220146&fm=253&fmt=auto&app=138&f=JPEG?w=1379&h=500
183.134.239.1200 OK 59 kB URL HTTP/2 img0.baidu.com/it/u=3687507557,1328220146&fm=253&fmt=auto&app=138&f=JPEG?w=1379&h=500
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1379x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 120fd386cdb5658928d783d763f51d51
4d17c05c9fe805d79b77ccba93a0e912cc389154
1780fd0dc02e9881f8656537f281584957e79665b0948e36d2c4ca8eab2b4af8
GET /it/u=3687507557,1328220146&fm=253&fmt=auto&app=138&f=JPEG?w=1379&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:55 GMT
content-type: image/webp
content-length: 58656
expires: Wed, 01 Mar 2023 08:34:46 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 120fd386cdb5658928d783d763f51d51
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 30 Jan 2023 08:34:46 GMT
ohc-cache-hit: nb7ct58 [1], wzix117 [2]
ohc-file-size: 58656
x-cache-status: MISS
X-Firefox-Spdy: h2
t15.baidu.com/it/u=1928007667,2265831670&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 60 kB URL HTTP/1.1 t15.baidu.com/it/u=1928007667,2265831670&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 332a195c9bc9c9ea18b527cb53535dca
792d0e5893a32fa7cfe38a7e17b503a1506dc72c
55a03c97a93b477cea6480796fc9ed11a169e721046477c52755a6f3f127a54b
GET /it/u=1928007667,2265831670&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpeg
Content-Length: 59853
Connection: keep-alive
Expires: Sun, 26 Feb 2023 01:54:34 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 332a195c9bc9c9ea18b527cb53535dca
Age: 359169
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 27 Jan 2023 01:54:34 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache59 [1], xaix95 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 59853
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1409919467,1656180023&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 62 kB URL HTTP/1.1 t15.baidu.com/it/u=1409919467,1656180023&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 45d5ff7049b99a1b3e76a2f7863b300e
bbf756454f757750570dfd75381830460687d50c
20dfbc96a2f7e588493878b2de6c70235f9d1347fa30612663dc95c663d4a2a3
GET /it/u=1409919467,1656180023&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpeg
Content-Length: 62374
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:52:47 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 45d5ff7049b99a1b3e76a2f7863b300e
Age: 2013939
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:52:47 GMT
Ohc-Cache-HIT: fra01-sys-jomo5.fra01.baidu.com [4], zhuzuncache65 [2], czix147 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 62374
X-Cache-Status: HIT
Timing-Allow-Origin: *
18495.url.tudown.com/uploads/images/421825.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/421825.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/421825.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1510345786,3294139156&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
18495.url.tudown.com/uploads/images/749222.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/749222.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/749222.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3845678196,3736557820&fm=224&app=112&f=JPEG?w=500&h=500
t15.baidu.com/it/u=2554001494,2982271634&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 48 kB URL HTTP/1.1 t15.baidu.com/it/u=2554001494,2982271634&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ee9ee39b48246f73205017f0215bd879
273844993041eaec87bd07d27e9f9c1620b9e5b8
c61fad178a3443a24367b7f906274e38af9bd6767cce4a7fc33d69a623bfea5b
GET /it/u=2554001494,2982271634&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpeg
Content-Length: 48332
Connection: keep-alive
Expires: Fri, 03 Mar 2023 07:23:29 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: ee9ee39b48246f73205017f0215bd879
Age: 184846
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Feb 2023 07:23:28 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [4], zhuzuncache56 [1], xaix134 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 48332
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=3927920603,2173831038&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 39 kB URL HTTP/1.1 t15.baidu.com/it/u=3927920603,2173831038&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f06c04728cf1b41a661f8e127f9bc280
c731024c59d6650037941d9dc71de19c6174cc81
3775e60f4a98c138b388bb2a56aea641d45c16bf0de4fe3c7bdf8de800094e3f
GET /it/u=3927920603,2173831038&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpeg
Content-Length: 39280
Connection: keep-alive
Expires: Wed, 08 Feb 2023 08:19:41 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: f06c04728cf1b41a661f8e127f9bc280
Age: 191741
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 08:19:41 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache53 [1], suzix105 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 39280
X-Cache-Status: HIT
Timing-Allow-Origin: *
t15.baidu.com/it/u=1538948376,1368609904&fm=224&app=112&f=PNG?w=500&h=500
185.10.104.124200 OK 390 kB URL HTTP/1.1 t15.baidu.com/it/u=1538948376,1368609904&fm=224&app=112&f=PNG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 390 kB (390042 bytes)
Hash a4036752c67a6d4054f03c4bf00d69dc
af18e3a83a600e3427ad0b926450f93b3b7ad43e
f8e1da78693de1b0be1a30245910032bad62fb2af8bd0a27454462ca44019126
GET /it/u=1538948376,1368609904&fm=224&app=112&f=PNG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/png
Content-Length: 390042
Connection: keep-alive
Expires: Sat, 25 Feb 2023 11:26:10 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: a4036752c67a6d4054f03c4bf00d69dc
Age: 709784
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 26 Jan 2023 11:26:10 GMT
Ohc-Cache-HIT: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache64 [2], suzix200 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 390042
X-Cache-Status: HIT
18495.url.tudown.com/uploads/images/817804.jpg
154.218.151.71301 Moved Permanently 0 B URL HTTP/1.1 18495.url.tudown.com/uploads/images/817804.jpg
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/817804.jpg HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3737705681,4137654514&fm=253&fmt=auto&app=120&f=JPEG?w=175&h=500
img1.baidu.com/it/u=2918160468,939598698&fm=253&fmt=auto?w=1280&h=800
1.193.146.35200 OK 47 kB URL HTTP/2 img1.baidu.com/it/u=2918160468,939598698&fm=253&fmt=auto?w=1280&h=800
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b204c01c45cabefd79fac98cea1a8273
13c30dbaed0b19e2c72f1f35bafc37595b12ab03
54d3f63285c18782eb771f7c8bc1d4bda29901dbcbbc98b82941c16bc44c8319
GET /it/u=2918160468,939598698&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:55 GMT
content-type: image/webp
content-length: 46908
expires: Thu, 02 Mar 2023 16:53:16 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: b204c01c45cabefd79fac98cea1a8273
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 16:53:16 GMT
ohc-cache-hit: ly5ct53 [1], csix119 [4]
ohc-file-size: 46908
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1798021489,1468780476&fm=253&fmt=auto&app=138&f=JPEG?w=355&h=500
1.193.146.35200 OK 27 kB URL HTTP/2 img1.baidu.com/it/u=1798021489,1468780476&fm=253&fmt=auto&app=138&f=JPEG?w=355&h=500
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 355x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1d4b682db8b9451abad0a3b63f6c4452
76a685f0d956902781ed5f34ea27d07331981107
ea138c24dec4be882f699ae863a25614d3331e9bbc99a6d56572cdb8573011aa
GET /it/u=1798021489,1468780476&fm=253&fmt=auto&app=138&f=JPEG?w=355&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:55 GMT
content-type: image/webp
content-length: 27004
expires: Sat, 18 Feb 2023 02:51:55 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 1d4b682db8b9451abad0a3b63f6c4452
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 02:51:55 GMT
ohc-cache-hit: ly5ct56 [1], qdix243 [4]
ohc-file-size: 27004
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1947962905,77713644&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
1.193.146.35200 OK 46 kB URL HTTP/2 img1.baidu.com/it/u=1947962905,77713644&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d35018b4c502901f48e86df89a07fdc1
49d13d314f8b20e263f7b519b0534db8f25560d7
b251e61e7dfcc0d7e56b955390ef72386fb3cf04483eacc90e48071532889975
GET /it/u=1947962905,77713644&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=750 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:55 GMT
content-type: image/webp
content-length: 45546
expires: Sat, 18 Feb 2023 21:01:38 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: d35018b4c502901f48e86df89a07fdc1
age: 7882
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 19 Jan 2023 21:01:38 GMT
ohc-cache-hit: ly5ct53 [4], suzix209 [2]
ohc-file-size: 45546
x-cache-status: HIT
X-Firefox-Spdy: h2
t15.baidu.com/it/u=3845678196,3736557820&fm=224&app=112&f=JPEG?w=500&h=500
185.10.104.124200 OK 53 kB URL HTTP/1.1 t15.baidu.com/it/u=3845678196,3736557820&fm=224&app=112&f=JPEG?w=500&h=500
IP 185.10.104.124:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash d029f82b46f0bfb3246b512b09f6d250
1cb5ca0dda851e98767de910cfd53c574ce715f4
c386112dc1486bb5ccf3b322e2b514813e80cf17513de32f792b0880750f1e90
GET /it/u=3845678196,3736557820&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpeg
Content-Length: 53286
Connection: keep-alive
Expires: Sat, 11 Feb 2023 22:37:31 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: d029f82b46f0bfb3246b512b09f6d250
Age: 1855693
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 12 Jan 2023 22:37:30 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache63 [1], qdix100 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 53286
X-Cache-Status: HIT
Timing-Allow-Origin: *
img2.baidu.com/it/u=976054514,2806933368&fm=253&fmt=auto&app=120&f=JPEG?w=410&h=410
183.134.239.1200 OK 19 kB URL HTTP/2 img2.baidu.com/it/u=976054514,2806933368&fm=253&fmt=auto&app=120&f=JPEG?w=410&h=410
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 410x410, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af5a409edb2a104a6bfa09d94184e470
f2e028b0bb8d5ef75bc270a2d8937477e2af12d2
cf2188013c468d9137160a4e9e8eb8cccfbe931f309ed485bdb513474b8b2451
GET /it/u=976054514,2806933368&fm=253&fmt=auto&app=120&f=JPEG?w=410&h=410 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:55 GMT
content-type: image/webp
content-length: 19444
expires: Tue, 14 Feb 2023 12:39:47 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: af5a409edb2a104a6bfa09d94184e470
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 12:39:47 GMT
ohc-cache-hit: nb7ct54 [1], xaix76 [4]
ohc-file-size: 19444
x-cache-status: MISS
X-Firefox-Spdy: h2
img1.baidu.com/it/u=1510345786,3294139156&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
1.193.146.35200 OK 10 kB URL HTTP/2 img1.baidu.com/it/u=1510345786,3294139156&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185
IP 1.193.146.35:0
ASN #139018 Henan Luoyang IDC
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x185, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 691637ffece1e07fcf85265d8ac33fd9
0f3ad86d9a8b751fa400fe0052bd029ece9edde5
c619b1b3a93d51f358f5bc50139a2ce9a9cef540cba7624e4b56c207ed311a2f
GET /it/u=1510345786,3294139156&fm=253&fmt=auto&app=138&f=JPEG?w=270&h=185 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:55 GMT
content-type: image/webp
content-length: 10240
expires: Tue, 14 Feb 2023 08:37:26 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 691637ffece1e07fcf85265d8ac33fd9
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 08:37:26 GMT
ohc-cache-hit: ly5ct55 [1], csix55 [4]
ohc-file-size: 10240
x-cache-status: MISS
X-Firefox-Spdy: h2
img2.baidu.com/it/u=3737705681,4137654514&fm=253&fmt=auto&app=120&f=JPEG?w=175&h=500
183.134.239.1200 OK 24 kB URL HTTP/2 img2.baidu.com/it/u=3737705681,4137654514&fm=253&fmt=auto&app=120&f=JPEG?w=175&h=500
IP 183.134.239.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 175x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 926d89004e3cd1ec5bf3a48208960b93
b72c89f1b3ac7ed2f842b6170ae72fc5630f88de
ed69ab37d9017c13fb34524a9ee7898db64106d4eb9e76aa8d28a2ddc3837db8
GET /it/u=3737705681,4137654514&fm=253&fmt=auto&app=120&f=JPEG?w=175&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://18495.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:36:55 GMT
content-type: image/webp
content-length: 24162
expires: Tue, 14 Feb 2023 08:12:51 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 926d89004e3cd1ec5bf3a48208960b93
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 15 Jan 2023 08:12:51 GMT
ohc-cache-hit: nb7ct54 [1], suzix97 [4]
ohc-file-size: 24162
x-cache-status: MISS
X-Firefox-Spdy: h2
img0.baidu.com/it/u=2984372504,817641720&fm=253&app=138&f=JPEG?w=800&h=500
113.219.142.35200 OK 102 kB URL HTTP/1.1 img0.baidu.com/it/u=2984372504,817641720&fm=253&app=138&f=JPEG?w=800&h=500
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x500, components 3\012- data
Size 102 kB (102047 bytes)
Hash 456dd0927d4946835b4b084874639174
940fdae14e7ced435d7f2a804b6c01320ccc3984
9385bcd40829789b643cb8b068f58d9505142b376adcfc2e25369a6b2f0a91ce
GET /it/u=2984372504,817641720&fm=253&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpeg
Content-Length: 102047
Connection: keep-alive
Expires: Tue, 28 Feb 2023 02:58:34 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 456dd0927d4946835b4b084874639174
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 02:58:34 GMT
Ohc-Cache-HIT: chenzct68 [1], bdix227 [4]
Ohc-File-Size: 102047
X-Cache-Status: MISS
img2.baidu.com/it/u=3511892000,1824655894&fm=253&app=120&f=PNG?w=800&h=1280
180.97.198.35200 OK 805 kB URL HTTP/1.1 img2.baidu.com/it/u=3511892000,1824655894&fm=253&app=120&f=PNG?w=800&h=1280
IP 180.97.198.35:0
ASN #140292 CHINATELECOM Jiangsu province Suzhou 5G network
File type PNG image data, 800 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size 805 kB (804655 bytes)
Hash c0c7c43d002a264a0acf0ac4495e8902
53ccfc3457eeeabea4165431136e0075616c05c2
6eb9b14ba2f013852d439f37386105d830b7d93975f42aec3cfc565c329f38d1
GET /it/u=3511892000,1824655894&fm=253&app=120&f=PNG?w=800&h=1280 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/png
Content-Length: 804655
Connection: keep-alive
Expires: Sun, 19 Feb 2023 22:16:34 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: c0c7c43d002a264a0acf0ac4495e8902
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 20 Jan 2023 22:16:34 GMT
Ohc-Cache-HIT: suz4ct53 [1], czix243 [4]
Ohc-File-Size: 804655
X-Cache-Status: MISS
img0.baidu.com/it/u=3300357739,4041733719&fm=253&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 110 kB URL HTTP/1.1 img0.baidu.com/it/u=3300357739,4041733719&fm=253&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size 110 kB (109909 bytes)
Hash 97f141b31c39bfbd1b0a52b512d729f7
5b65a0188c4c18a2807334beb61aa57b546ace16
d9663ca92716eb4cd221f6a722ddabbe17085e8d813f992005f32752cb527e41
GET /it/u=3300357739,4041733719&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpeg
Content-Length: 109909
Connection: keep-alive
Expires: Mon, 13 Feb 2023 02:52:54 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 97f141b31c39bfbd1b0a52b512d729f7
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 14 Jan 2023 02:52:54 GMT
Ohc-Cache-HIT: chenzct79 [1], bdix216 [4]
Ohc-File-Size: 109909
X-Cache-Status: MISS
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
101.198.192.7200 OK 117 B URL HTTP/1.1 js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP 101.198.192.7:0
ASN #55992 Beijing Qihu Technology Company Limited
File type HTML document, ASCII text, with no line terminators
Hash 807bb08bf1c51aaff763edb0f02719ef
6e089da63e5751494b32d77031df30ec3c8be067
7eb411ad7be2e6af85645f2a2b6401bf6085fe4e0436d004f33710bb84a7be4e
GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:36:57 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Sat, 04 Feb 2023 06:46:57 GMT
KCS-Via: REVALIDATED from w-fc01.hkht;MISS from w-sc01.hkht
Content-Encoding: gzip
img0.baidu.com/it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800
113.219.142.35200 OK 107 kB URL HTTP/1.1 img0.baidu.com/it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800
IP 113.219.142.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2019:04:01 17:23:12], baseline, precision 8, 1280x800, components 3\012- data
Size 107 kB (106774 bytes)
Hash 4ea61bfb320e9f250591dc30d955f30e
e6bdcf37df2b2655de418af2ecffee266a3efb6e
2472d1de6b554ce3ac4f66707994b36057f49a1e2c2effaa8ee10c3be9c2c4b0
GET /it/u=1509955901,1996398254&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://18495.url.tudown.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:36:55 GMT
Content-Type: image/jpeg
Content-Length: 106774
Connection: keep-alive
Expires: Sun, 05 Mar 2023 14:44:35 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: 4ea61bfb320e9f250591dc30d955f30e
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 03 Feb 2023 14:44:35 GMT
Ohc-Cache-HIT: chenzct65 [1], qdix229 [4]
Ohc-File-Size: 106774
X-Cache-Status: MISS
s6.qhres2.com/static/ab77b6ea7f3fbf79.js
54.230.111.11200 OK 478 B URL HTTP/1.1 s6.qhres2.com/static/ab77b6ea7f3fbf79.js
IP 54.230.111.11:0
File type ASCII text, with very long lines (478), with no line terminators
Hash 5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s6.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: prwkOM_zIkcs8nyPpdasCjq6kN4uD-Lmt3GPdSs_6Zq3j7Ddf1MuRg==
Age: 11335713
18495.url.tudown.com/favicon.ico
154.218.151.71200 OK 0 B URL HTTP/1.1 18495.url.tudown.com/favicon.ico
IP 154.218.151.71:0
ASN #137951 Clayer Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 18495.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/xiaz/plants.vs.zombies-v2.2@248_27706.exe
Cookie: Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675492649; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675492649
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:36:58 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
s.360.cn/so/zz.gif?url=http%3A%2F%2F18495.url.tudown.com%2Fxiaz%2Fplants.vs.zombies-v2.2%40248_27706.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a620671702e_38a492b@920.
101.198.2.147200 OK 0 B URL HTTP/1.1 s.360.cn/so/zz.gif?url=http%3A%2F%2F18495.url.tudown.com%2Fxiaz%2Fplants.vs.zombies-v2.2%40248_27706.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a620671702e_38a492b@920.
IP 101.198.2.147:0
ASN #23724 IDC, China Telecommunications Corporation
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /so/zz.gif?url=http%3A%2F%2F18495.url.tudown.com%2Fxiaz%2Fplants.vs.zombies-v2.2%40248_27706.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a620671702e_38a492b@920. HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18495.url.tudown.com/
HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 06:36:58 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Tue, 31 May 2022 08:31:22 GMT
Connection: keep-alive
ETag: "6295d25a-0"
Accept-Ranges: bytes