Report - 20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719

Report Overview

Submitted URL
20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
IP
154.218.151.71
ASN
#137951 Clayer Limited
Submitted
2023-02-04 06:03:07
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.149.13.193
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	65 kB	34.120.237.76
img1.baidu.com	50158	2021-03-25T13:17:58Z	2023-03-12T11:23:15Z	4.4 kB	308 kB	114.232.92.35
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	367 B	1.9 kB	104.18.21.226
js.passport.qihucdn.com	273795	2014-08-12T03:08:07Z	2023-03-12T11:11:59Z	324 B	469 B	101.198.192.8
t13.baidu.com	32653	2021-01-09T14:57:25Z	2023-03-12T11:23:14Z	743 B	110 kB	185.10.104.124
s6.qhres2.com	910970	2022-01-25T09:18:01Z	2023-03-12T11:12:00Z	298 B	1.1 kB	54.230.111.4
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
20745.url.tudown.com	unknown	2023-01-03T04:00:19Z	2023-01-04T01:06:36Z	53 kB	86 kB	154.218.151.71
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-13T05:37:01Z	523 B	114 B	182.61.201.93
t14.baidu.com	32559	2021-01-22T21:20:42Z	2023-03-12T11:23:14Z	706 B	102 kB	185.10.104.124
s.360.cn	19814	2012-07-10T18:01:51Z	2023-03-13T09:22:08Z	696 B	238 B	180.163.251.230
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-13T05:37:01Z	290 B	750 B	182.61.201.94
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	1.4 kB	12 kB	103.235.46.191
img2.baidu.com	50786	2021-03-25T13:17:58Z	2023-03-12T11:23:13Z	3.3 kB	708 kB	125.74.110.35
t15.baidu.com	33050	2021-01-09T17:16:17Z	2023-03-12T11:23:14Z	1.8 kB	144 kB	185.10.104.124
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	359 B	1.9 kB	104.18.21.226
img0.baidu.com	50126	2021-03-25T13:17:59Z	2023-03-12T11:23:13Z	5.6 kB	786 kB	150.138.188.35
s22.cnzz.com	87635	2012-05-30T12:09:17Z	2023-03-12T16:31:15Z	394 B	621 B	180.97.251.250

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe	254 B	2023-03-09	2023-12-23
Pretty URL 20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:02:19 Last Seen2023-12-23 16:26:58 Times Seen1789 Hash c86ce41b80900dd60765c9dddb425e66 29681365731cf7d3bbaf1cf9d121090ef34624a5 a7d6678bd92dd9f38310914883d14c408d73826eeccbe32b7cdaf9f77c6c589b Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 07:35:24 Times Seen37034186 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-21
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.94 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-21 21:29:48 Times Seen18980 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d	105 B	2023-03-07	2024-04-14
Pretty URL js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d IP 101.198.192.8 ASN #55992 Beijing Qihu Technology Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:51 Last Seen2024-04-14 23:50:53 Times Seen385 Hash 06b5672f6400f1eb3255c53b8716ec1b f35120a5317fa4f91b98abb29d0ee3ad899b55f7 42e703267bb95fd28b350c6f27fd014f39e6d88443a50b7322c14b76bb513e99 Loading...

	20745.url.tudown.com/js/orsxg5a.script	944 B	2023-03-12	2023-03-18
Pretty URL 20745.url.tudown.com/js/orsxg5a.script IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:02:34 Last Seen2023-03-18 07:38:54 Times Seen1 Hash 115782a87f98ee819affba9c5fc37d4e e3e7eb2067add7793da4221acd4edc9776600c41 54f9e7c3cf8bb6599a306d4cf9a19259071fc3dab0865d538c8e03335889194b Loading...

	20745.url.tudown.com/template/company/42xz/js/soft.js	9.9 kB	2023-03-12	2023-06-15
Pretty URL 20745.url.tudown.com/template/company/42xz/js/soft.js IP 154.218.151.71 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 11:06:54 Last Seen2023-06-15 06:04:36 Times Seen205 Hash 5e32a0f26da3d6f80a8ba482448e7314 c5724c4245049e753a66805f2fe986c620071141 d2acdf1a20ffb5f140291d37fd878d834918e465e977c487720816d7bf69cf31 Loading...

	hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:27:16 Last Seen2023-03-13 16:27:16 Times Seen1 Hash e9f1b0bd2b15bae464a329f648d1ff2b 4f80623c99e107e575b5431f98a1733d164a5488 0731a6587c2e7950d327ecb1239b7a9e9bb0b2279d060c76e90d80d2d5a26338 Loading...

	s6.qhres2.com/static/ab77b6ea7f3fbf79.js	478 B	2023-03-07	2024-04-21
Pretty URL s6.qhres2.com/static/ab77b6ea7f3fbf79.js IP 54.230.111.4 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:56 Last Seen2024-04-21 21:29:48 Times Seen2397 Hash 5dd27f8f2b042194c3cdabd62fd80110 c035036a939799d4c29b9c0f7229ae1953d03109 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a Loading...

		Size	First Seen	Last Seen
	#1 Write - f6c66fa781641bc152896d4d331fb47c	107 B	2023-03-12	2023-11-20
Pretty Observations First Seen2023-03-12 11:06:54 Last Seen2023-11-20 08:42:33 Times Seen234 Hash f6c66fa781641bc152896d4d331fb47c 75058381be5febb338d4b018ff21ddeb72634f79 1b60638050239eb6f376f41ed7c52f5fa636ff1b2899f86fc62f093fdd6b3e8b Loading...

	#2 Write - fa85d85498e61666775145658e0c17ed	143 B	2023-03-12	2023-11-20
Pretty Observations First Seen2023-03-12 11:06:54 Last Seen2023-11-20 08:42:33 Times Seen234 Hash fa85d85498e61666775145658e0c17ed 0c7232cecdccc72b25160d2732cc180c3fe73160 ba9029ca999756c61255a5964826bb7f12d35e3dd5255cbc1cbfe47438995591 Loading...

	#3 Write - 49ab76f98f0ffd3c06e5f9e8fd523616	87 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 12:57:51 Last Seen2024-04-14 23:50:53 Times Seen258 Hash 49ab76f98f0ffd3c06e5f9e8fd523616 8ff32ae013817b78b340ba1c1ee24f34ca2d8b2a dacba7ea3ae581abd50497c748a9455c720f9c23b96c3826f9d45ef4db4f8db0 Loading...

	#4 Write - 74312d9fd3d0d77a65b4edf6f7a9d543	169 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 12:43:11 Last Seen2024-04-14 17:35:46 Times Seen2523 Hash 74312d9fd3d0d77a65b4edf6f7a9d543 f8f99b78a90612dba2ab0f2f96d35ef3c77cd3c6 e3932ed210d0dfb6820eacc496a3e5a609b8f011515b9324fe93b5d956a11f08 Loading...

	#5 Write - 9104ef1ddb84ab257a9e746454b00ff8	310 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 14:02:34 Last Seen2023-03-18 07:38:54 Times Seen1 Hash 9104ef1ddb84ab257a9e746454b00ff8 abbc574006d442cf8207f6547e94799ac4aa2aaf 08cfa2671ab17fd81b2902c4c81aa0924c009028f346513b84a77417ae47d036 Loading...

HTTP Transactions (119)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5604
Expires: Sat, 04 Feb 2023 07:36:19 GMT
Date: Sat, 04 Feb 2023 06:02:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13432
Expires: Sat, 04 Feb 2023 09:46:47 GMT
Date: Sat, 04 Feb 2023 06:02:55 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 05:43:35 GMT
content-type: application/json
age: 1161
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4059
Expires: Sat, 04 Feb 2023 07:10:35 GMT
Date: Sat, 04 Feb 2023 06:02:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: PXMi4+yBvKCYSBaAsMrakRvkxrwJ8gxdRtJf3zx0R3r7/GW7I/e/YQcYvGqSSyGXNLDr0bJ2jYY=
x-amz-request-id: 51W20BGX53AEX19C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 05:52:43 GMT
age: 613
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 06:02:56 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 05:07:19 GMT
age: 3337
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18427
Expires: Sat, 04 Feb 2023 11:10:03 GMT
Date: Sat, 04 Feb 2023 06:02:56 GMT
Connection: keep-alive

20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe

154.218.151.71

200 OK

6.3 kB

URL HTTP/1.1
20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (305), with CRLF, LF line terminators
Size
6.3 kB (6266 bytes)
Hash
63a2442736a11d640cc5f6eab7b736e4
0541f786612240e177c977f437af63a6008d1a24
8213ec4a6d622208f72ad470fa130d69fe701a6ccc59ad52cb96832ccacf6902

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

54.149.13.193

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.13.193:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KCxUtiZwEtC979x9+CbU/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rQvZwlSdz2Wk1Icsq6tMJcRW3KU=

20745.url.tudown.com/template/company/42xz/css/common.css

154.218.151.71

200 OK

1.9 kB

URL HTTP/1.1
20745.url.tudown.com/template/company/42xz/css/common.css
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.9 kB (1933 bytes)
Hash
625ff65f2c44178957f32d288dd56ddf
cb918d56e4595594c56cab503ed56f84379e862d
2436857c00ba0ab148e7c16f63712844f5bb62e23379751d6dddd82abe667ac5

HTTP Headers

GET /template/company/42xz/css/common.css HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea53-1ccb"
Expires: Sat, 04 Feb 2023 18:02:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

20745.url.tudown.com/template/company/42xz/css/soft.css

154.218.151.71

200 OK

6.6 kB

URL HTTP/1.1
20745.url.tudown.com/template/company/42xz/css/soft.css
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
6.6 kB (6556 bytes)
Hash
669589d0ffba3898ecf26c242eaed555
f6a564b66491cf102d5961fb95294d84192c9f11
00947ca9960fa7f5ad71c5f5343ded6e595dec626a9da917da58305fdc98e356

HTTP Headers

GET /template/company/42xz/css/soft.css HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: text/css
Last-Modified: Thu, 05 Nov 2020 12:04:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea55-6438"
Expires: Sat, 04 Feb 2023 18:02:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

20745.url.tudown.com/js/orsxg5a.script

154.218.151.71

200 OK

531 B

URL HTTP/1.1
20745.url.tudown.com/js/orsxg5a.script
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
HTML document, ASCII text, with CRLF line terminators
Size
531 B (531 bytes)
Hash
39fd4f4c17d424445d9f437c99c9d40a
84a56ab95c669d43c757a5f9a312d5f3a37f73fa
45f58e7b2e72c9f2734889b73ef5c3f2d3e1fb9ac69995afe1561ec4a7943d15

HTTP Headers

GET /js/orsxg5a.script HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

20745.url.tudown.com/template/company/42xz/js/soft.js

154.218.151.71

200 OK

3.6 kB

URL HTTP/1.1
20745.url.tudown.com/template/company/42xz/js/soft.js
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
3.6 kB (3643 bytes)
Hash
67be5352d7d3355ae57faad8a6221355
30f4a9a4a3dede0d2d72725ffa28958f45053e7e
1a59b7c5be683676fa54951bf4129899c3980e78c1f956c287f7cc0c001a857d

HTTP Headers

GET /template/company/42xz/js/soft.js HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea5a-26b2"
Expires: Sat, 04 Feb 2023 18:02:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

20745.url.tudown.com/uploads/images/521375.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/521375.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/521375.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1622997378,904526249&fm=253&fmt=auto&app=138&f=GIF?w=240&h=320

20745.url.tudown.com/template/company/42xz/images/tab_line.png

154.218.151.71

200 OK

1.2 kB

URL HTTP/1.1
20745.url.tudown.com/template/company/42xz/images/tab_line.png
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
GIF image data, version 89a, 190 x 7\012- data
Size
1.2 kB (1155 bytes)
Hash
4c54d42f73e777c70b63b1854b994bb5
6b751c2e611f485d04805ccc3ef84ba5c7868775
b86451a9f18cc0bffd106863661cecbc4abc2364f2898e3bc0796992f3ebbd06

HTTP Headers

GET /template/company/42xz/images/tab_line.png HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/template/company/42xz/css/soft.css
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/png
Content-Length: 1155
Last-Modified: Thu, 05 Nov 2020 12:04:39 GMT
Connection: keep-alive
ETag: "5fa3ea57-483"
Accept-Ranges: bytes

20745.url.tudown.com/uploads/images/199840.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/199840.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/199840.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2621949072,3390893004&fm=224&app=112&f=JPEG?w=500&h=500&s=9BB967877CF3CBE970A1816E0300F07B

20745.url.tudown.com/uploads/images/437625.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/437625.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/437625.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2078352950,1234178466&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc91044ea257e54846f8dd907b48d29e
6d2231e05dabe5ee55f8dbf8687d7b7a92c25d64
8e77e1a87ab035ed1affd01159d1c899e46d7c247d0bc085dd57d1b1c6fed830

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E77E1A87AB035ED1AFFD01159D1C899E46D7C247D0BC085DD57D1B1C6FED830"
Last-Modified: Thu, 02 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5170
Expires: Sat, 04 Feb 2023 07:29:07 GMT
Date: Sat, 04 Feb 2023 06:02:57 GMT
Connection: keep-alive

20745.url.tudown.com/uploads/images/logo.png?n=46cknzf5tts3raxfv2pojoe24wp3t2fovxslrlpfx6bq&w=250

154.218.151.71

200 OK

3.8 kB

URL HTTP/1.1
20745.url.tudown.com/uploads/images/logo.png?n=46cknzf5tts3raxfv2pojoe24wp3t2fovxslrlpfx6bq&w=250
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
PNG image data, 250 x 66, 8-bit colormap, non-interlaced\012- data
Size
3.8 kB (3762 bytes)
Hash
e2959f04b79b9535decc73aced1efdce
429ff86efe03aee501bc99d6e9d4a9a945994737
dadb9cd0f8267aa17720c8971b9ab3c7b08f81410134f7fa37480345cfee7294

HTTP Headers

GET /uploads/images/logo.png?n=46cknzf5tts3raxfv2pojoe24wp3t2fovxslrlpfx6bq&w=250 HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

20745.url.tudown.com/uploads/images/619597.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/619597.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/619597.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=2115249626,2832831544&fm=224&app=112&f=JPEG?w=400&h=400

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
c45b5d23d78c603a4f679957cc907c55
c0c6131e462224b19bf52c269ffda26be7dcc3ce
7acbb574f2c3ce64da98b8bf9e8af19ba063535e4cbf9fadaf803c34381178dd

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:09:39 GMT
ETag: "c0c6131e462224b19bf52c269ffda26be7dcc3ce"
Last-Modified: Sat, 04 Feb 2023 04:09:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3080
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79413350bfb8b50f-OSL

20745.url.tudown.com/uploads/images/583846.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/583846.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/583846.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2144345989,2246226505&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400

20745.url.tudown.com/uploads/images/801981.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/801981.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/801981.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3861871061,88107011&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500

20745.url.tudown.com/uploads/images/432993.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/432993.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/432993.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=1989076129,3183703155&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=500

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3438
Expires: Sat, 04 Feb 2023 07:00:16 GMT
Date: Sat, 04 Feb 2023 06:02:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3438
Expires: Sat, 04 Feb 2023 07:00:16 GMT
Date: Sat, 04 Feb 2023 06:02:58 GMT
Connection: keep-alive

20745.url.tudown.com/template/company/42xz/js/jquery.js

154.218.151.71

200 OK

46 kB

URL HTTP/1.1
20745.url.tudown.com/template/company/42xz/js/jquery.js
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Size
46 kB (45799 bytes)
Hash
49fcb7f2a26c0656e22b75bfe591667f
f277ecd02517fc0f243fd9d882178473d4def06b
9ee94398fbe5a57c715dfdfe1b8d05ea964dd9947dba57dad68ee38ea381a2be

HTTP Headers

GET /template/company/42xz/js/jquery.js HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:57 GMT
Content-Type: application/javascript
Last-Modified: Thu, 05 Nov 2020 12:04:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fa3ea62-1d491"
Expires: Sat, 04 Feb 2023 18:02:57 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5174 bytes)
Hash
e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 28952
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7992 bytes)
Hash
65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 28357
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 28634
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8267 bytes)
Hash
99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ThTL_OlFd4yMELCmSzH4ziqxa8gdYgAAbxLY9VZPVaIldOUkvFVF_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:12:43 GMT
age: 28215
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14221 bytes)
Hash
83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 28459
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14071 bytes)
Hash
9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:47:06 GMT
age: 29752
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

20745.url.tudown.com/uploads/images/194660.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/194660.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/194660.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1105362924,3628585228&fm=253&app=120&f=JPEG?w=640&h=1136

20745.url.tudown.com/uploads/images/267315.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/267315.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/267315.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1263162721,3231632107&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=559

20745.url.tudown.com/uploads/images/256871.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/256871.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/256871.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img1.baidu.com/it/u=3295580319,3678632216&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=569

20745.url.tudown.com/uploads/images/209945.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/209945.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/209945.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500

20745.url.tudown.com/uploads/images/199392.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/199392.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/199392.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=4075938840,420804611&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=772

20745.url.tudown.com/uploads/images/149447.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/149447.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/149447.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2317030829,1276939570&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800

push.zhanzhang.baidu.com/push.js

182.61.201.94

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.94:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 06:02:58 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 06:02:58 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=F194CBF9EC8B8F23A7498A716CDF3E2A:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 06:02:58 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

20745.url.tudown.com/uploads/images/512892.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/512892.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/512892.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t13.baidu.com/it/u=2204042064,2132699369&fm=224&app=112&f=JPEG?w=500&h=500

20745.url.tudown.com/uploads/images/942332.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/942332.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/942332.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2122911012,3345885642&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=719

20745.url.tudown.com/uploads/images/139510.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/139510.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/139510.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=147082219,752378818&fm=224&app=112&f=JPEG?w=398&h=500

20745.url.tudown.com/uploads/images/667738.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/667738.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/667738.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=80411744,899831565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

20745.url.tudown.com/uploads/images/803981.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/803981.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/803981.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=2531697070,1475200272&fm=253&fmt=auto&app=138&f=JPEG?w=240&h=360

20745.url.tudown.com/uploads/images/296326.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/296326.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/296326.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350

20745.url.tudown.com/uploads/images/366373.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/366373.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/366373.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3282217110,2937448311&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500

20745.url.tudown.com/uploads/images/547365.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/547365.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/547365.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3695906001,2660949226&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=200

20745.url.tudown.com/uploads/images/655684.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/655684.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/655684.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960

api.share.baidu.com/s.gif?l=http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe

182.61.201.93

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
IP
182.61.201.93:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 06:02:59 GMT

20745.url.tudown.com/uploads/images/965086.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/965086.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/965086.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=236493224,1828024268&fm=253&app=120&f=JPEG?w=1422&h=800

20745.url.tudown.com/uploads/images/304112.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/304112.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/304112.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=350978266,2939093321&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?dd9836db2e433f487a0aa434b7b3deb7
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (633)
Size
11 kB (11271 bytes)
Hash
d10c1fbc90bbb34a03988ae6ea09b57e
201e15e6ae2093c7e7b21b4bcdf1ee5bb9c4d699
2dcaa0ab9468f4d685f6635298395c63c8302ad919b5b351066fab88a9498910

HTTP Headers

GET /hm.js?dd9836db2e433f487a0aa434b7b3deb7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20745.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11271
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 06:02:58 GMT
Etag: 8b05dc993febe580a7c6a281b8551378
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3C377CEF6555380D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

20745.url.tudown.com/uploads/images/833907.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/833907.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/833907.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800

img2.baidu.com/it/u=2122911012,3345885642&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=719

125.74.110.35

200 OK

20 kB

URL HTTP/1.1
img2.baidu.com/it/u=2122911012,3345885642&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=719
IP
125.74.110.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x719, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
20 kB (19902 bytes)
Hash
6a0ec76d4efded3a00ec380067354b06
6193f317a05b7b913e12a6a0f32feeff65debb95
8a817b994efa8e8d15628fbb6153981de137b2753e8dc7170cdba6f55b0644f5

HTTP Headers

GET /it/u=2122911012,3345885642&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=719 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/webp
Content-Length: 19902
Connection: keep-alive
Expires: Sat, 04 Mar 2023 06:37:23 GMT
Last-Modified: Tue, 06 Jan 1970 00:00:00 GMT
ETag: 6a0ec76d4efded3a00ec380067354b06
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 06:37:23 GMT
Ohc-Cache-HIT: lz6ct54 [1], xiangyix112 [2]
Ohc-File-Size: 19902
X-Cache-Status: MISS

img0.baidu.com/it/u=1263162721,3231632107&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=559

150.138.188.35

200 OK

27 kB

URL HTTP/2
img0.baidu.com/it/u=1263162721,3231632107&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=559
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x559, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
27 kB (26796 bytes)
Hash
55ce4345d913ad66b433ffb7b585be4e
91d29b08465b0c8efe2e94df6e61bb3156e597a8
2c7ffffc7806ba4a07d42efe03c7673d23033b356dbbba43ea88556bf863ee5c

HTTP Headers

GET /it/u=1263162721,3231632107&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=559 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 26796
expires: Tue, 21 Feb 2023 05:19:31 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 55ce4345d913ad66b433ffb7b585be4e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:19:31 GMT
ohc-cache-hit: qd5ct52 [1], czix108 [4]
ohc-file-size: 26796
x-cache-status: MISS
X-Firefox-Spdy: h2

20745.url.tudown.com/template/company/42xz/images/dian1.png

154.218.151.71

200 OK

1.1 kB

URL HTTP/1.1
20745.url.tudown.com/template/company/42xz/images/dian1.png
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
GIF image data, version 89a, 4 x 4\012- data
Size
1.1 kB (1110 bytes)
Hash
de5d5d1c8fb00bc14f9512dd323b9ed8
9c7c5df21afb7b686932c96ecf7877e1e6adf243
982f48c65cf01077b0606401f082c15ee15f183903d5170f06d0bb3ae3b9b685

HTTP Headers

GET /template/company/42xz/images/dian1.png HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/template/company/42xz/css/soft.css
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/png
Content-Length: 1110
Last-Modified: Thu, 05 Nov 2020 12:04:54 GMT
Connection: keep-alive
ETag: "5fa3ea66-456"
Accept-Ranges: bytes

20745.url.tudown.com/template/company/42xz/images/dian2.png

154.218.151.71

200 OK

1.1 kB

URL HTTP/1.1
20745.url.tudown.com/template/company/42xz/images/dian2.png
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type
GIF image data, version 89a, 4 x 4\012- data
Size
1.1 kB (1106 bytes)
Hash
3cb1caaf45a919b2028a853add556aa8
c8b93e13049ae31ad5dcb2d267c8b3ee6a4466e8
039b652744162c3c599998f28f50e7154d297ce5028e7e4954f7d7354c5374a1

HTTP Headers

GET /template/company/42xz/images/dian2.png HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/template/company/42xz/css/soft.css
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/png
Content-Length: 1106
Last-Modified: Thu, 05 Nov 2020 12:04:53 GMT
Connection: keep-alive
ETag: "5fa3ea65-452"
Accept-Ranges: bytes

20745.url.tudown.com/uploads/images/867569.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/867569.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/867569.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3621934748,494421679&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710

20745.url.tudown.com/uploads/images/63752.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/63752.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/63752.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img2.baidu.com/it/u=2430318761,1815862467&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350

20745.url.tudown.com/uploads/images/506058.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/506058.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/506058.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://img0.baidu.com/it/u=1415189852,4157433511&fm=253&app=120&f=JPEG?w=1280&h=800

img1.baidu.com/it/u=4075938840,420804611&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=772

114.232.92.35

200 OK

31 kB

URL HTTP/2
img1.baidu.com/it/u=4075938840,420804611&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=772
IP
114.232.92.35:0
ASN
#131325 CHINATELECOM JIANGSU province NANTONG MAN network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x772, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
31 kB (31404 bytes)
Hash
80263018bb19917773cbfe23c00e9b8e
8727f71dcf16b6daebd91bb898de704bdcdf8979
d93c43bbffb6ea21630a7cccd047dd241f30de87077d0c0d7f165d0e5bf11e19

HTTP Headers

GET /it/u=4075938840,420804611&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=772 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 31404
expires: Mon, 06 Feb 2023 03:18:21 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 80263018bb19917773cbfe23c00e9b8e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 07 Jan 2023 03:18:21 GMT
ohc-cache-hit: nt2ct82 [1], xiangyix82 [2]
ohc-file-size: 31404
x-cache-status: MISS
X-Firefox-Spdy: h2

20745.url.tudown.com/uploads/images/520646.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/520646.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/520646.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
2d1a15af936b883451dbf3d75568f863
fc4961b5f0041dc198464c6dda01183cb07ef0ae
b85ef4c0fe7a48d851368152ecd1cf3f17611ed52c2a11936e5d3ae01d932e9d

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:50:17 GMT
ETag: "fc4961b5f0041dc198464c6dda01183cb07ef0ae"
Last-Modified: Sat, 04 Feb 2023 04:50:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1461
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941335b4b68b529-OSL

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1116848145&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=22804&r=0&ww=1280&u=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&tt=AG%E4%BA%9A%E6%B8%B8%E5%9B%BD%E9%99%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1116848145&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=22804&r=0&ww=1280&u=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&tt=AG%E4%BA%9A%E6%B8%B8%E5%9B%BD%E9%99%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1116848145&si=dd9836db2e433f487a0aa434b7b3deb7&v=1.3.0&lv=1&sn=22804&r=0&ww=1280&u=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&tt=AG%E4%BA%9A%E6%B8%B8%E5%9B%BD%E9%99%85(%E4%B8%AD%E5%9B%BD)%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-ios%2F%E5%AE%89%E5%8D%93%2F%E6%89%8B%E6%9C%BA%E7%89%88app%E4%B8%8B%E8%BD%BDV4816.72875 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20745.url.tudown.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 06:02:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A790C92FC4ECC814; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

img0.baidu.com/it/u=1105362924,3628585228&fm=253&app=120&f=JPEG?w=640&h=1136

150.138.188.35

200 OK

127 kB

URL HTTP/1.1
img0.baidu.com/it/u=1105362924,3628585228&fm=253&app=120&f=JPEG?w=640&h=1136
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x1136, components 3\012- data
Size
127 kB (127186 bytes)
Hash
cf1201efd0d2ff617d065303217f47a7
a19123abf995229661598a64f5c773b1c382cb82
28bd2f7f876ac6e937159f67bdff2b0acf5f0753839ebc4c3a0d77ef30ccd72d

HTTP Headers

GET /it/u=1105362924,3628585228&fm=253&app=120&f=JPEG?w=640&h=1136 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:58 GMT
Content-Type: image/jpeg
Content-Length: 127186
Connection: keep-alive
Expires: Wed, 01 Mar 2023 11:45:08 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: cf1201efd0d2ff617d065303217f47a7
Age: 404098
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 30 Jan 2023 11:45:08 GMT
Ohc-Cache-HIT: qd5ct61 [4], csix61 [2]
Ohc-File-Size: 127186
X-Cache-Status: HIT

t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350

185.10.104.124

200 OK

25 kB

URL HTTP/1.1
t15.baidu.com/it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Size
25 kB (24858 bytes)
Hash
0eec0e0237fb11b843dc4d8d177a8c89
7bc050b98ed0e2652d1398012acb8f0df8618c38
f5f9a5f0112d61f94c1746eb3611104f7a9c8bd714b351421f8b153acbbbc5ae

HTTP Headers

GET /it/u=190584701,3964397965&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 24858
Connection: keep-alive
Expires: Sat, 04 Feb 2023 07:53:31 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 0eec0e0237fb11b843dc4d8d177a8c89
Age: 2019544
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 07:53:31 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache58 [1], czix188 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 24858
X-Cache-Status: HIT
Timing-Allow-Origin: *

t15.baidu.com/it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

32 kB

URL HTTP/1.1
t15.baidu.com/it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
32 kB (31998 bytes)
Hash
16186aa6cdf72f4fb6873bdc5ea733c4
0b9a25585e3edd1254857b5146aea2d43eca03f5
a833b324afa37ab3b2a672537e8e3746e6e0b5e66a423c1239faf10fa9df545a

HTTP Headers

GET /it/u=432267401,3151997352&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 31998
Connection: keep-alive
Expires: Wed, 08 Feb 2023 02:26:48 GMT
Last-Modified: Mon, 12 Jan 1970 00:00:00 GMT
ETag: 16186aa6cdf72f4fb6873bdc5ea733c4
Age: 2019463
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 09 Jan 2023 02:26:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache61 [4], wzix66 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 31998
X-Cache-Status: HIT
Timing-Allow-Origin: *

t14.baidu.com/it/u=147082219,752378818&fm=224&app=112&f=JPEG?w=398&h=500

185.10.104.124

200 OK

34 kB

URL HTTP/1.1
t14.baidu.com/it/u=147082219,752378818&fm=224&app=112&f=JPEG?w=398&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 398x500, components 3\012- data
Size
34 kB (33771 bytes)
Hash
13d1245882490cc524276aa839ece9f8
cbfad1368fbc3a5225113130dd17d8f8d9d47a5c
a78ff0afc6640240ebc42d02fbe493940808e8d98e7d42adf9b0cc1b7c979ffa

HTTP Headers

GET /it/u=147082219,752378818&fm=224&app=112&f=JPEG?w=398&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 33771
Connection: keep-alive
Expires: Mon, 20 Feb 2023 03:16:09 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 13d1245882490cc524276aa839ece9f8
Age: 354141
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 03:16:09 GMT
Ohc-Cache-HIT: fra01-sys-jomo7.fra01.baidu.com [4], zhuzuncache55 [1], czix175 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 33771
X-Cache-Status: HIT
Timing-Allow-Origin: *

img0.baidu.com/it/u=1622997378,904526249&fm=253&fmt=auto&app=138&f=GIF?w=240&h=320

150.138.188.35

200 OK

49 kB

URL HTTP/2
img0.baidu.com/it/u=1622997378,904526249&fm=253&fmt=auto&app=138&f=GIF?w=240&h=320
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
GIF image data, version 89a, 240 x 320\012- data
Size
49 kB (49362 bytes)
Hash
f4b73a1c2d99a6f7950b9b25ae66f0ba
c48db87f4a019eeab5127ca72d8b08e695c71113
156acc18f79939c9819e6410513166992737d4701d6217cde59f6087320a2fd7

HTTP Headers

GET /it/u=1622997378,904526249&fm=253&fmt=auto&app=138&f=GIF?w=240&h=320 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/gif
content-length: 49362
expires: Wed, 01 Mar 2023 06:32:47 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: f4b73a1c2d99a6f7950b9b25ae66f0ba
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 30 Jan 2023 06:32:47 GMT
ohc-cache-hit: qd5ct61 [1], xiangyix214 [4]
ohc-file-size: 49362
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=3695906001,2660949226&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=200

150.138.188.35

200 OK

4.1 kB

URL HTTP/2
img0.baidu.com/it/u=3695906001,2660949226&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=200
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.1 kB (4142 bytes)
Hash
10cc9dd6f4a4909e597e884b9fa23180
7236a5372cb5ce359705efb9ec9e46b3228e4046
5aef347b6e92e652999439d3346b2d4d6bb41b5d07f1cf2e2340ea40d2d8b186

HTTP Headers

GET /it/u=3695906001,2660949226&fm=253&fmt=auto&app=120&f=JPEG?w=300&h=200 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 4142
expires: Tue, 21 Feb 2023 16:42:03 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 10cc9dd6f4a4909e597e884b9fa23180
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 16:42:03 GMT
ohc-cache-hit: qd5ct59 [1], suzix232 [4]
ohc-file-size: 4142
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=3295580319,3678632216&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=569

114.232.92.35

200 OK

21 kB

URL HTTP/1.1
img1.baidu.com/it/u=3295580319,3678632216&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=569
IP
114.232.92.35:0
ASN
#131325 CHINATELECOM JIANGSU province NANTONG MAN network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x569, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
21 kB (21410 bytes)
Hash
5aec69a447cffb5ec08abb2f7b82e5a0
0251de71f2fadff3a067bdc8e37658d826451629
8c3ed56baa2e6c1acd571c1d6da253b0e717a9958215d2d1ef596e8c4670fd56

HTTP Headers

GET /it/u=3295580319,3678632216&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=569 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/webp
Content-Length: 21410
Connection: keep-alive
Expires: Tue, 21 Feb 2023 04:43:18 GMT
Last-Modified: Sat, 10 Jan 1970 00:00:00 GMT
ETag: 5aec69a447cffb5ec08abb2f7b82e5a0
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 22 Jan 2023 04:43:18 GMT
Ohc-Cache-HIT: nt2ct61 [1], suzix129 [4]
Ohc-File-Size: 21410
X-Cache-Status: MISS

20745.url.tudown.com/uploads/images/927450.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/927450.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/927450.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=3449645749,296685161&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400

t15.baidu.com/it/u=2115249626,2832831544&fm=224&app=112&f=JPEG?w=400&h=400

185.10.104.124

200 OK

34 kB

URL HTTP/1.1
t15.baidu.com/it/u=2115249626,2832831544&fm=224&app=112&f=JPEG?w=400&h=400
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Size
34 kB (34133 bytes)
Hash
e63a44ae3d22293bc72542d7f0b6bc77
6f4dd7a820dc197e8c6c584eaff115f98a231f61
24adc051eaabfda34e166e1f079f8078efea67701f6f2e99bf426bfa34785f16

HTTP Headers

GET /it/u=2115249626,2832831544&fm=224&app=112&f=JPEG?w=400&h=400 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 34133
Connection: keep-alive
Expires: Tue, 28 Feb 2023 16:44:24 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: e63a44ae3d22293bc72542d7f0b6bc77
Age: 370423
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 16:44:24 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache54 [1], bdix222 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 34133
X-Cache-Status: HIT
Timing-Allow-Origin: *

img2.baidu.com/it/u=1989076129,3183703155&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=500

125.74.110.35

200 OK

13 kB

URL HTTP/2
img2.baidu.com/it/u=1989076129,3183703155&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=500
IP
125.74.110.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 479x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
13 kB (13316 bytes)
Hash
77454d10905e890bc62081ebcec84ce4
c6d444c39e3e57c53c47cd8a7fc28aa638deae2d
342171749243fc488986108c76482c75faf9eae01451707c754b75353a963e8e

HTTP Headers

GET /it/u=1989076129,3183703155&fm=253&fmt=auto&app=138&f=JPEG?w=479&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 13316
expires: Wed, 15 Feb 2023 02:22:05 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 77454d10905e890bc62081ebcec84ce4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 16 Jan 2023 02:22:05 GMT
ohc-cache-hit: lz6ct61 [1], suzix229 [2]
ohc-file-size: 13316
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=2144345989,2246226505&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400

125.74.110.35

200 OK

15 kB

URL HTTP/2
img2.baidu.com/it/u=2144345989,2246226505&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP
125.74.110.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
15 kB (15164 bytes)
Hash
018fb0cdf34e42324752f6e3495f8221
9d0b99cc6ee2dfaf462913a24b2a86c1942815d2
289f3e3e12df570e087f6ecb3f92dea6cc09bb82d2cafe168513da0ea260b04a

HTTP Headers

GET /it/u=2144345989,2246226505&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 15164
expires: Sun, 19 Feb 2023 07:08:34 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 018fb0cdf34e42324752f6e3495f8221
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 07:08:34 GMT
ohc-cache-hit: lz6ct50 [1], bdix115 [2]
ohc-file-size: 15164
x-cache-status: MISS
X-Firefox-Spdy: h2

20745.url.tudown.com/uploads/images/162428.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/162428.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/162428.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=3650368425,436190755&fm=253&fmt=auto?w=1280&h=800

img0.baidu.com/it/u=350978266,2939093321&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

150.138.188.35

200 OK

47 kB

URL HTTP/2
img0.baidu.com/it/u=350978266,2939093321&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
47 kB (46888 bytes)
Hash
5f0117d1721a72016eb483e04684f482
b766c45e64f585a0f4aeffeb49c94d126512ac12
7cfa3f07aac7c74f2d1c3dc191349395eee20f5927769764a760502980760c18

HTTP Headers

GET /it/u=350978266,2939093321&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 46888
expires: Sat, 04 Feb 2023 19:11:05 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 5f0117d1721a72016eb483e04684f482
age: 57307
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Thu, 05 Jan 2023 19:11:05 GMT
ohc-cache-hit: qd5ct70 [4], bdix185 [4]
ohc-file-size: 46888
x-cache-status: HIT
X-Firefox-Spdy: h2

img2.baidu.com/it/u=2430318761,1815862467&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350

125.74.110.35

200 OK

20 kB

URL HTTP/1.1
img2.baidu.com/it/u=2430318761,1815862467&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350
IP
125.74.110.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 350x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
20 kB (20426 bytes)
Hash
7244a89e7c0f72ad8a750d97a4a37aa7
cd4f515858557364ad3735e8e8249ed42477fc3c
8a2c5f2102accca83a5c66decc88351bcb31f648cf3b7c23518d5db92f1f3e7d

HTTP Headers

GET /it/u=2430318761,1815862467&fm=253&fmt=auto&app=138&f=JPEG?w=350&h=350 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/webp
Content-Length: 20426
Connection: keep-alive
Expires: Sun, 19 Feb 2023 07:01:00 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 7244a89e7c0f72ad8a750d97a4a37aa7
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 20 Jan 2023 07:01:00 GMT
Ohc-Cache-HIT: lz6ct59 [1], csix88 [4]
Ohc-File-Size: 20426
X-Cache-Status: MISS

js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d

101.198.192.8

200 OK

117 B

URL HTTP/1.1
js.passport.qihucdn.com/11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d
IP
101.198.192.8:0
ASN
#55992 Beijing Qihu Technology Company Limited

File type
HTML document, ASCII text, with no line terminators
Size
117 B (117 bytes)
Hash
807bb08bf1c51aaff763edb0f02719ef
6e089da63e5751494b32d77031df30ec3c8be067
7eb411ad7be2e6af85645f2a2b6401bf6085fe4e0436d004f33710bb84a7be4e

HTTP Headers

GET /11.0.1.js?d10ea2610e3a9b90fa9990ffc6bf559d HTTP/1.1
Host: js.passport.qihucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:20 GMT
Cache-Control: max-age=600
Expires: Sat, 04 Feb 2023 06:12:59 GMT
KCS-Via: REVALIDATED from w-fc02.hkht;REVALIDATED from w-sc01.hkht
Content-Encoding: gzip

20745.url.tudown.com/uploads/images/984153.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/984153.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/984153.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=328378750,941456446&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500

20745.url.tudown.com/uploads/images/320847.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/320847.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/320847.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img1.baidu.com/it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500

t13.baidu.com/it/u=2204042064,2132699369&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

48 kB

URL HTTP/1.1
t13.baidu.com/it/u=2204042064,2132699369&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
48 kB (48326 bytes)
Hash
5faefc48d26e696ac8fb5ef0a8d33883
5eb038ae81cb20ad759a7049981a60fc0344c7cc
49398eaa5049a16e1763516883b94213566330675b3e2cc90f40db76ff5c512b

HTTP Headers

GET /it/u=2204042064,2132699369&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 48326
Connection: keep-alive
Expires: Sat, 04 Feb 2023 18:12:25 GMT
Last-Modified: Fri, 09 Jan 1970 00:00:00 GMT
ETag: 5faefc48d26e696ac8fb5ef0a8d33883
Age: 2019420
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 05 Jan 2023 18:12:25 GMT
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache65 [4], xaix186 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 48326
X-Cache-Status: HIT
Timing-Allow-Origin: *

20745.url.tudown.com/uploads/images/120795.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/120795.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/120795.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t14.baidu.com/it/u=1495232795,4227167524&fm=224&app=112&f=JPEG?w=500&h=500

20745.url.tudown.com/uploads/images/855408.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/855408.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/855408.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=1858725663,2465798137&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

img0.baidu.com/it/u=3621934748,494421679&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710

150.138.188.35

200 OK

47 kB

URL HTTP/2
img0.baidu.com/it/u=3621934748,494421679&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x710, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
47 kB (47056 bytes)
Hash
08a89b6956bc3c50ba38864063e99fd0
f0bc9e8dcbecad6c3c08be951cfe5e16c2ed1789
212b85c31a44e491cab2803fba78f930b9ff8a5bebcbed93805e618b30562d30

HTTP Headers

GET /it/u=3621934748,494421679&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=710 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 47056
expires: Wed, 01 Mar 2023 04:23:48 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 08a89b6956bc3c50ba38864063e99fd0
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Mon, 30 Jan 2023 04:23:48 GMT
ohc-cache-hit: qd5ct73 [1], wzix98 [4]
ohc-file-size: 47056
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=236493224,1828024268&fm=253&app=120&f=JPEG?w=1422&h=800

150.138.188.35

200 OK

187 kB

URL HTTP/1.1
img0.baidu.com/it/u=236493224,1828024268&fm=253&app=120&f=JPEG?w=1422&h=800
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1422x800, components 3\012- data
Size
187 kB (187428 bytes)
Hash
7b4fbe3d25ba7c7dd072b948d48e9b56
00d5571ac61f08c4ac907429329df6ace285020e
af40ab7418182e9a3f3a3bffe9942fc621606dc36a57f0d0444a587c9ed1c80b

HTTP Headers

GET /it/u=236493224,1828024268&fm=253&app=120&f=JPEG?w=1422&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 187428
Connection: keep-alive
Expires: Wed, 15 Feb 2023 07:30:05 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: 7b4fbe3d25ba7c7dd072b948d48e9b56
Age: 65965
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Mon, 16 Jan 2023 07:30:05 GMT
Ohc-Cache-HIT: qd5ct55 [4], qdix55 [2]
Ohc-File-Size: 187428
X-Cache-Status: HIT

t14.baidu.com/it/u=1495232795,4227167524&fm=224&app=112&f=JPEG?w=500&h=500

185.10.104.124

200 OK

67 kB

URL HTTP/1.1
t14.baidu.com/it/u=1495232795,4227167524&fm=224&app=112&f=JPEG?w=500&h=500
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
67 kB (67146 bytes)
Hash
5ac07f4795755f8526c53cdeceff48dd
84999fe537c7a8ea25a674dff3bda0b5dfb5fa2f
e40d404d8eba710e14bc40860c8f0b01b892c555604990cad51a3ae7b3125871

HTTP Headers

GET /it/u=1495232795,4227167524&fm=224&app=112&f=JPEG?w=500&h=500 HTTP/1.1
Host: t14.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpeg
Content-Length: 67146
Connection: keep-alive
Expires: Tue, 28 Feb 2023 03:19:08 GMT
Last-Modified: Sun, 11 Jan 1970 00:00:00 GMT
ETag: 5ac07f4795755f8526c53cdeceff48dd
Age: 528232
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 29 Jan 2023 03:19:08 GMT
Ohc-Cache-HIT: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache83 [4], xaix240 [2]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 67146
X-Cache-Status: HIT

img2.baidu.com/it/u=2531697070,1475200272&fm=253&fmt=auto&app=138&f=JPEG?w=240&h=360

125.74.110.35

200 OK

25 kB

URL HTTP/2
img2.baidu.com/it/u=2531697070,1475200272&fm=253&fmt=auto&app=138&f=JPEG?w=240&h=360
IP
125.74.110.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 240x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
25 kB (25418 bytes)
Hash
a74bacb723cc771473ddfb2c2007d020
8f4adc8fe90acd6c2724319a053b78652cf9d495
f02c5bdf3c7b702e04b0c1c12225c583a644636e72d4d032c574bf843504f339

HTTP Headers

GET /it/u=2531697070,1475200272&fm=253&fmt=auto&app=138&f=JPEG?w=240&h=360 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 25418
expires: Thu, 02 Mar 2023 03:58:31 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: a74bacb723cc771473ddfb2c2007d020
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 03:58:31 GMT
ohc-cache-hit: lz6ct58 [1], xiangyix82 [4]
ohc-file-size: 25418
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400

125.74.110.35

200 OK

14 kB

URL HTTP/2
img2.baidu.com/it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP
125.74.110.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
14 kB (13700 bytes)
Hash
67ca8d5ab5e8c02e34039b72cd314889
6bba92845a4f0f2ed7bf559d747214ddf7fed05f
2f22629304f76aa73d8c6e6f5197ca80150afb9f94c56d4515c7c478885eb6ee

HTTP Headers

GET /it/u=3946608957,2156101699&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 13700
expires: Sun, 26 Feb 2023 05:04:25 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 67ca8d5ab5e8c02e34039b72cd314889
age: 12943
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 05:04:25 GMT
ohc-cache-hit: lz6ct61 [4], xaix92 [4]
ohc-file-size: 13700
x-cache-status: HIT
X-Firefox-Spdy: h2

t13.baidu.com/it/u=2621949072,3390893004&fm=224&app=112&f=JPEG?w=500&h=500&s=9BB967877CF3CBE970A1816E0300F07B

185.10.104.124

200 OK

60 kB

URL HTTP/1.1
t13.baidu.com/it/u=2621949072,3390893004&fm=224&app=112&f=JPEG?w=500&h=500&s=9BB967877CF3CBE970A1816E0300F07B
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
60 kB (60395 bytes)
Hash
91d4ed5de9c3e8506a3be366383c4caf
4ac93a501096de8cb5d5fd044a9fc40047a298f1
df97d4bad14136b735a63c88e6dafac7af269bc590660fd0ff0aa42935e36c74

HTTP Headers

GET /it/u=2621949072,3390893004&fm=224&app=112&f=JPEG?w=500&h=500&s=9BB967877CF3CBE970A1816E0300F07B HTTP/1.1
Host: t13.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpeg
Content-Length: 60395
Connection: keep-alive
Expires: Sat, 04 Mar 2023 15:12:56 GMT
Last-Modified: Mon, 19 Jan 1970 00:00:00 GMT
ETag: 91d4ed5de9c3e8506a3be366383c4caf
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Thu, 02 Feb 2023 15:12:55 GMT
Ohc-Upstream-Trace: 58.216.2.239; 58.20.204.57
Ohc-Cache-HIT: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache57 [4], czix239 [2]
Ohc-Response-Time: 1 0 0 0 317 318
Ohc-File-Size: 60395
X-Cache-Status: MISS
Timing-Allow-Origin: *

img1.baidu.com/it/u=2317030829,1276939570&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800

114.232.92.35

200 OK

88 kB

URL HTTP/2
img1.baidu.com/it/u=2317030829,1276939570&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800
IP
114.232.92.35:0
ASN
#131325 CHINATELECOM JIANGSU province NANTONG MAN network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
88 kB (88228 bytes)
Hash
fa341346649e341b60889c79b60f4b81
c9094081101333506b0d77a648ddc287d76cad49
f4eaf126bd4f2b456718d4e2d2b92c7d1348ab6b2b6de4c6904d64e8f3623c3f

HTTP Headers

GET /it/u=2317030829,1276939570&fm=253&fmt=auto&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 88228
expires: Fri, 10 Feb 2023 14:38:38 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: fa341346649e341b60889c79b60f4b81
age: 344736
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 11 Jan 2023 14:38:38 GMT
ohc-cache-hit: nt2ct65 [4], wzix65 [2]
ohc-file-size: 88228
x-cache-status: HIT
X-Firefox-Spdy: h2

img1.baidu.com/it/u=80411744,899831565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

114.232.92.35

200 OK

16 kB

URL HTTP/2
img1.baidu.com/it/u=80411744,899831565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
114.232.92.35:0
ASN
#131325 CHINATELECOM JIANGSU province NANTONG MAN network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
16 kB (15852 bytes)
Hash
5f49c93c11ee64b3a28ba5a9e65f50bf
1116f66d6122ee56749a23cb13450e86324a5b36
50f2a4ecf091a68010477d8fb15f8436a4a64a5cefb071adf83894558e0c5d14

HTTP Headers

GET /it/u=80411744,899831565&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 15852
expires: Thu, 02 Mar 2023 04:43:55 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 5f49c93c11ee64b3a28ba5a9e65f50bf
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Tue, 31 Jan 2023 04:43:55 GMT
ohc-cache-hit: nt2ct78 [1], xiangyix138 [4]
ohc-file-size: 15852
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=3861871061,88107011&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500

114.232.92.35

200 OK

17 kB

URL HTTP/2
img1.baidu.com/it/u=3861871061,88107011&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500
IP
114.232.92.35:0
ASN
#131325 CHINATELECOM JIANGSU province NANTONG MAN network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 800x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
17 kB (16806 bytes)
Hash
0f0256519936ba9506b5ebeff454bc4e
a01ed1ba612dae3c88a471d58b90944c8591079f
fe48e3680de5c398b67a1a83a3b14657e5e9b843f12173e9853f2951c7f29737

HTTP Headers

GET /it/u=3861871061,88107011&fm=253&fmt=auto&app=138&f=JPEG?w=800&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 16806
expires: Sun, 19 Feb 2023 11:59:30 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: 0f0256519936ba9506b5ebeff454bc4e
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 11:59:30 GMT
ohc-cache-hit: nt2ct83 [1], qdix236 [4]
ohc-file-size: 16806
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=2078352950,1234178466&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170

114.232.92.35

200 OK

6.8 kB

URL HTTP/2
img1.baidu.com/it/u=2078352950,1234178466&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170
IP
114.232.92.35:0
ASN
#131325 CHINATELECOM JIANGSU province NANTONG MAN network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 130x170, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.8 kB (6812 bytes)
Hash
eaa5af5236d291eda619681de0491a69
d41efe8610cda18a21d048e7f385cea3558b63e0
6660b2ae43d3eb634717c453dc6ee3f2c8da83b3a05bc70338b1ff550c5fb045

HTTP Headers

GET /it/u=2078352950,1234178466&fm=253&fmt=auto&app=138&f=JPEG?w=130&h=170 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 6812
expires: Fri, 24 Feb 2023 14:23:04 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: eaa5af5236d291eda619681de0491a69
age: 157614
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Wed, 25 Jan 2023 14:23:04 GMT
ohc-cache-hit: nt2ct50 [4], wzix50 [4]
ohc-file-size: 6812
x-cache-status: HIT
X-Firefox-Spdy: h2

20745.url.tudown.com/uploads/images/536979.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/536979.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/536979.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=1171421054,3626947149&fm=224&app=112&f=JPEG?w=350&h=350

img0.baidu.com/it/u=1415189852,4157433511&fm=253&app=120&f=JPEG?w=1280&h=800

150.138.188.35

200 OK

87 kB

URL HTTP/1.1
img0.baidu.com/it/u=1415189852,4157433511&fm=253&app=120&f=JPEG?w=1280&h=800
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x800, components 3\012- data
Size
87 kB (87167 bytes)
Hash
a11aa918db5897b5c6845ceb3a572089
ac04854de4b9a35cdafb430e7feca753111eb5a9
de7e829522fdfbb4233df3f2f7afebe73cd205495a1bca0401afef80ae01f220

HTTP Headers

GET /it/u=1415189852,4157433511&fm=253&app=120&f=JPEG?w=1280&h=800 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/jpeg
Content-Length: 87167
Connection: keep-alive
Expires: Tue, 14 Feb 2023 02:51:14 GMT
Last-Modified: Thu, 15 Jan 1970 00:00:00 GMT
ETag: a11aa918db5897b5c6845ceb3a572089
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Sun, 15 Jan 2023 02:51:14 GMT
Ohc-Cache-HIT: qd5ct63 [1], bdix242 [4]
Ohc-File-Size: 87167
X-Cache-Status: MISS

img1.baidu.com/it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960

114.232.92.35

200 OK

23 kB

URL HTTP/2
img1.baidu.com/it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960
IP
114.232.92.35:0
ASN
#131325 CHINATELECOM JIANGSU province NANTONG MAN network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x960, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
23 kB (23124 bytes)
Hash
ba57ba38e43ee221765b1f1b7e064a2b
f3d9ad7e969153e6774c4f444b8475f15cee3caf
ff4eafb78398fc3fcd3795e9cd84d959b40a13a90fd4f14c3fc4082a8333bbd0

HTTP Headers

GET /it/u=1714884640,1137846280&fm=253&fmt=auto?w=640&h=960 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 23124
expires: Tue, 21 Feb 2023 05:58:29 GMT
last-modified: Fri, 09 Jan 1970 00:00:00 GMT
etag: ba57ba38e43ee221765b1f1b7e064a2b
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:58:29 GMT
ohc-cache-hit: nt2ct62 [1], qdix201 [4]
ohc-file-size: 23124
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=3282217110,2937448311&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500

114.232.92.35

200 OK

17 kB

URL HTTP/2
img1.baidu.com/it/u=3282217110,2937448311&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500
IP
114.232.92.35:0
ASN
#131325 CHINATELECOM JIANGSU province NANTONG MAN network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 281x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
17 kB (17228 bytes)
Hash
59d55da2102625f10a212163e764bb02
5e1dc23569ed6bccfaa4242bf0e660522550a2e4
c857f282f67452464d639d073b0725edbc15ac599be6fbf5bbf5f2f82a8c5ec1

HTTP Headers

GET /it/u=3282217110,2937448311&fm=253&fmt=auto&app=138&f=JPEG?w=281&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:02:59 GMT
content-type: image/webp
content-length: 17228
expires: Mon, 20 Feb 2023 06:24:54 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 59d55da2102625f10a212163e764bb02
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 06:24:54 GMT
ohc-cache-hit: nt2ct77 [1], bdix224 [2]
ohc-file-size: 17228
x-cache-status: MISS
X-Firefox-Spdy: h2

t15.baidu.com/it/u=1171421054,3626947149&fm=224&app=112&f=JPEG?w=350&h=350

185.10.104.124

200 OK

8.7 kB

URL HTTP/1.1
t15.baidu.com/it/u=1171421054,3626947149&fm=224&app=112&f=JPEG?w=350&h=350
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Size
8.7 kB (8714 bytes)
Hash
8d42860e6ad74dbc2312b0523ce3fa0b
6294f47afd12b197867fdb26ddf9732ca2fea42c
58374bc0a6b87d2b05354d7b37dcb3844c7b3173afae454d1ebc3a73af26400e

HTTP Headers

GET /it/u=1171421054,3626947149&fm=224&app=112&f=JPEG?w=350&h=350 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpeg
Content-Length: 8714
Connection: keep-alive
Expires: Sun, 05 Feb 2023 21:46:48 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: 8d42860e6ad74dbc2312b0523ce3fa0b
Age: 356283
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Fri, 06 Jan 2023 21:46:48 GMT
Ohc-Cache-HIT: fra01-sys-jomo0.fra01.baidu.com [2], zhuzuncache54 [1], xaix175 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 8714
X-Cache-Status: HIT
Timing-Allow-Origin: *

s6.qhres2.com/static/ab77b6ea7f3fbf79.js

54.230.111.4

200 OK

478 B

URL HTTP/1.1
s6.qhres2.com/static/ab77b6ea7f3fbf79.js
IP
54.230.111.4:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (478), with no line terminators
Size
478 B (478 bytes)
Hash
5dd27f8f2b042194c3cdabd62fd80110
c035036a939799d4c29b9c0f7229ae1953d03109
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

HTTP Headers

GET /static/ab77b6ea7f3fbf79.js HTTP/1.1
Host: s6.qhres2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 478
Connection: keep-alive
Date: Mon, 26 Sep 2022 01:48:25 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
ETag: W/"b300475a05992239"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Expires: Thu, 23 Sep 2032 01:48:25 GMT
KCS-Via: HIT from w-fc01.lato;MISS from w-sc02.lato
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qdwtSaTRJM4wMfcQQw0gFPSYeCcSxet_mfWBYKVN3HVU9s7b13QvaA==
Age: 11333675

20745.url.tudown.com/uploads/images/730248.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/730248.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/730248.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img2.baidu.com/it/u=995696646,3927522449&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500

img1.baidu.com/it/u=3650368425,436190755&fm=253&fmt=auto?w=1280&h=800

114.232.92.35

200 OK

34 kB

URL HTTP/2
img1.baidu.com/it/u=3650368425,436190755&fm=253&fmt=auto?w=1280&h=800
IP
114.232.92.35:0
ASN
#131325 CHINATELECOM JIANGSU province NANTONG MAN network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
34 kB (33698 bytes)
Hash
44498915482fc778b72e30e01902c1a2
fcd7c8d5d3ba8eb374a40c180b20a932db53b663
ca7da00d0d4a3de309f9d6bf7fa4475ca48000238942803b4ff009c23a762fe1

HTTP Headers

GET /it/u=3650368425,436190755&fm=253&fmt=auto?w=1280&h=800 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 33698
expires: Tue, 21 Feb 2023 05:42:21 GMT
last-modified: Sat, 10 Jan 1970 00:00:00 GMT
etag: 44498915482fc778b72e30e01902c1a2
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 05:42:21 GMT
ohc-cache-hit: nt2ct73 [1], qdix73 [2]
ohc-file-size: 33698
x-cache-status: MISS
X-Firefox-Spdy: h2

img1.baidu.com/it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500

114.232.92.35

200 OK

48 kB

URL HTTP/2
img1.baidu.com/it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500
IP
114.232.92.35:0
ASN
#131325 CHINATELECOM JIANGSU province NANTONG MAN network

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 412x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
48 kB (48522 bytes)
Hash
ca65831f2e4a7d54459733e55bd88794
7f5a4b96571eefe84ca624a9d8a9f58f9f35f59c
fd7929e4f39a371c6f6e9ed22149256d036829ef24b71717bff529f26447d30c

HTTP Headers

GET /it/u=2894770746,231255722&fm=253&fmt=auto&app=138&f=JPEG?w=412&h=500 HTTP/1.1
Host: img1.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 48522
expires: Mon, 20 Feb 2023 07:12:07 GMT
last-modified: Sun, 11 Jan 1970 00:00:00 GMT
etag: ca65831f2e4a7d54459733e55bd88794
age: 160076
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 21 Jan 2023 07:12:07 GMT
ohc-cache-hit: nt2ct55 [4], suzix206 [2]
ohc-file-size: 48522
x-cache-status: HIT
X-Firefox-Spdy: h2

20745.url.tudown.com/uploads/images/913091.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/913091.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/913091.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://t15.baidu.com/it/u=3308514828,603896565&fm=224&app=112&f=JPEG?w=500&h=500&s=02B45483C3C512FB50ACD4B803005021

20745.url.tudown.com/uploads/images/539112.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/539112.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/539112.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=30629542,1692593181&fm=253&fmt=auto&app=138&f=PNG?w=281&h=500

20745.url.tudown.com/uploads/images/482747.jpg

154.218.151.71

301 Moved Permanently

0 B

URL HTTP/1.1
20745.url.tudown.com/uploads/images/482747.jpg
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/images/482747.jpg HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://img0.baidu.com/it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754

t15.baidu.com/it/u=3308514828,603896565&fm=224&app=112&f=JPEG?w=500&h=500&s=02B45483C3C512FB50ACD4B803005021

185.10.104.124

200 OK

41 kB

URL HTTP/1.1
t15.baidu.com/it/u=3308514828,603896565&fm=224&app=112&f=JPEG?w=500&h=500&s=02B45483C3C512FB50ACD4B803005021
IP
185.10.104.124:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 75x75, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size
41 kB (41404 bytes)
Hash
da0fa1156c273ea38a7a115ce6cc7e97
310706a2854d9084662939ef59402a0ac9bad71e
10a2b943fe0828e8b83b948775be25ffe08d9e8ee205f12d55dcd713db726ea5

HTTP Headers

GET /it/u=3308514828,603896565&fm=224&app=112&f=JPEG?w=500&h=500&s=02B45483C3C512FB50ACD4B803005021 HTTP/1.1
Host: t15.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/jpeg
Content-Length: 41404
Connection: keep-alive
Expires: Mon, 20 Feb 2023 10:42:44 GMT
Last-Modified: Wed, 07 Jan 1970 00:00:00 GMT
ETag: da0fa1156c273ea38a7a115ce6cc7e97
Age: 335271
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Ohc-Global-Saved-Time: Sat, 21 Jan 2023 10:42:44 GMT
Ohc-Cache-HIT: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache58 [1], xiangyix167 [4]
Ohc-Response-Time: 1 0 0 0 0 0
Ohc-File-Size: 41404
X-Cache-Status: HIT
Timing-Allow-Origin: *

img2.baidu.com/it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800

125.74.110.35

200 OK

531 kB

URL HTTP/1.1
img2.baidu.com/it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800
IP
125.74.110.35:0
ASN
#4134 Chinanet

File type
PNG image data, 1422 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size
531 kB (530895 bytes)
Hash
c1fc233090e97e297d8132e74568465c
5f3d473ec63255cd6f954df0b191a5613c9b1530
b23ab16be1942307bcff953265de987ff99b54d0f121483896c072dbc25991c8

HTTP Headers

GET /it/u=3620217693,2075729028&fm=253&app=120&f=PNG?w=1422&h=800 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://20745.url.tudown.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Sat, 04 Feb 2023 06:02:59 GMT
Content-Type: image/png
Content-Length: 530895
Connection: keep-alive
Expires: Fri, 03 Mar 2023 15:30:50 GMT
Last-Modified: Thu, 08 Jan 1970 00:00:00 GMT
ETag: c1fc233090e97e297d8132e74568465c
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Ohc-Global-Saved-Time: Wed, 01 Feb 2023 15:30:50 GMT
Ohc-Cache-HIT: lz6ct60 [2], csix70 [2]
Ohc-File-Size: 530895
X-Cache-Status: MISS

img0.baidu.com/it/u=1858725663,2465798137&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500

150.138.188.35

200 OK

18 kB

URL HTTP/2
img0.baidu.com/it/u=1858725663,2465798137&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
18 kB (18442 bytes)
Hash
f27ae356ed30e167d5ac89c49e834c91
059bd4485162476b754844ae4e70ace5358ad7a2
770c3dd8cc3bf77f07bb95aa91880fc47aca7009f26e302b76bc86ca1ed23d2d

HTTP Headers

GET /it/u=1858725663,2465798137&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 18442
expires: Tue, 21 Feb 2023 04:20:51 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: f27ae356ed30e167d5ac89c49e834c91
age: 320861
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 22 Jan 2023 04:20:51 GMT
ohc-cache-hit: qd5ct50 [4], xiangyix218 [2]
ohc-file-size: 18442
x-cache-status: HIT
X-Firefox-Spdy: h2

img0.baidu.com/it/u=328378750,941456446&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500

150.138.188.35

200 OK

35 kB

URL HTTP/2
img0.baidu.com/it/u=328378750,941456446&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 552x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
35 kB (35056 bytes)
Hash
a3ad02c63e5da171b154a5070d0ea6cc
81e04758abc30e9f0c4021a01e457ef99fe4bb38
774f10c91a1f26485d2b2585f71180ab640c70db7d615d661e0db53b666749cf

HTTP Headers

GET /it/u=328378750,941456446&fm=253&fmt=auto&app=138&f=JPEG?w=552&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 35056
expires: Sun, 19 Feb 2023 18:39:22 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: a3ad02c63e5da171b154a5070d0ea6cc
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 20 Jan 2023 18:39:22 GMT
ohc-cache-hit: qd5ct51 [1], czix51 [2]
ohc-file-size: 35056
x-cache-status: MISS
X-Firefox-Spdy: h2

img2.baidu.com/it/u=995696646,3927522449&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500

125.74.110.35

200 OK

66 kB

URL HTTP/2
img2.baidu.com/it/u=995696646,3927522449&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500
IP
125.74.110.35:0
ASN
#4134 Chinanet

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 889x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
66 kB (65624 bytes)
Hash
14bf527bfc1ed94fe01cc3cf10beccf4
9f1fed27dde465f4e6b68ec933770d5312b91e0b
28ac8017da0cca977ebbe72acae5ccc075f43bd0516d6f8ecd0c4cb22166b0bd

HTTP Headers

GET /it/u=995696646,3927522449&fm=253&fmt=auto&app=138&f=JPEG?w=889&h=500 HTTP/1.1
Host: img2.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 65624
expires: Mon, 27 Feb 2023 14:38:48 GMT
last-modified: Mon, 05 Jan 1970 00:00:00 GMT
etag: 14bf527bfc1ed94fe01cc3cf10beccf4
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sat, 28 Jan 2023 14:38:48 GMT
ohc-cache-hit: lz6ct59 [1], xiangyix230 [4]
ohc-file-size: 65624
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=3449645749,296685161&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400

150.138.188.35

200 OK

28 kB

URL HTTP/2
img0.baidu.com/it/u=3449645749,296685161&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
28 kB (28280 bytes)
Hash
7e07e641efb8f4dc9f5711523182f5a5
bf9e4e88ce43a0fe8ac0bdd5e5eac7d24199564c
b358836c202bf7bad45139e18e549028e186ef110be1f1d6d17badb73c01aac8

HTTP Headers

GET /it/u=3449645749,296685161&fm=253&fmt=auto&app=138&f=JPEG?w=400&h=400 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 28280
expires: Tue, 07 Feb 2023 16:34:03 GMT
last-modified: Tue, 06 Jan 1970 00:00:00 GMT
etag: 7e07e641efb8f4dc9f5711523182f5a5
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Sun, 08 Jan 2023 16:34:03 GMT
ohc-cache-hit: qd5ct68 [1], wzix68 [4]
ohc-file-size: 28280
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=30629542,1692593181&fm=253&fmt=auto&app=138&f=PNG?w=281&h=500

150.138.188.35

200 OK

89 kB

URL HTTP/2
img0.baidu.com/it/u=30629542,1692593181&fm=253&fmt=auto&app=138&f=PNG?w=281&h=500
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
RIFF (little-endian) data, Web/P image\012- data
Size
89 kB (88890 bytes)
Hash
92c6f0947bdce717762aab8e4934b898
249d1ab1f128d7ec452538fde6e874f1ccf6567f
e768a5e63487c10545a91945f1d763dfe70f61c0ecb9a2fe0addea004cca6cd8

HTTP Headers

GET /it/u=30629542,1692593181&fm=253&fmt=auto&app=138&f=PNG?w=281&h=500 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 88890
expires: Sun, 26 Feb 2023 14:32:03 GMT
last-modified: Wed, 07 Jan 1970 00:00:00 GMT
etag: 92c6f0947bdce717762aab8e4934b898
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 14:32:03 GMT
ohc-cache-hit: qd5ct63 [1], wzix98 [4]
ohc-file-size: 88890
x-cache-status: MISS
X-Firefox-Spdy: h2

img0.baidu.com/it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754

150.138.188.35

200 OK

33 kB

URL HTTP/2
img0.baidu.com/it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754
IP
150.138.188.35:0
ASN
#58541 Qingdao,266000

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x754, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
33 kB (33002 bytes)
Hash
d2e65f3fcf42668ed17357e5f286bfc6
a5342d7a36129f9231b3d90b5984a563c3b30829
6b43bcdca7015d4ba6c8c4610acf939491d8fdd27629b62b8465bd7ee464c3dc

HTTP Headers

GET /it/u=2820684544,20828447&fm=253&fmt=auto&app=138&f=JPEG?w=500&h=754 HTTP/1.1
Host: img0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://20745.url.tudown.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 04 Feb 2023 06:03:00 GMT
content-type: image/webp
content-length: 33002
expires: Sun, 26 Feb 2023 16:47:02 GMT
last-modified: Thu, 08 Jan 1970 00:00:00 GMT
etag: d2e65f3fcf42668ed17357e5f286bfc6
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
ohc-global-saved-time: Fri, 27 Jan 2023 16:47:02 GMT
ohc-cache-hit: qd5ct57 [1], xaix93 [4]
ohc-file-size: 33002
x-cache-status: MISS
X-Firefox-Spdy: h2

s.360.cn/so/zz.gif?url=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a628601209e_39a197b@970n

180.163.251.230

200 OK

0 B

URL HTTP/1.1
s.360.cn/so/zz.gif?url=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a628601209e_39a197b@970n
IP
180.163.251.230:0
ASN
#4812 China Telecom Group

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /so/zz.gif?url=http%3A%2F%2F20745.url.tudown.com%2Fxiaz%2Fhp%25E6%2583%25A0%25E6%2599%25AElaserjetm1005mfp%25E5%25A4%259A%25E5%258A%259F%25E8%2583%25BD%25E4%25B8%2580%25E4%25BD%2593%25E6%259C%25BA%25E5%258D%25B3%25E6%258F%2592%25E5%258D%25B3%25E7%2594%25A8%25E9%25A9%25B1%25E5%258A%25A820070326%25E7%2589%2588forwin7%40719_92086.exe&sid=d10ea2610e3a9b90fa9990ffc6bf559d&token=de1x0ee.a628601209e_39a197b@970n HTTP/1.1
Host: s.360.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/

HTTP/1.1 200 OK
Server: openresty/1.15.8.2
Date: Sat, 04 Feb 2023 06:03:00 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Fri, 27 Jul 2018 07:11:23 GMT
Connection: keep-alive
ETag: "5b5ac59b-0"
Accept-Ranges: bytes

20745.url.tudown.com/favicon.ico

154.218.151.71

200 OK

0 B

URL HTTP/1.1
20745.url.tudown.com/favicon.ico
IP
154.218.151.71:0
ASN
#137951 Clayer Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 20745.url.tudown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://20745.url.tudown.com/xiaz/hp%E6%83%A0%E6%99%AElaserjetm1005mfp%E5%A4%9A%E5%8A%9F%E8%83%BD%E4%B8%80%E4%BD%93%E6%9C%BA%E5%8D%B3%E6%8F%92%E5%8D%B3%E7%94%A8%E9%A9%B1%E5%8A%A820070326%E7%89%88forwin7@719_92086.exe
Cookie: __bid_n=1861b02a1238ba27294207; FPTOKEN=TeHui8tJouele+4ogsoandl1857DaAaIoDsWa3KNFbajq//G578UNxFqnALHQ8ThMeggzq773S2rFqjdzhF4YH+YE1IyMWPUH0YXa84ZQU/QzwyV1wnHks5i8KRsjhuf8F+5dI0ggBR2Xm/p3+R+uCeRw6rR1cmzFgxtIxYB0cwyHiQUQYqvDpnrDYXN0AgB1hH2bqBsi1HDyYo7GEHCAKUWkDkGn3i9A84L3ehf0xcPcDsXj+6bX6tnC7VKzgUfFFjL5VUSfr6u1Iw8uxSyWVkSuEYZS607DtvTZB46cfIo2wcVdWxkuAz+n36NCg989oUnvz9G5Q2jiw+vZ1hsyvsf8GXM8I6fSCRtjFikHD7N/OzUTHhPwmXaeJyKdHui71mHi8oIk+byTOnuOayE3g==|ZDOV3MWeboAsR8iDeRUT8/cPm/qH9/gTc9NXLWPrNKY=|10|2f9e704a7f8b8d3d456a1ce7bd29864c; Hm_lvt_dd9836db2e433f487a0aa434b7b3deb7=1675490614; Hm_lpvt_dd9836db2e433f487a0aa434b7b3deb7=1675490614

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 06:03:01 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes

s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130

180.97.251.250

200 OK

0 B

URL HTTP/2
s22.cnzz.com/z_stat.php?id=1275003130&web_id=1275003130
IP
180.97.251.250:0
ASN
#4134 Chinanet

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /z_stat.php?id=1275003130&web_id=1275003130 HTTP/1.1
Host: s22.cnzz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://20745.url.tudown.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
date: Sat, 04 Feb 2023 06:03:00 GMT
vary: Accept-Encoding
x-powered-by: PHP/5.5.25
last-modified: Sat, 04 Feb 2023 06:03:00 GMT
cache-control: max-age=1800,s-maxage=3600
content-encoding: gzip
ali-swift-global-savetime: 1675490580
via: cache18.l2ea120-8[75,75,200-0,M], cache30.l2ea120-8[77,0], cache8.cn2205[86,86,200-0,M], cache5.cn2205[87,0]
x-cache: MISS TCP_REFRESH_MISS dirn:-2:-2
x-swift-savetime: Sat, 04 Feb 2023 06:03:00 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: b461fb1916754905801395449e
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations