r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3313
Expires: Mon, 28 Nov 2022 19:05:06 GMT
Date: Mon, 28 Nov 2022 18:09:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 773
Cache-Control: max-age=146061
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:09:53 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 10:44:14 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5444
Expires: Mon, 28 Nov 2022 19:40:37 GMT
Date: Mon, 28 Nov 2022 18:09:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 17:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3021
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4mVS3SN/SpYV8yH2lSqsWoTLaE1PkTEsQ8B6rmsVD0bbwdcZWBZHQUyiIEXVe7Acpoy1C3t0oq8=
x-amz-request-id: Q2Y27GVVTWG28KFH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 17:45:07 GMT
age: 1486
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
corona-energy.com/
104.253.239.108301 Moved Permanently 0 B IP 104.253.239.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: corona-energy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 28 Nov 2022 18:09:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.corona-energy.com/index.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 18:08:55 GMT
cache-control: public,max-age=3600
age: 58
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5081
Cache-Control: max-age=145302
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:09:54 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:31:36 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.corona-energy.com/index.php
104.253.239.108200 OK 805 B URL HTTP/1.1 www.corona-energy.com/index.php
IP 104.253.239.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash 79d6fa08c1754635feb4854de0ecb756
39bf427dd3a3197e2ed39f66710e6a94b6d643e5
1d411e9447e1a85f939b2fa98f54b84a75b690bb7904b94d0442841a88d55e44
GET /index.php HTTP/1.1
Host: www.corona-energy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 18:09:54 GMT
Content-Type: text/html
Content-Length: 805
Connection: keep-alive
push.services.mozilla.com/
54.149.219.22101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.219.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mgMyZng95fKHZ4I+buJVlQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FmIh9OETflHKqbrNwAgEqw377R0=
www.corona-energy.com/common.js
104.253.239.108200 OK 752 B URL HTTP/1.1 www.corona-energy.com/common.js
IP 104.253.239.108:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (438), with CRLF line terminators
Hash 66bb75a4e47179acaa9159309acc607f
94724ea87d0845981a894faef3b6ad0507789823
c713e45a75d1024ab4357c58b040ae5b957ed409770b653341c2c0e735f3afb6
GET /common.js HTTP/1.1
Host: www.corona-energy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corona-energy.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 18:09:54 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.corona-energy.com/tj.js
104.253.239.108200 OK 518 B URL HTTP/1.1 www.corona-energy.com/tj.js
IP 104.253.239.108:0
File type ASCII text, with CRLF line terminators
Hash da7f5238769ac99d050d2ecce286adac
f5aa3b1fa1f5d49f9ffd7bf842221bc4a35d7b8a
41413bc2bd557d3091306fd25db60ec06e1d69623f974bf1c19f38ce77a737ab
GET /tj.js HTTP/1.1
Host: www.corona-energy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corona-energy.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 18:09:54 GMT
Content-Type: application/x-javascript
Content-Length: 518
Connection: keep-alive
www.corona-energy.com/favicon.ico
104.253.239.108200 OK 1.2 kB URL HTTP/1.1 www.corona-energy.com/favicon.ico
IP 104.253.239.108:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.corona-energy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corona-energy.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 18:09:54 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 03 Dec 2022 18:09:54 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8b3916302f3ca2b80f301dd4aacaaf35
0120f287dabd2f6f859b1607165ef4ceb847ffb1
336945e3c73ed960cd8cedba8385ecd7931b05f1fa624e62210b13b4c075ed09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "336945E3C73ED960CD8CEDBA8385ECD7931B05F1FA624E62210B13B4C075ED09"
Last-Modified: Mon, 28 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Tue, 29 Nov 2022 00:09:31 GMT
Date: Mon, 28 Nov 2022 18:09:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8699
Expires: Mon, 28 Nov 2022 20:34:54 GMT
Date: Mon, 28 Nov 2022 18:09:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8699
Expires: Mon, 28 Nov 2022 20:34:54 GMT
Date: Mon, 28 Nov 2022 18:09:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8699
Expires: Mon, 28 Nov 2022 20:34:54 GMT
Date: Mon, 28 Nov 2022 18:09:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8699
Expires: Mon, 28 Nov 2022 20:34:54 GMT
Date: Mon, 28 Nov 2022 18:09:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8699
Expires: Mon, 28 Nov 2022 20:34:54 GMT
Date: Mon, 28 Nov 2022 18:09:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 72519
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 35896
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 73092
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e5051d8c06f69e1842a9295ce256a36
1a542a53ba0b1cd0fb23257ebed8166555f16dfb
a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OWVkuAw6-nRNU_CVOgvsSSenSXnfSYSmJiKa60JvSaiJgPuXjJByZw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:46:41 GMT
age: 73394
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zhong.babayazi.site/news/index.php
173.231.57.254200 OK 7.7 kB URL HTTP/2 zhong.babayazi.site/news/index.php
IP 173.231.57.254:0
Hash b37df0c84b18f47f48c5d5cbad7133b8
821cbd4c03752108df3fe77ef38311ff7a486e89
54c3ccdd77bd0aeb874f941fcd4fdeb4fa86948f6e8dfc8d642a1cf44eb61b68
GET /news/index.php HTTP/1.1
Host: zhong.babayazi.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.corona-energy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 72509
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 32b9900facbcd2e5b31d40ae8f098b76
d9f4975e1118a389e6b435ee3333f2b5fc9787fe
1211f59a760d3cd4b14b87aa317c4781bb0dbb189007b8d17664e7b80a338a99
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:09:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 14:49:47 GMT
ETag: "d9f4975e1118a389e6b435ee3333f2b5fc9787fe"
Last-Modified: Mon, 28 Nov 2022 14:49:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1617
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77150eb1cb280b61-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 32b9900facbcd2e5b31d40ae8f098b76
d9f4975e1118a389e6b435ee3333f2b5fc9787fe
1211f59a760d3cd4b14b87aa317c4781bb0dbb189007b8d17664e7b80a338a99
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:09:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 14:49:47 GMT
ETag: "d9f4975e1118a389e6b435ee3333f2b5fc9787fe"
Last-Modified: Mon, 28 Nov 2022 14:49:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1617
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77150eb1caf81bfa-OSL
hm.baidu.com/hm.js?e225e9dea92f4541e1be12c36e7ba374
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e225e9dea92f4541e1be12c36e7ba374
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (616)
Hash f7808860996c197b26309a445c8dea17
a9e804c626fa7521ee7ad249b2f1a6bbbe115e70
02b9ae49dfc5064cd3bd70dad7214a42ed81e80e16360ac8271745cc81f0c6ea
GET /hm.js?e225e9dea92f4541e1be12c36e7ba374 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.corona-energy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 18:09:55 GMT
Etag: 03bcb693197682332db76a1771280ba9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9FCCCB4ADF7658C7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?b16b6a4a1f070ba28e5ede46d7d8ead0
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b16b6a4a1f070ba28e5ede46d7d8ead0
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash 5047c0ed2f21bb2ffa4e5eca69d6a59c
3a1198174d15d0da1e5fdd5627a4af3d1c3a8802
8db73670347323469144237cb88e2a305393f9fdc3a34e9a6852bab1c485f965
GET /hm.js?b16b6a4a1f070ba28e5ede46d7d8ead0 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zhong.babayazi.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11261
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 18:09:56 GMT
Etag: 259dc9361612b678821e3e67434b25dd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=57521DC57832EA12; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?65e69eb8240b52cbca20b7842a5a80d9
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?65e69eb8240b52cbca20b7842a5a80d9
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash fcf75e594c684ecc49dbb6b42eada836
e40a5b69d2cf2ede62fa9ad575a2b1ced7da35c1
b507a55597b81d9284fc1f96d48de6c26f26bfa920ccde7343e92b4eda9975ad
GET /hm.js?65e69eb8240b52cbca20b7842a5a80d9 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.corona-energy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 18:09:55 GMT
Etag: 81ba210dbcb4a1f54e9c2f5122014e77
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=10B382F330A374B4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=412740978&si=e225e9dea92f4541e1be12c36e7ba374&v=1.3.0&lv=1&sn=23801&r=0&ww=1280&u=http%3A%2F%2Fwww.corona-energy.com%2Findex.php&tt=%E5%B8%B8%E5%B7%9E%E5%B8%82%E5%8C%97%E6%B4%8B%E5%BB%BA%E6%9D%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=412740978&si=e225e9dea92f4541e1be12c36e7ba374&v=1.3.0&lv=1&sn=23801&r=0&ww=1280&u=http%3A%2F%2Fwww.corona-energy.com%2Findex.php&tt=%E5%B8%B8%E5%B7%9E%E5%B8%82%E5%8C%97%E6%B4%8B%E5%BB%BA%E6%9D%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=412740978&si=e225e9dea92f4541e1be12c36e7ba374&v=1.3.0&lv=1&sn=23801&r=0&ww=1280&u=http%3A%2F%2Fwww.corona-energy.com%2Findex.php&tt=%E5%B8%B8%E5%B7%9E%E5%B8%82%E5%8C%97%E6%B4%8B%E5%BB%BA%E6%9D%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.corona-energy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 18:09:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C2B629827A7A56FF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=447661316&si=b16b6a4a1f070ba28e5ede46d7d8ead0&su=http%3A%2F%2Fwww.corona-energy.com%2F&v=1.3.0&lv=1&sn=23801&r=0&ww=1268&u=https%3A%2F%2Fzhong.babayazi.site%2Fnews%2Findex.php
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=447661316&si=b16b6a4a1f070ba28e5ede46d7d8ead0&su=http%3A%2F%2Fwww.corona-energy.com%2F&v=1.3.0&lv=1&sn=23801&r=0&ww=1268&u=https%3A%2F%2Fzhong.babayazi.site%2Fnews%2Findex.php
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=447661316&si=b16b6a4a1f070ba28e5ede46d7d8ead0&su=http%3A%2F%2Fwww.corona-energy.com%2F&v=1.3.0&lv=1&sn=23801&r=0&ww=1268&u=https%3A%2F%2Fzhong.babayazi.site%2Fnews%2Findex.php HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zhong.babayazi.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 18:09:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=3C0CED633CA5FB97; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1065109502&si=65e69eb8240b52cbca20b7842a5a80d9&v=1.3.0&lv=1&sn=23801&r=0&ww=1280&u=http%3A%2F%2Fwww.corona-energy.com%2Findex.php&tt=%E5%B8%B8%E5%B7%9E%E5%B8%82%E5%8C%97%E6%B4%8B%E5%BB%BA%E6%9D%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1065109502&si=65e69eb8240b52cbca20b7842a5a80d9&v=1.3.0&lv=1&sn=23801&r=0&ww=1280&u=http%3A%2F%2Fwww.corona-energy.com%2Findex.php&tt=%E5%B8%B8%E5%B7%9E%E5%B8%82%E5%8C%97%E6%B4%8B%E5%BB%BA%E6%9D%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1065109502&si=65e69eb8240b52cbca20b7842a5a80d9&v=1.3.0&lv=1&sn=23801&r=0&ww=1280&u=http%3A%2F%2Fwww.corona-energy.com%2Findex.php&tt=%E5%B8%B8%E5%B7%9E%E5%B8%82%E5%8C%97%E6%B4%8B%E5%BB%BA%E6%9D%90%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.corona-energy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 18:09:56 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=781D7AA54C54C56D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corona-energy.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Mon, 28 Nov 2022 18:09:56 GMT
Etag: "4078521116"
Expires: Tue, 28 Nov 2023 18:09:56 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=26633198491E2F38BC5A65F4A8A9151B:FG=1; max-age=31536000; expires=Tue, 28-Nov-23 18:09:56 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
api.share.baidu.com/s.gif?l=http://www.corona-energy.com/index.php
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.corona-energy.com/index.php
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.corona-energy.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.corona-energy.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 28 Nov 2022 18:09:58 GMT
zhong.babayazi.site/news/list.php
173.231.57.254200 OK 685 B URL HTTP/2 zhong.babayazi.site/news/list.php
IP 173.231.57.254:0
Hash 28c4ce6da9f448d998854676aff088b2
95e3ebb28319237982b2a5024928b945ffacd118
ae3fb61bed0fdc082c35be19297fb4491cb7ca644179ca8f9a37f72d7f2ac105
GET /news/list.php HTTP/1.1
Host: zhong.babayazi.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zhong.babayazi.site/news/data.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.baxiyazi.xyz/template/m1938pc/baidu/1.gif
173.231.57.226200 OK 254 B URL HTTP/2 www.baxiyazi.xyz/template/m1938pc/baidu/1.gif
IP 173.231.57.226:0
File type GIF image data, version 89a, 16 x 17\012- data
Hash b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
GET /template/m1938pc/baidu/1.gif HTTP/1.1
Host: www.baxiyazi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:59 GMT
content-type: image/gif
content-length: 254
last-modified: Mon, 10 Oct 2022 07:50:36 GMT
etag: "6343cecc-fe"
expires: Wed, 28 Dec 2022 18:09:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.baxiyazi.xyz/template/m1938pc/images/loading.svg
173.231.57.226200 OK 506 B URL HTTP/2 www.baxiyazi.xyz/template/m1938pc/images/loading.svg
IP 173.231.57.226:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bb36cf278bc5f407c3a64054c13dbbdf
ecd02eea9d41f6282fcaaffc84dbefc1fedb58a2
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
GET /template/m1938pc/images/loading.svg HTTP/1.1
Host: www.baxiyazi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:59 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Sun, 09 Jan 2022 08:39:26 GMT
etag: "61da9f3e-1fa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.baxiyazi.xyz/template/m1938pc/baidu/960.gif
173.231.57.226200 OK 4.7 kB URL HTTP/2 www.baxiyazi.xyz/template/m1938pc/baidu/960.gif
IP 173.231.57.226:0
File type PNG image data, 1440 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash d646ac0d3f6527f695529ac117232aa8
fdd0d1f51a7568d58665d70de303e261fb608c83
0fef174759ab23ad9e762f7851675d4fe094be2cf37e8863aa6d4aa8cf7505b6
GET /template/m1938pc/baidu/960.gif HTTP/1.1
Host: www.baxiyazi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:59 GMT
content-type: image/gif
content-length: 4720
last-modified: Wed, 23 Nov 2022 12:50:10 GMT
etag: "637e1702-1270"
expires: Wed, 28 Dec 2022 18:09:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.baxiyazi.xyz/template/m1938pc/baidu/250.jpg
173.231.57.226200 OK 89 kB URL HTTP/2 www.baxiyazi.xyz/template/m1938pc/baidu/250.jpg
IP 173.231.57.226:0
File type GIF image data, version 89a, 267 x 160\012- data
Hash 482e725b00bf18359cae59cd413aea13
aaf8f22b9470066e250989a25a09a7486c3aaf28
85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083
GET /template/m1938pc/baidu/250.jpg HTTP/1.1
Host: www.baxiyazi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:59 GMT
content-type: image/jpeg
content-length: 89034
last-modified: Wed, 21 Sep 2022 15:00:50 GMT
etag: "632b2722-15bca"
expires: Wed, 28 Dec 2022 18:09:59 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d6370d40875cc13a34866797bbe1b31d
f7ae466676364f5a160a4429b1332260cdd71259
451a70f1fa15e5c89aea9f3d8a660db85c3e79daf234d5b999c1799dd4275d26
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "451A70F1FA15E5C89AEA9F3D8A660DB85C3E79DAF234D5B999C1799DD4275D26"
Last-Modified: Sun, 27 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4403
Expires: Mon, 28 Nov 2022 19:23:23 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
www.baxiyazi.xyz/template/m1938pc/images/video-mask.png
173.231.57.226200 OK 107 B URL HTTP/2 www.baxiyazi.xyz/template/m1938pc/images/video-mask.png
IP 173.231.57.226:0
File type PNG image data, 1 x 46, 8-bit gray+alpha, non-interlaced\012- data
Hash 6a5ee87ff75437cb480df839f36004fd
eac66370f99601cb7febef320c9540d4593cd856
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
GET /template/m1938pc/images/video-mask.png HTTP/1.1
Host: www.baxiyazi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:10:00 GMT
content-type: image/png
content-length: 107
last-modified: Tue, 04 Jan 2022 15:14:24 GMT
etag: "61d46450-6b"
expires: Wed, 28 Dec 2022 18:10:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.baxiyazi.xyz/template/m1938pc/images/video-play.png
173.231.57.226200 OK 1.6 kB URL HTTP/2 www.baxiyazi.xyz/template/m1938pc/images/video-play.png
IP 173.231.57.226:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: www.baxiyazi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/template/m1938pc/css/zui.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:10:00 GMT
content-type: image/png
content-length: 1567
last-modified: Tue, 04 Jan 2022 15:14:22 GMT
etag: "61d4644e-61f"
expires: Wed, 28 Dec 2022 18:10:00 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0edc793bb9b72fb7ca7d72fe0e760c53
448b2879deaf1589d9091d501691e3c86c1e55ae
6abc9b8636cf1b0b4c3db626dd8dda756c007d8a5cf5e1c1bb789f47dec3a3e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6ABC9B8636CF1B0B4C3DB626DD8DDA756C007D8A5CF5E1C1BB789F47DEC3A3E3"
Last-Modified: Sun, 27 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=952
Expires: Mon, 28 Nov 2022 18:25:52 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash bea2d76faa15418095ff0a03c19f099a
226225816fffc044d5d1809c5c18c6dfa6337bd0
97732f2da51fb87f606c8433778bf6c26954d28347cf0a479a9e24a7bdd37e26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4325
Cache-Control: max-age=134430
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:10:00 GMT
Etag: "638452b1-116"
Expires: Wed, 30 Nov 2022 07:30:30 GMT
Last-Modified: Mon, 28 Nov 2022 06:18:25 GMT
Server: ECS (amb/6B7C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash bea2d76faa15418095ff0a03c19f099a
226225816fffc044d5d1809c5c18c6dfa6337bd0
97732f2da51fb87f606c8433778bf6c26954d28347cf0a479a9e24a7bdd37e26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4325
Cache-Control: max-age=134430
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:10:00 GMT
Etag: "638452b1-116"
Expires: Wed, 30 Nov 2022 07:30:30 GMT
Last-Modified: Mon, 28 Nov 2022 06:18:25 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4f40fcacef118a33adfdeb897b65965
37241c9c82b3851255973a9ea753612cb105b6fa
81642968f20fc9ca5e29743629c4b48cc56fde5a116b7f4bd80caf076156fd63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81642968F20FC9CA5E29743629C4B48CC56FDE5A116B7F4BD80CAF076156FD63"
Last-Modified: Sun, 27 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14910
Expires: Mon, 28 Nov 2022 22:18:30 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
kvhdd.com/3d2937201b5e8815339d007a969c7bca.gif
170.178.176.170301 Moved Permanently 162 B URL HTTP/2 kvhdd.com/3d2937201b5e8815339d007a969c7bca.gif
IP 170.178.176.170:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /3d2937201b5e8815339d007a969c7bca.gif HTTP/1.1
Host: kvhdd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 18:09:59 GMT
content-type: text/html
content-length: 162
location: https://kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 82927611a8c787e7be944e85b926e59f
33a982a4cc16216dc0da624cbc7ac7e304458a85
47eb83f37816ea6ca6470c3d59a7833199821d45e0ba5752ffd181d02f048bc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47EB83F37816EA6CA6470C3D59A7833199821D45E0BA5752FFD181D02F048BC5"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5347
Expires: Mon, 28 Nov 2022 19:39:07 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
kvhmm.com/5695caa3c75442471b318b11bd814d6b.gif
137.175.13.78301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/5695caa3c75442471b318b11bd814d6b.gif
IP 137.175.13.78:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /5695caa3c75442471b318b11bd814d6b.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 18:10:00 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/5695caa3c75442471b318b11bd814d6b.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
137.175.13.78301 Moved Permanently 162 B URL HTTP/2 kvhmm.com/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 137.175.13.78:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvhmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 18:10:00 GMT
content-type: text/html
content-length: 162
location: https://kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?42389744f138b489fe9a80a7182b731c
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?42389744f138b489fe9a80a7182b731c
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 9fe3b584828632307ec5b5b5129bb844
f5e160a06d8f974d38c2f6af2a41e74600da3184
c72d354d1691a1324cc85ad7ee457bc98ac9d4ab59d59fbda59437f0097d3ad2
GET /hm.js?42389744f138b489fe9a80a7182b731c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 18:10:00 GMT
Etag: 89f78d5ff3b6c07e6b43286d49820c0f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1B0819976C6D8867; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash bea2d76faa15418095ff0a03c19f099a
226225816fffc044d5d1809c5c18c6dfa6337bd0
97732f2da51fb87f606c8433778bf6c26954d28347cf0a479a9e24a7bdd37e26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4325
Cache-Control: max-age=134430
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:10:00 GMT
Etag: "638452b1-116"
Expires: Wed, 30 Nov 2022 07:30:30 GMT
Last-Modified: Mon, 28 Nov 2022 06:18:25 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 41349951cfc039c3d0164e308ed5ca59
2862b0d10d43130e0a97412b89f60c4475d203ea
1aeaf8bf987d32b590937307e277b5b741a6365cd53e8c260f222c02ba93578d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1AEAF8BF987D32B590937307E277B5B741A6365CD53E8C260F222C02BA93578D"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7209
Expires: Mon, 28 Nov 2022 20:10:09 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
hm.baidu.com/hm.js?7a3389e90bc644392baa05bd3db255ad
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?7a3389e90bc644392baa05bd3db255ad
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash 4f76a13d3bd7d0f5bc282996e3fa7096
af1f0c8b5ee259ca9634c8f455101142efb28b75
a642757d89d2a10587130df8131abdd9e971cf441a20a9a7bab6f8e089e92a45
GET /hm.js?7a3389e90bc644392baa05bd3db255ad HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 18:10:00 GMT
Etag: 39ab5193b1e997b8567b5cdc556277ab
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=BA322CF32887E5E2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
aooacctp.vip/lm/ynv101.gif
172.67.161.53200 OK 93 kB URL HTTP/2 aooacctp.vip/lm/ynv101.gif
IP 172.67.161.53:0
File type GIF image data, version 89a, 267 x 160\012- data
Hash 6af55e696a3056459665405611798726
7d861da02f9418745ee9604189fff2171c5ff1da
6f00cbdeeff74818e913ccacf6d3689d14207c812ba74eee25aabf505a2d6e17
GET /lm/ynv101.gif HTTP/1.1
Host: aooacctp.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 18:10:00 GMT
content-type: image/gif
content-length: 92748
last-modified: Sun, 29 May 2022 06:37:27 GMT
etag: "629314a7-16a4c"
expires: Sat, 24 Dec 2022 05:40:19 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 350165
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWZ0mHNRgwClts3J0cB0H4%2Bh4op92FhJeFoJjSZ2XdzhsMQyg70qVxGlsrfbr1i8RpxOLSvQSynwDLEPnLoY9XQDSO%2B32ce%2BcNP9HX4%2FuhLYOh78ugkECY9LT1Sufdc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77150ed0e8c8b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 41349951cfc039c3d0164e308ed5ca59
2862b0d10d43130e0a97412b89f60c4475d203ea
1aeaf8bf987d32b590937307e277b5b741a6365cd53e8c260f222c02ba93578d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1AEAF8BF987D32B590937307E277B5B741A6365CD53E8C260F222C02BA93578D"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7209
Expires: Mon, 28 Nov 2022 20:10:09 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
img.1203555.com/images/6378f4d1a2db6d54e936bb32.gif
185.239.226.23302 Found 503 B URL HTTP/2 img.1203555.com/images/6378f4d1a2db6d54e936bb32.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
Hash 55962c217faf98c1cee58d9709b84dd2
88f149855e2c2f8857a6053cea1c074c31268b77
97d9cb89905a1397454c57d947cc9ca58791b1306b2870075d128975a5b3730b
GET /images/6378f4d1a2db6d54e936bb32.gif HTTP/1.1
Host: img.1203555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/768200bb81024cb5a712dfc930b49edd
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 149b4f0aa975981e1a4d7cf417d3827d
b39f59bdaede098a563b69bb7acc68261d0b79c1
549e28f425cb9c2f271015c4617bde6ba6c01fb9dd7434caa55114488631679a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "549E28F425CB9C2F271015C4617BDE6BA6C01FB9DD7434CAA55114488631679A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5507
Expires: Mon, 28 Nov 2022 19:41:47 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8c860f6cc16cec53769d4433e6f0ddf2
2bf2252d9f68bdb1504969d1216a0e9f1873a865
7107d5b0e028993ce463eb29eebae9f15bcd8ff4403a0d15f909861ef9e676c5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:10:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 10:05:42 GMT
Expires: Sat, 03 Dec 2022 10:05:41 GMT
Etag: "2bf2252d9f68bdb1504969d1216a0e9f1873a865"
Cache-Control: max-age=402340,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77150ed24cd3fab4-OSL
kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif
104.21.233.167200 OK 631 kB URL HTTP/2 kvtlll.top/3d2937201b5e8815339d007a969c7bca.gif
IP 104.21.233.167:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 631 kB (631088 bytes)
Hash 64fbc8087436743e9e2a7d252b9d261c
5ad442d4dda6ee04f4029fb0ada6249689bd7ff3
4a06886a49926cf2a0467794987e296de19189a1b3e6d2add0fd93be42d07e2f
GET /3d2937201b5e8815339d007a969c7bca.gif HTTP/1.1
Host: kvtlll.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.baxiyazi.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 18:10:00 GMT
content-type: image/gif
content-length: 631088
last-modified: Mon, 03 Oct 2022 14:32:48 GMT
etag: "633af290-9a130"
expires: Sun, 18 Dec 2022 02:16:35 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 921205
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FYwF85OW2zQ5UfMc4PlunSl%2B5uSTfTaumkcT03NzZ8f8H8qvha3rjzehtXFqT0luD0EH%2Fmt6ez8xZ9zcTCUldGl5KYEZ70s%2BY0qGMbUcvY2yz5EBd9FEIzuEXXN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77150ed22f8d76ef-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8a6f010733f26c8072eb620d8fc28985
577f575177723c7d17767299afdd691e6b08ceb4
45ae4592bd397975b84bc808abefabad16df272a0ed913a58d4c99b483c5c1b6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "45AE4592BD397975B84BC808ABEFABAD16DF272A0ED913A58D4C99B483C5C1B6"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=306
Expires: Mon, 28 Nov 2022 18:15:06 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8a6f010733f26c8072eb620d8fc28985
577f575177723c7d17767299afdd691e6b08ceb4
45ae4592bd397975b84bc808abefabad16df272a0ed913a58d4c99b483c5c1b6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "45AE4592BD397975B84BC808ABEFABAD16DF272A0ED913A58D4C99B483C5C1B6"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=306
Expires: Mon, 28 Nov 2022 18:15:06 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 149b4f0aa975981e1a4d7cf417d3827d
b39f59bdaede098a563b69bb7acc68261d0b79c1
549e28f425cb9c2f271015c4617bde6ba6c01fb9dd7434caa55114488631679a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "549E28F425CB9C2F271015C4617BDE6BA6C01FB9DD7434CAA55114488631679A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5507
Expires: Mon, 28 Nov 2022 19:41:47 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1990421257&si=42389744f138b489fe9a80a7182b731c&su=https%3A%2F%2Fzhong.babayazi.site%2F&v=1.3.0&lv=1&sn=23805&r=0&ww=1268&u=https%3A%2F%2Fwww.baxiyazi.xyz%2F&tt=%E9%B8%AD%E5%AD%90TV%E8%A7%86%E9%A2%91%E7%BD%91%20%E5%9C%A8%E7%BA%BF%E5%85%8D%E8%B4%B9%E7%94%B5%E5%BD%B1
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1990421257&si=42389744f138b489fe9a80a7182b731c&su=https%3A%2F%2Fzhong.babayazi.site%2F&v=1.3.0&lv=1&sn=23805&r=0&ww=1268&u=https%3A%2F%2Fwww.baxiyazi.xyz%2F&tt=%E9%B8%AD%E5%AD%90TV%E8%A7%86%E9%A2%91%E7%BD%91%20%E5%9C%A8%E7%BA%BF%E5%85%8D%E8%B4%B9%E7%94%B5%E5%BD%B1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1990421257&si=42389744f138b489fe9a80a7182b731c&su=https%3A%2F%2Fzhong.babayazi.site%2F&v=1.3.0&lv=1&sn=23805&r=0&ww=1268&u=https%3A%2F%2Fwww.baxiyazi.xyz%2F&tt=%E9%B8%AD%E5%AD%90TV%E8%A7%86%E9%A2%91%E7%BD%91%20%E5%9C%A8%E7%BA%BF%E5%85%8D%E8%B4%B9%E7%94%B5%E5%BD%B1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 18:10:00 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=258105A17D86494F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=283868459&si=7a3389e90bc644392baa05bd3db255ad&su=https%3A%2F%2Fzhong.babayazi.site%2F&v=1.3.0&lv=1&sn=23805&r=0&ww=1268&u=https%3A%2F%2Fwww.baxiyazi.xyz%2F&tt=%E9%B8%AD%E5%AD%90TV%E8%A7%86%E9%A2%91%E7%BD%91%20%E5%9C%A8%E7%BA%BF%E5%85%8D%E8%B4%B9%E7%94%B5%E5%BD%B1
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=283868459&si=7a3389e90bc644392baa05bd3db255ad&su=https%3A%2F%2Fzhong.babayazi.site%2F&v=1.3.0&lv=1&sn=23805&r=0&ww=1268&u=https%3A%2F%2Fwww.baxiyazi.xyz%2F&tt=%E9%B8%AD%E5%AD%90TV%E8%A7%86%E9%A2%91%E7%BD%91%20%E5%9C%A8%E7%BA%BF%E5%85%8D%E8%B4%B9%E7%94%B5%E5%BD%B1
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=283868459&si=7a3389e90bc644392baa05bd3db255ad&su=https%3A%2F%2Fzhong.babayazi.site%2F&v=1.3.0&lv=1&sn=23805&r=0&ww=1268&u=https%3A%2F%2Fwww.baxiyazi.xyz%2F&tt=%E9%B8%AD%E5%AD%90TV%E8%A7%86%E9%A2%91%E7%BD%91%20%E5%9C%A8%E7%BA%BF%E5%85%8D%E8%B4%B9%E7%94%B5%E5%BD%B1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 18:10:00 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8353A38B1744DBF1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
104.21.233.215200 OK 383 kB URL HTTP/2 kvtfff.top/00c29a5aaa123e92dfbe45402e3c79b1.gif
IP 104.21.233.215:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 383 kB (383218 bytes)
Hash 4c8d1145a8990f5db374bf490eaaedf3
20a774fba3e70db44f9b247c9cbc36717d1bcb54
a692017bfeefe2bb565d2148c962984df0022cf636e6bebce0d9bfff5dae26aa
GET /00c29a5aaa123e92dfbe45402e3c79b1.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.baxiyazi.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 18:10:00 GMT
content-type: image/gif
content-length: 383218
last-modified: Fri, 16 Sep 2022 11:54:31 GMT
etag: "632463f7-5d8f2"
expires: Sun, 25 Dec 2022 13:44:25 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 275135
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BX%2FngGNCt1t%2F5beKH4wkrt6b4A7C5zmnwBuFLx%2BGPhuchQr8kiGA8ehdDO1MwjII7P%2FRnDhT7il9EPuSPr0VyEHDIE5eR2bUkuI3B63XaZHddtZkguFLPoRj0BM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77150ed2feae743b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kvtfff.top/5695caa3c75442471b318b11bd814d6b.gif
104.21.233.215200 OK 623 kB URL HTTP/2 kvtfff.top/5695caa3c75442471b318b11bd814d6b.gif
IP 104.21.233.215:0
File type GIF image data, version 89a, 960 x 180\012- data
Size 623 kB (622666 bytes)
Hash 8c88555ff7afe1cd5c0efc9e42c76ded
7323660f52f2f8b2f0f7871da1037f9330d27a64
c5e68e6820d12620927f1975cee58080f91510889ef2bbce7b30c7f87bd39b82
GET /5695caa3c75442471b318b11bd814d6b.gif HTTP/1.1
Host: kvtfff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.baxiyazi.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 18:10:00 GMT
content-type: image/gif
content-length: 622666
last-modified: Sat, 26 Nov 2022 07:58:39 GMT
etag: "6381c72f-9804a"
expires: Mon, 26 Dec 2022 09:08:04 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 205316
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NaPai7yb618BXQ%2FkKRxvcsnltYMRg%2B8iqZJLrKxZPiMFuwzYPXrVdT%2Br1TarPsE3s0WwULdnzC4wSkb6v%2BqsLqCR86rAEMjLOONY7tTvQfLaB2aVMz2Hf1yhGi5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77150ed2fec4743b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8b83727cd698222b72e806c03854d92b
5bb9865120ed157915b0ab8ef20f4b739872a049
de113af91ded329f22dddc5b6d296fe208fe9c23e97eee06bb75b8a8e7970228
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DE113AF91DED329F22DDDC5B6D296FE208FE9C23E97EEE06BB75B8A8E7970228"
Last-Modified: Sat, 26 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20038
Expires: Mon, 28 Nov 2022 23:43:58 GMT
Date: Mon, 28 Nov 2022 18:10:00 GMT
Connection: keep-alive
www.baxiyazi.xyz/template/m1938pc/css/ate.css
173.231.57.226200 OK 15 kB URL HTTP/2 www.baxiyazi.xyz/template/m1938pc/css/ate.css
IP 173.231.57.226:0
Hash a497bbf38b891bfc4bd90267b6494ed4
dfb2ba1aa26353d673f41ba16690f6ff8e01ee06
75072ab1c6321c023603e25f84413897ea27def99a8a90edcbe81ecfccfa872d
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: www.baxiyazi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:59 GMT
content-type: text/css
last-modified: Tue, 04 Jan 2022 15:13:26 GMT
vary: Accept-Encoding
etag: W/"61d46416-126e4"
expires: Tue, 29 Nov 2022 06:09:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
s2.loli.net/2022/09/29/tdXTyV9MaCQcozn.gif
104.26.0.190200 OK 331 kB URL HTTP/2 s2.loli.net/2022/09/29/tdXTyV9MaCQcozn.gif
IP 104.26.0.190:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 331 kB (331178 bytes)
Hash 19bbb1fc671449b1a4f6c50d268c147b
277b6ee39bf5fc13323ee3910c9f6a2bb86d0b1d
86d75eebf3a6762b433abceecbaeaf4eabd89d2fd2ec5c593e71e86d70c428fe
GET /2022/09/29/tdXTyV9MaCQcozn.gif HTTP/1.1
Host: s2.loli.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 18:10:00 GMT
content-type: image/gif
content-length: 331178
last-modified: Thu, 29 Sep 2022 09:54:38 GMT
etag: "63356b5e-50daa"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept, Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMyYTPyo5YF0MK44RtKbHfGDffaEDdCdR8hZWWktOolzSEBMOqVTIUOaQyPHXJe1Q1dC9azytq%2FKfUK%2BXYDsX861zRUB3VWt4iFxENCFQLDmUPgqn6fwn8j3e5%2Fy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77150ecefa8db529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2dcd02f5e606a5de0774b49602d0b822
7745b6c7971f36e45d31df200626183f63b8db3f
9a386f7a255fc7ce125c07918a313d8877cdc084d5f5874eccfe116d7dfb2dbd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:10:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 20:52:34 GMT
Expires: Fri, 02 Dec 2022 20:52:33 GMT
Etag: "7745b6c7971f36e45d31df200626183f63b8db3f"
Cache-Control: max-age=354752,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77150ed249b9b509-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2db77de8cd9f561c89e82c3cc121f657
3cfdf7e959e288d04fa8eecee461533178db4db2
c92ed85f05902ddb2b113d13fae24d9e9982b9439aeb0b182352fe78c6ffb3a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:10:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 16:16:55 GMT
Expires: Sun, 04 Dec 2022 16:16:54 GMT
Etag: "3cfdf7e959e288d04fa8eecee461533178db4db2"
Cache-Control: max-age=511013,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77150ed24f67b512-OSL
www.baxiyazi.xyz/template/m1938pc/css/zui.css
173.231.57.226200 OK 29 kB URL HTTP/2 www.baxiyazi.xyz/template/m1938pc/css/zui.css
IP 173.231.57.226:0
Hash a600e3cabda2714951801e81a81fb128
e9672eb364d3e1f928d1246345e39f037ab6dc0d
5ce109cb73ddb390d811067999bb05f78fcfc44dbdbe0ccd41e0857fbd5949ac
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: www.baxiyazi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:59 GMT
content-type: text/css
last-modified: Sun, 09 Jan 2022 12:48:44 GMT
vary: Accept-Encoding
etag: W/"61dad9ac-164b3"
expires: Tue, 29 Nov 2022 06:09:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash eceb80e0cc6d0bf508d07eb6ca1815cd
59cc8072a5f6f157d18ef32bee9c09bf4bddb504
170807983ebafae8a64338433ed0d1de2e175e39e859cb8cd10b474ea8c05fa8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3697
Cache-Control: max-age=103602
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:10:01 GMT
Etag: "6383dcba-2d7"
Expires: Tue, 29 Nov 2022 22:56:43 GMT
Last-Modified: Sun, 27 Nov 2022 21:55:06 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash eceb80e0cc6d0bf508d07eb6ca1815cd
59cc8072a5f6f157d18ef32bee9c09bf4bddb504
170807983ebafae8a64338433ed0d1de2e175e39e859cb8cd10b474ea8c05fa8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5270
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 18:10:01 GMT
Etag: "6383dcba-2d7"
Last-Modified: Mon, 28 Nov 2022 16:42:12 GMT
Server: ECS (amb/6B7C)
X-Cache: HIT
Content-Length: 727
p3.douyinpic.com/obj/tos-cn-i-dy/43393ed4a7234f5f91de34404bf15079
47.246.44.230200 OK 440 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/43393ed4a7234f5f91de34404bf15079
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 440 kB (439790 bytes)
Hash 07ad6948d174b603a75e166a521bbb04
d08af2d0fc9693ce636e66cbb89277875d7954f4
40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b
GET /obj/tos-cn-i-dy/43393ed4a7234f5f91de34404bf15079 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 439790
date: Fri, 18 Nov 2022 08:16:00 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 18 Nov 2022 08:12:49 GMT
nw-session-id: 202211181612490101750910702E03FD82ktvft03dy
nw-session-trace: 2022-11-18T16:12:49.439656399+08:00 31
x-bdcdn-cache-status: TCP_HIT
x-length: 439790
x-powered-by: ImageX
x-response-date: Fri, 18 Nov 2022 16:12:49 GMT
x-tt-logid: 202211181612490101750910702E03FD82
via: n204-097-238, cache19.l2de2[168,167,206-0,M], cache8.l2de2[170,0], cache8.l2de2[170,0], cache3.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc01:25:346::75
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 013b8ae2e184e41e031b3767ca5bb8b0168a082c1b335a9db0d9b1023c9e7249bf5d521e933f02a6ace2112edb49b6cf17f9160aa00d0f90eea73d979eab87d321f48661084a7743d4d8f2b7d17d06b81d88e86dc4627b71443c9ffcd8dde7406d
x-response-lb: image
ali-swift-global-savetime: 1668759360
age: 899641
x-cache: HIT TCP_MEM_HIT dirn:1:439088659
x-swift-savetime: Fri, 18 Nov 2022 08:16:00 GMT
x-swift-cachetime: 31536000
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816696590010132185e
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/768200bb81024cb5a712dfc930b49edd
47.246.44.230200 OK 420 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/768200bb81024cb5a712dfc930b49edd
IP 47.246.44.230:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 420 kB (420442 bytes)
Hash 7020ecb5ebdf5d2d41668f76d36f5982
30c768ceb1463fffc0145f1e73c808f8f6d2bb51
3a55db6e5e4fa541729efffaa932549e491e07af768e1c3c3d1dad65ae53a8bb
GET /obj/tos-cn-i-dy/768200bb81024cb5a712dfc930b49edd HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 420442
date: Sun, 20 Nov 2022 11:16:39 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sun, 20 Nov 2022 11:16:39 GMT
nw-session-id: 2022112019163901015110820800FE9F59q7rmw01dy
nw-session-trace: 2022-11-20T19:16:39.726682166+08:00 193
x-bdcdn-cache-status: TCP_MISS
x-length: 420442
x-powered-by: ImageX
x-response-date: Sun, 20 Nov 2022 19:16:39 GMT
x-tt-logid: 2022112019163901015110820800FE9F59
via: n150-059-226, cache3.l2de2[0,0,206-0,H], cache20.l2de2[2,0], cache20.l2de2[2,0], cache7.se1[0,0,200-0,H], cache4.se1[1,0]
x-request-ip: fdbd:dc02:20:372::208
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01cb07c08b53430ecfeef01fd5677038e53ef9b88af80b99344298b35ddbab9003f96263fca4745cd3e90bb9acd007da4744624695f0b4ca6037926223115a6dfe85bf391464c19be7b2b36135de1fddf65f1d3d9103b809fd0dc5fdcf022b2e9b
x-response-lb: image
ali-swift-global-savetime: 1668943000
age: 716001
x-cache: HIT TCP_MEM_HIT dirn:11:112351577
x-swift-savetime: Sun, 20 Nov 2022 12:06:25 GMT
x-swift-cachetime: 31533015
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9816696590010162187e
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 462fb3feea060635f08f302144ed3740
78a22979af2c6f6dd549b490306b9a9cab311527
b7dc680c3caec7d781da61682ca4431786d40e42e0f5b96f1781bb3dba91bfed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 11:55:15 GMT
Expires: Sat, 03 Dec 2022 11:55:14 GMT
Etag: "78a22979af2c6f6dd549b490306b9a9cab311527"
Cache-Control: max-age=408912,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77150ed59939fab4-OSL
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash fa0acaa1fb3ca19ec28b115fb36f5481
b649f0edad44702aa826dd879527f7269c96afe2
ce3d2a548038fba368ff3f9b80eedb3b172bc1027aa27385ee154d38ea5efe0c
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 28 Nov 2022 18:10:01 GMT
Last-Modified: Mon, 28 Nov 2022 00:18:55 GMT
ETag: "6383fe6f-1d7"
Expires: Wed, 30 Nov 2022 00:18:55 GMT
Cache-Control: max-age=108534
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1669659001
Via: cache8.l2de2[474,474,200-0,M], cache8.l2de2[475,0], cache3.se1[497,497,200-0,M], cache3.se1[498,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 28 Nov 2022 18:10:01 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716696590008045403e
taiwtp1.com/xin/96080.gif
220.128.218.220200 OK 122 kB URL HTTP/2 taiwtp1.com/xin/96080.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 80\012- data
Size 122 kB (122193 bytes)
Hash 4293cc73ff1bcc11cfb9a5582a08c8f5
a3307ecff7a2be9d0740c530d6325ff1ed355b8c
ee86f9a233f1b754a8c67ec8b9120f4c5b4df290396ca690d41d54e5b2d528b5
GET /xin/96080.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:07:34 GMT
content-type: image/gif
content-length: 122193
last-modified: Thu, 20 Oct 2022 07:11:02 GMT
etag: "6350f486-1dd51"
expires: Wed, 28 Dec 2022 18:07:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
si1.go2yd.com/get-image/0xmAGT9KS9C
163.171.140.79200 OK 118 kB URL HTTP/2 si1.go2yd.com/get-image/0xmAGT9KS9C
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 640 x 200\012- data
Size 118 kB (117593 bytes)
Hash c4caa37b717580e8594587f32ca86470
a645ec82581a0b18f67444b62a062059adf78aa6
208bafb1df6fa8b7929896b30415514e2dc59312332ec26aff058767fa81f269
GET /get-image/0xmAGT9KS9C HTTP/1.1
Host: si1.go2yd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 18:10:01 GMT
content-type: image/gif
content-length: 117593
server: Tengine
x-application-context: application
x-kss-request-id: 9a211df897c146b99866a236ff549e2f
etag: "c4caa37b717580e8594587f32ca86470"
content-md5: xMqje3F1gOhZRYfzLKhkcA==
last-modified: Thu, 10 Feb 2022 15:30:06 GMT
accept-ranges: bytes
age: 1
x-via: 1.1 PSbjwjBGP2ih137:4 (Cdn Cache Server V2.0), 1.1 PSzjnbsxkx232:7 (Cdn Cache Server V2.0), 1.1 tb118:13 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1cc96:12 (Cdn Cache Server V2.0)
x-ws-request-id: 6384f979_PShlamstdAMS1vj92_8886-15726
access-control-allow-origin: *
ws-s2h-acc-level: 1
X-Firefox-Spdy: h2
p1.meituan.net/csc/60393bbfab3aac9d2d4b557ba0752c41570462.gif
211.152.148.78200 OK 570 kB URL HTTP/2 p1.meituan.net/csc/60393bbfab3aac9d2d4b557ba0752c41570462.gif
IP 211.152.148.78:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 570 kB (570462 bytes)
Hash 60393bbfab3aac9d2d4b557ba0752c41
4da3fa5126e9b68041eec58e3b794b28565ddd0a
b7c0b7710cec9c28a60532612d277bfe56400b95f4f524eb7d049a7b4ea73750
GET /csc/60393bbfab3aac9d2d4b557ba0752c41570462.gif HTTP/1.1
Host: p1.meituan.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 18:10:00 GMT
content-type: image/gif
content-length: 570462
server: NWS_Oversea_AP
cache-control: max-age=5184000
expires: Fri, 27 Jan 2023 18:10:00 GMT
last-modified: Thu, 12 Jan 2023 08:33:20 GMT
x-nws-log-uuid: 7012fabb-d9fc-4f17-840d-61b92a8ff9a1
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-nws-uuid-verify: 63e2a4751589e2da712b85108a270fd3
m-traceid: ielgppvwea5a9qsd3qtc
age: 0
timing-allow-origin: *
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
X-Firefox-Spdy: h2
gg72a1.com/gg/960x60-2.gif
137.175.13.103200 OK 567 kB URL HTTP/2 gg72a1.com/gg/960x60-2.gif
IP 137.175.13.103:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 567 kB (566629 bytes)
Hash c9fa1542af8b7e568dc7b3a56522b833
1449fff789834cb44c300d12d770eeb251a4bbd5
7db19a9e96ed52f61b3b4c76bf6cac9259ae0b3e9d18eb597320c30a0e4e1e90
GET /gg/960x60-2.gif HTTP/1.1
Host: gg72a1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:12:20 GMT
content-type: image/gif
content-length: 566629
last-modified: Tue, 01 Nov 2022 07:49:47 GMT
etag: "6360cf9b-8a565"
expires: Wed, 28 Dec 2022 18:12:20 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash b4bb0aab966ff5f71649477240b6d5fe
b46556944c96f003b2b44ac53338568296d71a7f
65f2ea3de706aada1c66a007107a4304cad729d8089ee93e5ef109c676411e8d
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 16:51:39 GMT
ETag: "b46556944c96f003b2b44ac53338568296d71a7f"
Last-Modified: Mon, 28 Nov 2022 16:51:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1857
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77150ed7bc040b51-OSL
339282bdb.com/62b8c8244a6e459e951eff0d21918a00.gif
45.61.212.60200 OK 452 kB URL HTTP/1.1 339282bdb.com/62b8c8244a6e459e951eff0d21918a00.gif
IP 45.61.212.60:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 452 kB (452273 bytes)
Hash df16374d7e4ccf1c7ff3814012167dad
bf7f89f135684b9182f4dc5bd4dd296060427eef
670f99c726a10b701a44db00b29b694b79a4461185e623e3e8b5f766d287a54f
Analyzer Verdict Alert quad9 Sinkholed
GET /62b8c8244a6e459e951eff0d21918a00.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6376116e-6e6b1"
Date: Sun, 20 Nov 2022 04:59:34 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 17 Nov 2022 10:48:14 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-30
Content-Length: 452273
www.baxiyazi.xyz/template/m1938pc/static/js/jquery.lazyload.min.js
173.231.57.226200 OK 11 kB URL HTTP/2 www.baxiyazi.xyz/template/m1938pc/static/js/jquery.lazyload.min.js
IP 173.231.57.226:0
Hash 7cad1c890241dd791e3adf703a0c63b5
f981b6b501b408f0af718cf49375b2fafec97123
38d6b4a040025a32464246d8e120e585b6b0ee2a19f90b572d9c984dd5b17924
GET /template/m1938pc/static/js/jquery.lazyload.min.js HTTP/1.1
Host: www.baxiyazi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:59 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:08:24 GMT
vary: Accept-Encoding
etag: W/"61d99ad8-d35"
expires: Tue, 29 Nov 2022 06:09:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b18b5da0170c02161720b237b11521da
d923bb1d21c80b24212c2676c4d5b55b290c79a0
741f04dc02eac3466b19c5148e31cd0734b90bd25432e510fea3d1488d5fc4fe
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 18:10:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 04:52:22 GMT
Expires: Mon, 05 Dec 2022 04:52:21 GMT
Etag: "d923bb1d21c80b24212c2676c4d5b55b290c79a0"
Cache-Control: max-age=556339,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77150ed80b2ab512-OSL
dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
104.110.17.24200 OK 415 kB URL HTTP/2 dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 415 kB (414559 bytes)
Hash 1a2cba8175d957d2379d06e6d2d4250d
190eb918616fa53aaca8a53b917f2627e626fecc
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
GET /images/0Z05r12000a1q2ru71C64.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 414559
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 7
x-edgeconnect-origin-mex-latency: 99
cache-control: max-age=7492589
expires: Thu, 23 Feb 2023 11:26:30 GMT
date: Mon, 28 Nov 2022 18:10:01 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
362728tdg.com/4830681e6f4c4e689ac647ff2f85590c.gif
45.61.212.130200 OK 426 kB URL HTTP/1.1 362728tdg.com/4830681e6f4c4e689ac647ff2f85590c.gif
IP 45.61.212.130:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 426 kB (425642 bytes)
Hash 05224c1ad7b782f551cbccdcf9f27fa5
c6ee7c8a6a149c7bd96c9e25ac1784fdbca84eb0
0b24fd89f9a5bbd8278bccf94b310be958f495b91597c0bf0c8faa7980ab5897
Analyzer Verdict Alert quad9 Sinkholed
GET /4830681e6f4c4e689ac647ff2f85590c.gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637c9795-67eaa"
Date: Sun, 27 Nov 2022 06:30:02 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 22 Nov 2022 09:34:13 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-30
Content-Length: 425642
5593qq.com/4e505b1ca99341bf91ae9a995dae4e43..gif
103.170.15.95200 OK 423 kB URL HTTP/1.1 5593qq.com/4e505b1ca99341bf91ae9a995dae4e43..gif
IP 103.170.15.95:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 423 kB (422791 bytes)
Hash bdeb53a7d3c2f219a7ae903a7346cd91
e5349fa31f22ce3605b9256c0a6e37def92b13b6
316319f597bb6dd3d686c46a51e67693243868108b798fa8174f8a124b6422b4
GET /4e505b1ca99341bf91ae9a995dae4e43..gif HTTP/1.1
Host: 5593qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "637c9847-67387"
Date: Thu, 24 Nov 2022 03:40:57 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Tue, 22 Nov 2022 09:37:11 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-25
Content-Length: 422791
www.baxiyazi.xyz/template/m1938pc/static/js/jquery.min.js
173.231.57.226200 OK 43 kB URL HTTP/2 www.baxiyazi.xyz/template/m1938pc/static/js/jquery.min.js
IP 173.231.57.226:0
Hash 2d0165d8b4f1175e9a04be3f58d86795
bda84f8bb050492eca1719685e507b619dd24435
9433814ce50e379a718818049414ee3e468ed18ffa19c22e3884c8ceca2f63cf
GET /template/m1938pc/static/js/jquery.min.js HTTP/1.1
Host: www.baxiyazi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:59 GMT
content-type: application/javascript
last-modified: Sat, 08 Jan 2022 14:07:34 GMT
vary: Accept-Encoding
etag: W/"61d99aa6-17b8b"
expires: Tue, 29 Nov 2022 06:09:59 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
img.9715x.com/images/63773e63d383e8d4961b9896.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.9715x.com/images/63773e63d383e8d4961b9896.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/63773e63d383e8d4961b9896.gif HTTP/1.1
Host: img.9715x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baxiyazi.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/43393ed4a7234f5f91de34404bf15079
X-Firefox-Spdy: h2
zhong.babayazi.site/news/data.php
173.231.57.254200 OK 0 B URL HTTP/2 zhong.babayazi.site/news/data.php
IP 173.231.57.254:0
GET /news/data.php HTTP/1.1
Host: zhong.babayazi.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zhong.babayazi.site/news/index.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 18:09:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2