r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2511
Expires: Fri, 03 Feb 2023 06:25:33 GMT
Date: Fri, 03 Feb 2023 05:43:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8145
Expires: Fri, 03 Feb 2023 07:59:27 GMT
Date: Fri, 03 Feb 2023 05:43:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4685
Expires: Fri, 03 Feb 2023 07:01:47 GMT
Date: Fri, 03 Feb 2023 05:43:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 05:36:10 GMT
content-type: application/json
age: 452
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6z2oUoaHYNmcAoW6Ba5B7+a/gQTdSxo2rDJZhMqcO0/1wFoJAipcbZ3f9L2WWjYoKEktEJW1VXs=
x-amz-request-id: BXXCW28B5HH6VEND
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 04:52:16 GMT
age: 3086
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.duoduoshu.life/
103.71.153.42200 OK 719 B IP 103.71.153.42:0
ASN #136933 Gigabitbank Global
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 314da88ad7f5f4ffaf3fa70edaaf5893
b1a8e2004850a37a3158d1f02b47f4945842abd0
43b3556543c495cf41715b6b895ebcccd6943e91166c91ee2dc76cec7b9fd6fc
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata medium ET INFO HTTP Request to Suspicious *.life Domain
GET / HTTP/1.1
Host: www.duoduoshu.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 05:43:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 719
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:42 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:43:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-216051326-1
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-216051326-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1759)
Hash f83bf096dd461bc057070f88aeeb204c
e9a74926cf785d0dfbad932d433fe8eee6f35874
c2a51ffb8bd2b1c983a13828592f46c2cf2a64ea1f5c77907be0d879bd9d085c
GET /gtag/js?id=UA-216051326-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.duoduoshu.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 05:43:43 GMT
expires: Fri, 03 Feb 2023 05:43:43 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:43:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.duoduoshu.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 03:44:08 GMT
expires: Fri, 03 Feb 2023 05:44:08 GMT
cache-control: public, max-age=7200
age: 7175
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 05:07:19 GMT
age: 2184
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.duoduoshu.life/favicon.ico
103.71.153.42404 Not Found 146 B URL HTTP/1.1 www.duoduoshu.life/favicon.ico
IP 103.71.153.42:0
ASN #136933 Gigabitbank Global
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata medium ET INFO HTTP Request to Suspicious *.life Domain
GET /favicon.ico HTTP/1.1
Host: www.duoduoshu.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.duoduoshu.life/
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 05:43:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 146
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2201
Expires: Fri, 03 Feb 2023 06:20:24 GMT
Date: Fri, 03 Feb 2023 05:43:43 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.148.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.148.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kWfDMiDI6emycsvWLmjKuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0Olj43Ds0a/DJkE3tAoBoZQ+a5g=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2915
Expires: Fri, 03 Feb 2023 06:32:20 GMT
Date: Fri, 03 Feb 2023 05:43:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2915
Expires: Fri, 03 Feb 2023 06:32:20 GMT
Date: Fri, 03 Feb 2023 05:43:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2915
Expires: Fri, 03 Feb 2023 06:32:20 GMT
Date: Fri, 03 Feb 2023 05:43:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:35 GMT
age: 28630
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25be2f94-83b7-4146-8731-b0accfe33aef.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25be2f94-83b7-4146-8731-b0accfe33aef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cab18376aee2aee9d031b54b3368d8fa
a76feccf026957190e6c4c3c5128067336722ab1
f340c33f348776655134db8524ab2f52acd1e0a50b8ef9c6b9b212e85e94a788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25be2f94-83b7-4146-8731-b0accfe33aef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6034
x-amzn-requestid: c28587af-167f-447c-8a6f-2aa0d42578d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY-pbEitIAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d377d5-54d61cd842eb18277c0d4ef4;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:05:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7pY4scTtFjENeC9raQt8dQXgrHyfLl_LNTkmGOhdZc8ls13Jov7spA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 20:45:03 GMT
age: 32322
etag: "a76feccf026957190e6c4c3c5128067336722ab1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4242d4999b7b033873b81a482c319c2
bc4c004065ce9f558f210d508844c123a85737a1
ab35a5c1a7c1a0a548aee3b9c301893799680ec1922c13e7a16d44ca457cd91d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7237
x-amzn-requestid: f6aa0d26-8df4-40fe-8984-1aac7c76097e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVr4jEdeIAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2269c-58a038d6491d8f461e9168d4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:07:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v2-PiZSoEbRhvxbdT2TUmJk9hDT08qpRhT6DhdEIU6nd3s2qL969Xg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:04 GMT
age: 27881
etag: "bc4c004065ce9f558f210d508844c123a85737a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae0083daa88e6b26c6525c51348d266c
676f55b22fdeee4f7737a48cb2b89d86aa371aae
89f6903260704061faf849549fd95e6f9cbbfcbbf93eaa17d32b96c5e4244d53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7159
x-amzn-requestid: 1d159649-0d8c-4806-8f42-585b985972ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuwSKF61IAMF5qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2da7-18fc268c5a719c1d19079001;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:39:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VyQrwAb5tjqPPPQbxf9Ee_zB1UvrnMPGjOHeRKEzyH6BBDazPUkXSA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:47:02 GMT
age: 28603
etag: "676f55b22fdeee4f7737a48cb2b89d86aa371aae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 26095
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 19121
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b1e35e880c834dfaf3cd473f059d12b
c6493fc6d9613af967b38e5b6f02651e84c4282a
c373d7ad307f63571f18b6fa9a7ae3115060f5461ffaf43e4b6e484e860a4860
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C373D7AD307F63571F18B6FA9A7AE3115060F5461FFAF43E4B6E484E860A4860"
Last-Modified: Thu, 02 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7404
Expires: Fri, 03 Feb 2023 07:47:09 GMT
Date: Fri, 03 Feb 2023 05:43:45 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:43:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-232123806-1
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-232123806-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1759)
Hash 578c9bae162b69e5f3f29574989c1b88
7a43cc5deb95a10ca14a9e49552dec1c1ed7f0c2
697868cf0cecc78a6172d1d05f05eddc3ae64561a1d97be06ec1611e62fc83e2
GET /gtag/js?id=UA-232123806-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 05:43:46 GMT
expires: Fri, 03 Feb 2023 05:43:46 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 08f10ceb3b8e874f7389220d5b9e219a
39414781213ce85413bf25be4795295cbee7f6e7
c4f10b661ce38ec341f3347b7d2d8c6333ecbce21ce005b22083f9ada55f8c73
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 924
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:43:47 GMT
Last-Modified: Fri, 03 Feb 2023 05:28:23 GMT
Server: ECS (amb/6BB4)
X-Cache: HIT
Content-Length: 727
s2.pstatp.com/cdn/expire-1-M/font-awesome/4.7.0/css/font-awesome.min.css
47.246.44.224200 OK 7.1 kB URL HTTP/2 s2.pstatp.com/cdn/expire-1-M/font-awesome/4.7.0/css/font-awesome.min.css
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type ASCII text, with very long lines (30837)
Hash 0ebb760c7d229fd1d2b3a63493306569
58961c039962ea4f5215caa2e0127a8658bcf847
18eecad8f04af6784d466cd2cad0337dea530bef457e6a7b3da473eea589b134
GET /cdn/expire-1-M/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: s2.pstatp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 7050
date: Tue, 24 Jan 2023 07:42:58 GMT
last-modified: Sat, 22 Jan 2022 22:37:37 GMT
vary: Accept-Encoding
etag: W/"61ec8731-7918"
expires: Thu, 23 Feb 2023 07:42:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
content-encoding: gzip
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01f29dcc67c4f155032c077aec2a6aa22739c4fcde564123c1732d0d30f66f59d3269e57de2049c449fc767928adb4ca4c044d35ed9a22935a6b9d6eb3a9d1d67db9c5a20491e4b522a00b99c2212a911e
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-tt-logid: 20230124154258F4749EE1F2F7D8772E0B
ali-swift-global-savetime: 1674546178
via: cache20.l2de2[0,0,200-0,H], cache6.l2de2[2,0], cache6.l2de2[2,0], cache2.se1[0,0,200-0,H], cache4.se1[1,0]
age: 856849
x-cache: HIT TCP_MEM_HIT dirn:11:430023986
x-swift-savetime: Tue, 24 Jan 2023 08:20:39 GMT
x-swift-cachetime: 2589739
x-response-cache: edge_hit
timing-allow-origin: *
eagleid: 2ff62c9816754030271262490e
X-Firefox-Spdy: h2
www.hgdaohang690.info/
112.121.163.131200 OK 3.8 kB IP 112.121.163.131:0
Hash 2bdcf9bd319bb0d44c1e971a24c00b30
3d5e09598c25a1bfc7ecd645ce7121157c8b25d6
bdf541ea531a1b273689fa89bb6a4fb77529df1ad906914800768f104b15c32b
GET / HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.duoduoshu.life/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:46 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
vary: Accept-Encoding
etag: W/"6369b895-4385"
x-powered-by: Lua 5.4.0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
X-Firefox-Spdy: h2
s2.pstatp.com/cdn/expire-1-M/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
47.246.44.224200 OK 77 kB URL HTTP/2 s2.pstatp.com/cdn/expire-1-M/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 47.246.44.224:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /cdn/expire-1-M/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: s2.pstatp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://s2.pstatp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/octet-stream
content-length: 77160
date: Thu, 02 Feb 2023 09:07:49 GMT
last-modified: Sat, 22 Jan 2022 22:37:36 GMT
etag: "61ec8730-12d68"
expires: Sat, 04 Mar 2023 09:07:44 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 011629ea96a70f1d4e51335145b1dfce2163d1ead33bb15ef5cc732c0e146f0698f2feb6f9078e3739145247a537fc84cb07c3d6fc86f66f1d45307db87f8dca7ef41276f5403c681999bcdd23629d844f
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-tt-logid: 202302021707493BC4B3A093309B0C20AD
accept-ranges: bytes
ali-swift-global-savetime: 1675328869
via: cache17.l2de2[0,0,304-0,H], cache26.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[1,0]
age: 74158
x-cache: HIT TCP_MEM_HIT dirn:11:98735385
x-swift-savetime: Thu, 02 Feb 2023 09:13:51 GMT
x-swift-cachetime: 2591638
x-response-cache: edge_hit
timing-allow-origin: *
eagleid: 2ff62c9716754030272833662e
X-Firefox-Spdy: h2
www.hgdaohang690.info/js/index.js
112.121.163.131200 OK 584 B URL HTTP/2 www.hgdaohang690.info/js/index.js
IP 112.121.163.131:0
Hash 30fc67c67b5b748fc9c1af4fda6bf8c8
e398063f473d962d5c4362252250aa5b525343ef
533fecdcdfcd9a966abdc441964a607ca3181ce5f529b9973874970e0166095f
GET /js/index.js HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 584
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-248"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/fyQRUZbhJTQ
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/fyQRUZbhJTQ
IP 142.250.74.163:0
Hash 1573a1f8a309ab62b95e2003aef8e411
af3061a7ac3eb9727e51905d51d894e55c189e46
bd45779594c6e6cc2998fca4a893e32660e15d4e2dc0eb362f7034f5ebac2b18
POST /s/gts1p5/fyQRUZbhJTQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:43:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hgdaohang690.info/alpinejs.js
112.121.163.131200 OK 17 kB URL HTTP/2 www.hgdaohang690.info/alpinejs.js
IP 112.121.163.131:0
Hash 4745a5c85ae66de2cf6b920fb7ea72d9
34dfcf311912bd9eb52acf5c785c79037fa9c274
7bacb98a549f27d9b6e9ca53802e23620fc1b77c121b227edcdecb56d7645542
GET /alpinejs.js HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
vary: Accept-Encoding
etag: W/"6369b895-9b85"
x-powered-by: Lua 5.4.0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/fyQRUZbhJTQ
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/fyQRUZbhJTQ
IP 142.250.74.163:0
Hash 1573a1f8a309ab62b95e2003aef8e411
af3061a7ac3eb9727e51905d51d894e55c189e46
bd45779594c6e6cc2998fca4a893e32660e15d4e2dc0eb362f7034f5ebac2b18
POST /s/gts1p5/fyQRUZbhJTQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:43:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/fyQRUZbhJTQ
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/fyQRUZbhJTQ
IP 142.250.74.163:0
Hash 1573a1f8a309ab62b95e2003aef8e411
af3061a7ac3eb9727e51905d51d894e55c189e46
bd45779594c6e6cc2998fca4a893e32660e15d4e2dc0eb362f7034f5ebac2b18
POST /s/gts1p5/fyQRUZbhJTQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:43:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/fyQRUZbhJTQ
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/fyQRUZbhJTQ
IP 142.250.74.163:0
Hash 1573a1f8a309ab62b95e2003aef8e411
af3061a7ac3eb9727e51905d51d894e55c189e46
bd45779594c6e6cc2998fca4a893e32660e15d4e2dc0eb362f7034f5ebac2b18
POST /s/gts1p5/fyQRUZbhJTQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:43:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hgdaohang690.info/img/scj.png?v=20220616
112.121.163.131200 OK 8.5 kB URL HTTP/2 www.hgdaohang690.info/img/scj.png?v=20220616
IP 112.121.163.131:0
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 79e8c29da57264ded7143de914441d9f
dcb9ef02ca4d7d75ceea930c07ec52f653eccb06
4f7f4e82d67f2dcc3116843c079aaba8abe6b3621df3bda74fbc360c275cb64e
GET /img/scj.png?v=20220616 HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/css/main.css?v=20220714001
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: image/png
content-length: 8458
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-210a"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/zhongzi.json
188.114.96.1200 OK 968 B URL HTTP/2 www.nvshennv.bar/ad/newbbs/zhongzi.json
IP 188.114.96.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash a0c3065215fd9157586cce050f268802
b9d1d3f42d9976997f5937cdcc00a1bfcb360291
c753bcccdeb32bec857bcea2992b73e9d2b0a9117fd3ae07fccb3d2db8c03432
GET /ad/newbbs/zhongzi.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/json
last-modified: Thu, 02 Feb 2023 14:11:14 GMT
vary: Accept-Encoding
etag: W/"63dbc482-60f"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OyK8EAyVWpDw4rybCdQyA6SijHROgtj7AACrtsm3oVmzveZ%2FI58WhcTo7nUrZdukVYFxAqTdu%2F4%2FKSOGj%2FFGs5zgHNhW55C18Q5%2BRwKphGriRz8wWDv0qz%2FiFDYF22oZVpP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db4cd70afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8174c21f11bb2080a927d2879b123155
6e288b60664908aecad81c700cdd6301c41164f9
53c3178e20c537041fb7e0861710b06249117d3441554b2db51937b751ab70ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "53C3178E20C537041FB7E0861710B06249117D3441554B2DB51937B751AB70AD"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14558
Expires: Fri, 03 Feb 2023 09:46:26 GMT
Date: Fri, 03 Feb 2023 05:43:48 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8174c21f11bb2080a927d2879b123155
6e288b60664908aecad81c700cdd6301c41164f9
53c3178e20c537041fb7e0861710b06249117d3441554b2db51937b751ab70ad
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "53C3178E20C537041FB7E0861710B06249117D3441554B2DB51937B751AB70AD"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14539
Expires: Fri, 03 Feb 2023 09:46:07 GMT
Date: Fri, 03 Feb 2023 05:43:48 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ab07bacd73789d2ae97f8bcd05a011e
19267df9e4f20b7a8bb093a25e118af415601a9d
31550e4a4b4cbf2a701e41d4e97fd262cb52cb2974b298fc363fbd5f54421ab1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "31550E4A4B4CBF2A701E41D4E97FD262CB52CB2974B298FC363FBD5F54421AB1"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5631
Expires: Fri, 03 Feb 2023 07:17:39 GMT
Date: Fri, 03 Feb 2023 05:43:48 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ab07bacd73789d2ae97f8bcd05a011e
19267df9e4f20b7a8bb093a25e118af415601a9d
31550e4a4b4cbf2a701e41d4e97fd262cb52cb2974b298fc363fbd5f54421ab1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "31550E4A4B4CBF2A701E41D4E97FD262CB52CB2974B298FC363FBD5F54421AB1"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5638
Expires: Fri, 03 Feb 2023 07:17:46 GMT
Date: Fri, 03 Feb 2023 05:43:48 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ab07bacd73789d2ae97f8bcd05a011e
19267df9e4f20b7a8bb093a25e118af415601a9d
31550e4a4b4cbf2a701e41d4e97fd262cb52cb2974b298fc363fbd5f54421ab1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "31550E4A4B4CBF2A701E41D4E97FD262CB52CB2974B298FC363FBD5F54421AB1"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5589
Expires: Fri, 03 Feb 2023 07:16:57 GMT
Date: Fri, 03 Feb 2023 05:43:48 GMT
Connection: keep-alive
images.chemboweix.life/2ee737b3c06654b846cfc6aec713e2ee.png
188.114.96.1200 OK 2.9 kB URL HTTP/2 images.chemboweix.life/2ee737b3c06654b846cfc6aec713e2ee.png
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Hash ad76afca9965b87c653b721cd90d4754
602b238d2fd7a0261aeaadcce8fd01e5d86da880
8837401a56aa87892a33dcb5405d1aa44aa17852e20679acb12ad3d1e55886eb
GET /2ee737b3c06654b846cfc6aec713e2ee.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 2878
etag: ad76afca9965b87c653b721cd90d4754
cache-control: max-age=7776000
cf-cache-status: HIT
age: 91168
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BSBQBNHcKXbA2WKpJQfAJvSgiqRntXFcmReKJE3%2FpSsjF%2BrfW60nhqxpetpxIxGjc1XLoOIfVX%2FPdvmxnXFliM3tE65zS0SEGMXgLSlxqCaBkAqiUsWvlwkAx%2F%2FHbcCpMUKijgw1gbs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938d9df2d90b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/pianshang.json
188.114.96.1200 OK 3.8 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/pianshang.json
IP 188.114.96.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 4781769ea47effa5f2ce62d65d4c8d13
73784f7f89c3f94600732009689071399ba210fd
fa1e4275359b5b593c41dfaa0278c22402fa86d1448e17bda1cd3f0725a4ec79
GET /ad/newbbs/pianshang.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/json
last-modified: Mon, 16 Jan 2023 09:53:46 GMT
vary: Accept-Encoding
etag: W/"63c51eaa-617"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZIkVrxrJ9X7d%2BAe8dE5AlpI3V%2BHSj56lRuz3QwZNDXMTzbEb5rcQ5rGku5gMD63kqgoqd7%2FH8T35PLLb5LL8se%2FKfPq%2FArD6QbS%2Bwom1RuNTOlpV6KOZVnGmtxbfZ6fHrun"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db4cd80afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/29f988712cabdf5a4ee1cc622f61ef49.png
188.114.96.1200 OK 1.6 kB URL HTTP/2 images.chemboweix.life/29f988712cabdf5a4ee1cc622f61ef49.png
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 65x65, components 3\012- data
Hash 95ca2704cbbb8c06316bc8ea2466c5a1
c4e8cf0ef9cfa64329060381179987f5cc18dfdb
296515563fe50b0df09f9b39bde663e21ed3e8e872cccc403aff5de45ab4520c
GET /29f988712cabdf5a4ee1cc622f61ef49.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 1621
etag: 95ca2704cbbb8c06316bc8ea2466c5a1
cache-control: max-age=7776000
cf-cache-status: HIT
age: 91143
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZSdHXOm6nAy3HzboIQnwXv%2FYPAke3p2LXGQmg4dXoN8f449Eo%2FHo18CjSETEve4wR2IM5CRKRVuq2qiX9OYGXuKS7%2FTdk6DqKUhZCwecD%2Fs1zLLuwXh6M%2BPhXdxf4fWeCMaFsOrqL31"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938d9df3d95b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/b10fe6669ebe1408077ac3192ae921a9.png
188.114.96.1200 OK 1.5 kB URL HTTP/2 images.chemboweix.life/b10fe6669ebe1408077ac3192ae921a9.png
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 65x65, components 3\012- data
Hash fdf191ade0fbf33fe1ae83ace2dff29c
99ec91ac91c5882980ebb7bb1a05ebbcf56de38c
5f5cc4656e929c4e2ff50c724263662ec8a5a92a4c7b298d394a8d0467b038f1
GET /b10fe6669ebe1408077ac3192ae921a9.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 1497
etag: fdf191ade0fbf33fe1ae83ace2dff29c
cache-control: max-age=7776000
cf-cache-status: HIT
age: 91142
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9f%2BIN6kb%2FFHa14VKx4lm%2BAWjYPVFxNh%2F%2Bf%2BJnOETqep00BAA57VKyM5QUOka5Br1xv61yVa2UTRVe7%2FoL8dICKic76mIOebnzCCyrh3v%2FK09hydcMe9srvMjw3n%2BYWnva%2BoA6IdZdar"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938d9df3d96b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/daohang.json
188.114.96.1200 OK 5.1 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/daohang.json
IP 188.114.96.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 973991e76ee4d1f474bddae7048e26da
9ac47c6bdb651a4f8e3edb8f9c123d885f1926db
bddef9dacd325f35db0583bf47b4a9b5c74fa9334fb46933feb946abca3dcbfa
GET /ad/newbbs/daohang.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/json
last-modified: Thu, 02 Feb 2023 13:16:04 GMT
vary: Accept-Encoding
etag: W/"63dbb794-c6c"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CzHDYf0mUEm3CEB4U%2Bbclc4dY7XwOKtUn5rGWo63NMWfsWh53Mu2WYS26udV%2FKd5tVrQEbGFDJ%2F7j%2BlY3Pq%2FqkHPn2o1ChQWXWbA1Kn8eAVQETitxA%2FlvValLGWhy%2FPUMfD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db4cd40afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/eaf2b954d2bac81721c77954c8a2382f.png
188.114.96.1200 OK 1.6 kB URL HTTP/2 images.chemboweix.life/eaf2b954d2bac81721c77954c8a2382f.png
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 65x65, components 3\012- data
Hash b807147d5db7802cf96b90376eb2f84b
059174090ecc7f32d4021e326dfdcaa8274f9106
28885a78873cb9ab72527e36aa511abac5fe9533ca42e9431f815c557c7e6ce4
GET /eaf2b954d2bac81721c77954c8a2382f.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 1574
etag: b807147d5db7802cf96b90376eb2f84b
cache-control: max-age=7776000
cf-cache-status: HIT
age: 91140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uhy2TMeUDqArDHw5nuaY2R7CHGeQ0DV14e3XrdhyqKmAGv9jIgyn4DJDLYG0UfICCWlSPGQMZzYgMr2xC7n%2FO%2BhbxXHXWXw9xmHk6kGw1uOIhiD3fpJ7YY2XX6sSbaxCF3BVBSWClXjH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938d9df3d98b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/2747cd715ab800b257a6dd39fad0f7b0.png
188.114.96.1200 OK 1.6 kB URL HTTP/2 images.chemboweix.life/2747cd715ab800b257a6dd39fad0f7b0.png
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 60x60, components 3\012- data
Hash 843e810002fe2e865db3e5a50c784b77
b56080a5e9f190d933aa5a18b574e1f19c2dedbb
5320dcae8c7bd6612a39ced684592ff7c5834aed4c2165acd1a0b7dc5b1367f4
GET /2747cd715ab800b257a6dd39fad0f7b0.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 1602
etag: 843e810002fe2e865db3e5a50c784b77
cache-control: max-age=7776000
cf-cache-status: HIT
age: 91134
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQEE17SRyS%2B9auV618%2FQHU%2Fh8zMBDJZNCfr%2FluB%2FMEq2Eu21jjE94Q7KBbX%2FnFDM9b5QLwhjua%2BQFuHyciDa4Wk4uAkbxHXm91FYUvAmIgyGW3RMcxOw5%2BJoOIYV0MKsxELP3L16HDiD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938d9df3d9eb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/8ff0cd4ed4b9605f79517dab26f07944.png
188.114.96.1200 OK 4.6 kB URL HTTP/2 images.chemboweix.life/8ff0cd4ed4b9605f79517dab26f07944.png
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 160x160, components 3\012- data
Hash e90b78628c40606b9459df190d83efd9
d519ca62b54b210c9ed6ebd28c30b6ed8bd0f501
b7ee351a52d96f9297457df33ca32f620f18e44fa1c1f9d1e0ecc446b222e246
GET /8ff0cd4ed4b9605f79517dab26f07944.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 4637
etag: e90b78628c40606b9459df190d83efd9
cache-control: max-age=7776000
cf-cache-status: HIT
age: 91137
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCgvDiSJlkl912FSTFjjfCwKQnUTN04KrSH%2B6RrqrQCmzDLXSXmszjb1MT7qr%2B6p5PtH0avFnC48IkSXR3VofIzF04ZZ8xJ7rmfgmXztCvBYMoqn5mR59lqMENKidKn2vBwbzyZdrPWb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938d9df3d9bb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/ab1c5a38c7a9f187b27ed72b708d8ce8.png
188.114.96.1200 OK 1.8 kB URL HTTP/2 images.chemboweix.life/ab1c5a38c7a9f187b27ed72b708d8ce8.png
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 65x65, components 3\012- data
Hash ddc149933a59e1c65eb007885ff86953
b8caa07b1d8325667088efcba9f51e03e1e318c3
26c950080d88e888c4bd5eab3e5e6399838abfb30fb36c7b4ad7edd44d5fb5a8
GET /ab1c5a38c7a9f187b27ed72b708d8ce8.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 1844
etag: ddc149933a59e1c65eb007885ff86953
cache-control: max-age=7776000
cf-cache-status: HIT
age: 91137
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mwbUQhaT%2BB2pnGr4hsqGgSeNAKRfqLZoMJZi6OR5Yuk7I5zRiMH7nHffjaq%2BJKkYVwPV%2B4v7lGycgp0ZzfSuvhIw7kUN3GCaj9R1GJOlCTLqvGZ%2BipFQrc3OLVX2jN%2BXU7rEruHgnJK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938d9df3d9cb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/gongju.json
188.114.96.1200 OK 8.3 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/gongju.json
IP 188.114.96.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash fda95e12d7fe07cc582f4d5afa855f9d
1a6c6cb4f01f32666a8b7f965c2571e459c971c3
fe4c2d12f271a132efe81e76399f8aa728030106f5e9d04e9e04ccd286d6e447
GET /ad/newbbs/gongju.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/json
last-modified: Thu, 02 Feb 2023 13:17:17 GMT
vary: Accept-Encoding
etag: W/"63dbb7dd-71b"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJFzx43rBS6hbukCrwYYUzh5QiF26AumZ48j86671YMp8bK9E00H0azdIlNzZFig8v9HAMxCBF8paK%2FtULycywuTuKPo3ZQyOlLPU%2BQhVeL0vu%2F36Pmn%2B9e2%2FiRoUvFmKrC4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db4cd50afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/good.json
188.114.96.1200 OK 5.8 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/good.json
IP 188.114.96.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 125d7f01f3686722768b9229d76ba733
040cdbf46b7ed404adc43c75663dfd38894fe02f
a130f12e50827927c975bd797267079d331a885428100dff7c84771cfe3602d8
GET /ad/newbbs/good.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/json
last-modified: Wed, 18 Jan 2023 07:55:05 GMT
vary: Accept-Encoding
etag: W/"63c7a5d9-484"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCoYVwiMrCpTLuUwTNykt2b3M18uLnFOnaw76dhcoFmXR49QMqvGHbxNeAWvczL8%2B0gcGGlx9%2F8U7hmAzF4bxfe3vNFgxEu0I7OAYfa4SOrqkyth40fR1fvNG3rM2OsYr4k%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db4cd00afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hgdaohang690.info/js/main.js
112.121.163.131200 OK 6.2 kB URL HTTP/2 www.hgdaohang690.info/js/main.js
IP 112.121.163.131:0
Hash a4f789f4653f3a863a2d4cf233c4ad94
d75efb88189347d9c778de1b9a783c9569b0d301
65e656bc58c55f07d79137ee4e8a3ef0f295cfca5db890db80af9f149ca539ed
GET /js/main.js HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
vary: Accept-Encoding
etag: W/"6369b895-b4c"
x-powered-by: Lua 5.4.0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 191d7bcdce6be796b696569beeff893b
3a5a8ffc786a0a48f05b8ba3adce46119837a053
3bd66ed649d61b15b5be36f40cb13c5d2b99b59236c4d3f02f1ece346b066802
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3BD66ED649D61B15B5BE36F40CB13C5D2B99B59236C4D3F02F1ECE346B066802"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8992
Expires: Fri, 03 Feb 2023 08:13:40 GMT
Date: Fri, 03 Feb 2023 05:43:48 GMT
Connection: keep-alive
images.chemboweix.life/5835e68aa13e05e23012f3d756b8bf73.gif
188.114.96.1200 OK 350 kB URL HTTP/2 images.chemboweix.life/5835e68aa13e05e23012f3d756b8bf73.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 400 x 400\012- data
Size 350 kB (350433 bytes)
Hash 5835e68aa13e05e23012f3d756b8bf73
1336f568e348a3d8fc437e06afafc368478237e3
5b792e635ba084f6a702ce58c9d700595b73b3130c6fd28673b365b1e219d186
GET /5835e68aa13e05e23012f3d756b8bf73.gif HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/gif
content-length: 350433
etag: 5835e68aa13e05e23012f3d756b8bf73
cache-control: max-age=7776000
cf-cache-status: HIT
age: 91140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyA94lEqc38%2BYiH570MR5PIg4dWV4Pxnj%2F6og802u9gnu0eQQOLoCGEGWfdhG3B0HfYOaJxQh9tgPKnDviKDWLIdqiT8Y04Fg4F7n3Y8XKpcmw%2BXA0O4IL7L0O%2BhCMvJntB4Bx6jvU66"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938d9df3d99b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/app.json
188.114.96.1200 OK 5.2 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/app.json
IP 188.114.96.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 11113bdc672184fe26179a88b7a58c71
7e7470f382f619d8759af790f369c258b3180409
4f97d00f99d60fc97e0e347d680d0797dae0ee93e7a43c7a10b507e007ef0878
GET /ad/newbbs/app.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/json
last-modified: Wed, 18 Jan 2023 08:00:39 GMT
vary: Accept-Encoding
etag: W/"63c7a727-1619"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P35wm2rJtXKLOQyNQZGejGos%2BwR8WDOtZlXn9q5%2FwngPLRrQG5Yy41hpA6UeI6758XDhUXLNY90t4UtC2OIdt%2F9vWNQPEwd%2BK8VAH7j%2BxNKmd0pNbkxAcZ6iTTngHEwyCAoI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db5ce60afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ab07bacd73789d2ae97f8bcd05a011e
19267df9e4f20b7a8bb093a25e118af415601a9d
31550e4a4b4cbf2a701e41d4e97fd262cb52cb2974b298fc363fbd5f54421ab1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "31550E4A4B4CBF2A701E41D4E97FD262CB52CB2974B298FC363FBD5F54421AB1"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5589
Expires: Fri, 03 Feb 2023 07:16:57 GMT
Date: Fri, 03 Feb 2023 05:43:48 GMT
Connection: keep-alive
www.nvshennv.bar/ad/newbbs/tuijian.json
188.114.96.1200 OK 215 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/tuijian.json
IP 188.114.96.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Size 215 kB (214919 bytes)
Hash f4638d455d545572cab9983b78587a5e
2df7900bbf65f4bef5c268a30b32ca1efc1abfd1
d2995468c6946ffe5fd19264b5b32f1ca753bdd02cf197507cb6228e0b31bd70
GET /ad/newbbs/tuijian.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/json
last-modified: Wed, 18 Jan 2023 07:57:41 GMT
vary: Accept-Encoding
etag: W/"63c7a675-d4e"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYTBOkLAhOA8zKRZ6GdIeQjDei%2FAf7BDwZrDDSqeHrj%2Bfg7zeAZYaptsf38MeoL75WxAequEvaDqpojswjFYTyukEBAPOamswDIwA1t49EvL%2FSMf%2FNLxv7SwZ8tkNi17ynAw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db5ce70afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/lsj.png
112.121.163.131200 OK 6.0 kB URL HTTP/2 www.hgdaohang690.info/index_files/lsj.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 76b420b82bd8877a09182af47c3cad47
8f8586fb133ef2e08a053c6d3e3680b4c36f1f12
3f4c590b933d0608646144c1a3557038fa4eb7986ad3d061be4825cc6c440e9e
GET /index_files/lsj.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 6049
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-17a1"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/mado.png
112.121.163.131200 OK 5.5 kB URL HTTP/2 www.hgdaohang690.info/index_files/mado.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 3758237c06c0ca13580a27b29667cb46
a3ccecc046056203a9de00ba839f04345d19f04b
e2b8d119088d392a9b4b11fd1ce3ab686844f67755f65b099fc987d488dfa868
GET /index_files/mado.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 5464
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-1558"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/98t.png
112.121.163.131200 OK 7.0 kB URL HTTP/2 www.hgdaohang690.info/index_files/98t.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash be4b282b3fcec6d031546f55f771296e
4adf8d684e4d184aacc93236d098e69e69e2d27b
f5fd8213d58e92bf8048e4156d7dfb86ab60f8faeb03bbb68e282a03d461bee6
GET /index_files/98t.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 6961
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-1b31"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/jiankang.png
112.121.163.131200 OK 3.4 kB URL HTTP/2 www.hgdaohang690.info/index_files/jiankang.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash f5e117504ca8bedd872983fb9f75b936
b368c04891725de0bca21b2601b0eb45426b6d22
c2b75a088547dbe60dee7d455ec51842ded2a0bf06c48926fa36d71016f8d393
GET /index_files/jiankang.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 3413
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-d55"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/91zpc.png
112.121.163.131200 OK 7.2 kB URL HTTP/2 www.hgdaohang690.info/index_files/91zpc.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash c08a4f5a6ce0f4cb57417f1004633210
ae1ad2fb526617909100d41dc462fb598c76aff8
7f1401e7fc12ea1b1eddab30151ff5946e2f1d89f1b0904f539205abf8147a1e
GET /index_files/91zpc.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 7219
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-1c33"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/xhp.png
112.121.163.131200 OK 9.5 kB URL HTTP/2 www.hgdaohang690.info/index_files/xhp.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 5193ab1659143f878d674cf504bff622
f85ee2c78c9d5027a425faed7db7326d4b86e497
0660a08979751705fce9a38b7501654bd03311fda8ed76651b414f92afd1aa02
GET /index_files/xhp.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 9488
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-2510"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/zhainan.json
188.114.96.1200 OK 18 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/zhainan.json
IP 188.114.96.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 4814e85dc0e4f0d885293d97e84a4c72
f88da135f673f8d83cd656b7e2f06505b106e49f
3d5a12e5bd0c79836194137220339c451191c84c38ec6b757eb7c1a977d34f5b
GET /ad/newbbs/zhainan.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/json
last-modified: Wed, 18 Jan 2023 16:47:08 GMT
vary: Accept-Encoding
etag: W/"63c8228c-c1e"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIXwo%2FjLfg%2FQgNHDOY5eYauTmedi56XkzILxkRkG2e2v1ik9WeWEIgIpS1cqgHEF%2FK8CuNLJu4iRXiwEfIAo4oLI3dGeS%2BYcZLXoG7BRb6tDsuSnGoTv0I46LqIPO4%2FlZg8q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db4cd20afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/120120.jpg
112.121.163.131200 OK 18 kB URL HTTP/2 www.hgdaohang690.info/index_files/120120.jpg
IP 112.121.163.131:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x120, components 3\012- data
Hash 23365a4353ae96f00b838dc89d7ae70d
647bf2414bb0b313f5ff10f2899504dcd7a11ef0
92b11c330f03f81a3ec2131c02731a46426e678ca508e134cd41e6b2c3c85949
GET /index_files/120120.jpg HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/jpeg
content-length: 18273
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-4761"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/app03.png
112.121.163.131200 OK 21 kB URL HTTP/2 www.hgdaohang690.info/index_files/app03.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash e475bad0b274495943c821e8d680246d
168a04393ed47696c210521cc4caa64245ee333c
0ff855040be66957caaebb8f68e9cd2c3ed02df795491c93f8089b02f27ba4b6
GET /index_files/app03.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 20675
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-50c3"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/js/tw.js
112.121.163.131200 OK 36 kB URL HTTP/2 www.hgdaohang690.info/js/tw.js
IP 112.121.163.131:0
Hash ee27d7a1366864ac84fc3ac22b572925
53936ea16ca07157829906ad0ed8f94cd3f9e75a
a53706c48c0a65dd90ac7ab4f4d088094c8ebcb6fc64b36041dcf30eafd731cc
GET /js/tw.js HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
vary: Accept-Encoding
etag: W/"6369b895-2b9b"
x-powered-by: Lua 5.4.0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/91p.png
112.121.163.131200 OK 3.9 kB URL HTTP/2 www.hgdaohang690.info/index_files/91p.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash e9826472a4b5997f08ee6e55c18bca46
60f02039d74175876bc5837f155af43173ab4ccb
f3f12b7a7a7ec147b5cbba9788a1f641255d302a1e3b0139fcd88b3c564247b9
GET /index_files/91p.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 3900
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-f3c"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/jjtv.png
112.121.163.131200 OK 10 kB URL HTTP/2 www.hgdaohang690.info/index_files/jjtv.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 0f98f834688f612e5b6cb3becb952479
06cd49f49dced1a5beda728c169debf0ca3dfc7f
46e2fee953b586ab8ca2a356f7335f65b90021e0ec984b8cc8b4e6dbb4d0c7e5
GET /index_files/jjtv.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 9962
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-26ea"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/xqsp.png
112.121.163.131200 OK 5.4 kB URL HTTP/2 www.hgdaohang690.info/index_files/xqsp.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 42504bcf3f08e6455d008ee29ae39ad8
d967134f5d2c4f4b387bf2befab93e0a37c2d33a
d5110a2bb0350089aeab0bc164f462900bd72d57f8557615c6383aa802fa3459
GET /index_files/xqsp.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 5361
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-14f1"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/91ts.png
112.121.163.131200 OK 7.2 kB URL HTTP/2 www.hgdaohang690.info/index_files/91ts.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash d87509de519afa65518d9bd9a7edaf0f
4a0c8a188b63042ee0a178a973b27219eb72cbe8
31b7025b77041ff1075734d200b9373cc2190318c478a6c8d152e55fdc14452d
GET /index_files/91ts.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 7189
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-1c15"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/yinghan.png
112.121.163.131200 OK 4.7 kB URL HTTP/2 www.hgdaohang690.info/index_files/yinghan.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash f502800ef2257b3628d4bcd901e18be4
f70ebf12fd94e41c40100bdc217118f808d6c6b8
2aa04eee1eff69da1c33abcd535a60d42f0494e375b4fc5d31dfbd1d2a331ca3
GET /index_files/yinghan.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 4671
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-123f"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hgdaohang690.info/index_files/495.png
112.121.163.131200 OK 8.2 kB URL HTTP/2 www.hgdaohang690.info/index_files/495.png
IP 112.121.163.131:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 1b97775b4ee8d07b49413d72ae91686d
c316504636d6fe95faa591dba37011fe5705eb91
4df1866add4ee36a7ca15938fe4c29d1ca08807fc6882a57c0b502491027e11e
GET /index_files/495.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 8175
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-1fef"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 96bd9bbab01c849ee6aad0079c8c79b0
adfbb73643aa028914cbeadc35db0340b92fa235
0ebea001406bb71eee0747e2f9744eefc3ce99d263fdb3fb796c781fcc99d20a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4895
Cache-Control: max-age=108524
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:43:49 GMT
Etag: "63db90e2-117"
Expires: Sat, 04 Feb 2023 11:52:33 GMT
Last-Modified: Thu, 02 Feb 2023 10:30:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
www.hgdaohang690.info/css/main.css?v=20220714001
112.121.163.131200 OK 257 kB URL HTTP/2 www.hgdaohang690.info/css/main.css?v=20220714001
IP 112.121.163.131:0
Size 257 kB (257326 bytes)
Hash 2118496ed01464080ea1f550f9023b2b
8667b2b6f6b0110a571f46be4906d49de8e17776
81940ecc6c16691c6d01a051f077a6ccb5f460a8bbb65ee79a8095a288cb46c6
GET /css/main.css?v=20220714001 HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
vary: Accept-Encoding
etag: W/"6369b895-1f3e"
x-powered-by: Lua 5.4.0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 03:44:08 GMT
expires: Fri, 03 Feb 2023 05:44:08 GMT
cache-control: public, max-age=7200
age: 7181
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.hgdaohang690.info/favicon.ico
112.121.163.131404 Not Found 548 B URL HTTP/2 www.hgdaohang690.info/favicon.ico
IP 112.121.163.131:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
GET /favicon.ico HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Fri, 03 Feb 2023 05:43:50 GMT
content-type: text/html; charset=utf-8
content-length: 548
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 96bd9bbab01c849ee6aad0079c8c79b0
adfbb73643aa028914cbeadc35db0340b92fa235
0ebea001406bb71eee0747e2f9744eefc3ce99d263fdb3fb796c781fcc99d20a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4896
Cache-Control: max-age=108524
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 05:43:50 GMT
Etag: "63db90e2-117"
Expires: Sat, 04 Feb 2023 11:52:34 GMT
Last-Modified: Thu, 02 Feb 2023 10:30:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
www.hgdaohang690.info/index_files/sex8.png
112.121.163.131200 OK 254 kB URL HTTP/2 www.hgdaohang690.info/index_files/sex8.png
IP 112.121.163.131:0
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size 254 kB (253821 bytes)
Hash 1d0368909eb9bf6f19958b1ab78374ba
fe91539d3939c39045fbaef4930992342d3136e5
cad0385399ca6de598b61cc185678ce3b2223161701bd21e4b1f62fe5a6b4ca3
GET /index_files/sex8.png HTTP/1.1
Host: www.hgdaohang690.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hgdaohang690.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: image/png
content-length: 253821
last-modified: Tue, 08 Nov 2022 02:01:57 GMT
etag: "6369b895-3df7d"
x-powered-by: Lua 5.4.0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/top100.json
188.114.96.1200 OK 0 B URL HTTP/2 www.nvshennv.bar/ad/newbbs/top100.json
IP 188.114.96.1:0
GET /ad/newbbs/top100.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: application/json
last-modified: Thu, 02 Feb 2023 14:11:58 GMT
vary: Accept-Encoding
etag: W/"63dbc4ae-966"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjdjYOUdeLqg0w%2FRzkSpgMY7MD4d9McQmEyk2XNtMsYEbsBfR37K2CkHqV8Cwy57r67BJ3hEujOx0MpKRA9It5x8hUzECRw3qFo9QNT1Zy6kKYIBSXiDZFFWzKntzeLd3zpA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db4cd30afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/jiaoyou.json
188.114.96.1200 OK 0 B URL HTTP/2 www.nvshennv.bar/ad/newbbs/jiaoyou.json
IP 188.114.96.1:0
GET /ad/newbbs/jiaoyou.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:47 GMT
content-type: application/json
last-modified: Thu, 02 Feb 2023 01:52:08 GMT
vary: Accept-Encoding
etag: W/"63db1748-a68"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CWH2LnLt6k1SXAI0C%2BF4X4udJrqa18HglAMoMD7sSdxByyhEaR1otW%2F1QAm%2FO1oBgvwd0gGQuDRt1sGM%2BUKDEcY8hEs2rrdo1uYfRbopeej%2BkcOjkSw2n9ZcWutugLp0ccO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db5ce50afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.inspectlet.com/inspectlet.js?wid=1109673675&r=465389
104.22.56.245200 OK 0 B URL HTTP/2 cdn.inspectlet.com/inspectlet.js?wid=1109673675&r=465389
IP 104.22.56.245:0
GET /inspectlet.js?wid=1109673675&r=465389 HTTP/1.1
Host: cdn.inspectlet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:50 GMT
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=60, max-age=14400
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Fri, 03 Feb 2023 05:43:50 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938d9e8ae500b31-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/shipin.json
188.114.96.1200 OK 0 B URL HTTP/2 www.nvshennv.bar/ad/newbbs/shipin.json
IP 188.114.96.1:0
GET /ad/newbbs/shipin.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hgdaohang690.info
Connection: keep-alive
Referer: https://www.hgdaohang690.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 05:43:48 GMT
content-type: application/json
last-modified: Wed, 18 Jan 2023 08:05:07 GMT
vary: Accept-Encoding
etag: W/"63c7a833-12ab"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vidIo6hMr6GtX1iojoThHSw%2FLelI2tTKVWqQNWETa5Xs5a%2FIAosTnta9bsfKK09m6pzT4rYPGGgT%2BTlFCRUjd3xITV7WSGmkFXaZoHmSzwPggHpM8h0opR9NUTIAOCi51iu8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938d9db5ce40afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2