www.dd18li.info/
45.60.242.42301 Moved Permanently 0 B IP 45.60.242.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.dd18li.info/
Content-Length: 0
Connection: close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3137
Expires: Sat, 19 Nov 2022 12:18:53 GMT
Date: Sat, 19 Nov 2022 11:26:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5621
Cache-Control: max-age=88692
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:36 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 12:04:48 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3791
Expires: Sat, 19 Nov 2022 12:29:47 GMT
Date: Sat, 19 Nov 2022 11:26:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 10:44:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2501
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jWiz0RJ7mw79s9wkw+EwilrRlGWwpuL+xDWJ2maPfkbh4t9jNx/WlgieTwvhexj6rngp7SGV2cE=
x-amz-request-id: BN7KJF2J3CGPAJRJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 10:53:20 GMT
age: 1996
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:26:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 11:25:01 GMT
cache-control: public,max-age=3600
age: 96
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1937
Cache-Control: max-age=166352
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:37 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 09:39:09 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.dd18li.info/
45.60.242.42200 OK 3.6 kB IP 45.60.242.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (459)
Hash 2864f4d31a6807b76f9a384f9b16de79
8140115e7218750e3bab4849f59c89476a15127f
65ba1621d929a2f9eb3ddb1b7c201aa8978ef3be7d6b41b97684853e882a6f32
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 19 Nov 2022 11:26:37 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Vary: Accept-Encoding
ETag: W/"6369b895-4385"
X-Powered-By: Lua 5.4.0
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
Set-Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; expires=Sat, 18 Nov 2023 22:15:31 GMT; HttpOnly; path=/; Domain=.dd18li.info
nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; path=/; Domain=.dd18li.info
incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; path=/; Domain=.dd18li.info
___utmvmiYuNvtiZ=sShxPVEFNyK; path=/; Max-Age=900
___utmvaiYuNvtiZ=XelCLnI; path=/; Max-Age=900
___utmvbiYuNvtiZ=UZR XbEOoalt: htF; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 7-23235362-23235363 NNNN CT(170 343 0) RT(1668857196691 19) q(0 0 5 0) r(6 6) U12
www.dd18li.info/css/main.css?v=20220714001
45.60.242.42200 OK 2.4 kB URL HTTP/1.1 www.dd18li.info/css/main.css?v=20220714001
IP 45.60.242.42:0
Hash d358adf86f6dd649316eafd4d27d9df5
5aafa4de8cfd8da60e648511f3e24bb8a7b5e2d1
0f539532e2430a54bda31731c5eedcdfe654b00adc80cc2683b6b17416507b6e
Analyzer Verdict Alert fortinet Phishing
GET /css/main.css?v=20220714001 HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; ___utmvmiYuNvtiZ=sShxPVEFNyK; ___utmvbiYuNvtiZ=UZR XbEOoalt: htF
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: W/"6369b895-1f3e"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: text/css
Content-Length: 2353
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Sat, 19 Nov 2022 11:26:38 GMT
Date: Sat, 19 Nov 2022 11:26:37 GMT
Set-Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; expires=Sat, 18 Nov 2023 22:15:31 GMT; HttpOnly; path=/; Domain=.dd18li.info
incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; path=/; Domain=.dd18li.info
___utmvbiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
___utmvmiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
X-CDN: Imperva
X-Iinfo: 7-23235362-23229803 2cNN RT(1668857196691 828) q(0 0 0 -1) r(0 0)
www.dd18li.info/js/tw.js
45.60.242.42200 OK 7.2 kB IP 45.60.242.42:0
File type Unicode text, UTF-8 text, with very long lines (1286)
Hash a2c2b3831e1e62d3293dcdc65c173c90
18b3a5b2e7ea061f1a4786b9b21a18ad25433761
e6324431d2e7a24a0d009ea30585ccde9f066923c1fd26c4c7214805f155d76c
Analyzer Verdict Alert fortinet Phishing
GET /js/tw.js HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; ___utmvmiYuNvtiZ=sShxPVEFNyK; ___utmvbiYuNvtiZ=UZR XbEOoalt: htF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: W/"6369b895-2b9b"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7214
Content-Encoding: gzip
Cache-Control: max-age=13745, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:37 GMT
Set-Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; expires=Sat, 18 Nov 2023 22:15:31 GMT; HttpOnly; path=/; Domain=.dd18li.info
incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; path=/; Domain=.dd18li.info
___utmvbiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
___utmvmiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
X-CDN: Imperva
X-Iinfo: 7-23235362-23229803 2CNN RT(1668857196691 841) q(0 0 0 -1) r(0 0)
www.dd18li.info/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1022125434
45.60.242.42200 OK 20 kB URL HTTP/1.1 www.dd18li.info/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1022125434
IP 45.60.242.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8da5fe2c86122e2a1bb82a942ce27895
bfa82b486eb6936757a6e5b0fa44a4eb6a3bd695
4175ab10647a5c25f2589697dbe603cb178abfcc202e571993ed0950025f603b
GET /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1022125434 HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; ___utmvmiYuNvtiZ=sShxPVEFNyK; ___utmvbiYuNvtiZ=UZR XbEOoalt: htF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: application/javascript
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 19476
Set-Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; expires=Sat, 18 Nov 2023 22:15:31 GMT; HttpOnly; path=/; Domain=.dd18li.info
incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; path=/; Domain=.dd18li.info
___utmvbiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
___utmvmiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
www.dd18li.info/config.js
45.60.242.42200 OK 59 B URL HTTP/1.1 www.dd18li.info/config.js
IP 45.60.242.42:0
Hash 3e73c1574d4a3eabcae9f06e5ac372c6
fa2123b19b6cbf66db82a96a6dfcc625bb73d379
9d07f8924a38b194028bf88f5e735864b75177171244ed108f8ad780c3cfceba
Analyzer Verdict Alert fortinet Phishing
GET /config.js HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; ___utmvmiYuNvtiZ=sShxPVEFNyK; ___utmvbiYuNvtiZ=UZR XbEOoalt: htF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b896-27"
Last-Modified: Tue, 08 Nov 2022 02:01:58 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 59
Content-Encoding: gzip
Cache-Control: max-age=13745, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:37 GMT
Set-Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; expires=Sat, 18 Nov 2023 22:15:34 GMT; HttpOnly; path=/; Domain=.dd18li.info
incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; path=/; Domain=.dd18li.info
___utmvbiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
___utmvmiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
X-CDN: Imperva
X-Iinfo: 6-12223677-12221092 2CNN RT(1668857197538 18) q(0 0 0 -1) r(0 0)
www.dd18li.info/js/main.js
45.60.242.42200 OK 586 B URL HTTP/1.1 www.dd18li.info/js/main.js
IP 45.60.242.42:0
File type Unicode text, UTF-8 text, with very long lines (339)
Hash 4f27ebeea48e882ef03c4bcfd9be1b23
7d058c327d33577a7415e799aee9a4439560a89a
f027ac825aafb934e57d91e8dbf1604ada6696b6204e07fba81fd63e24861104
Analyzer Verdict Alert fortinet Phishing
GET /js/main.js HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; ___utmvmiYuNvtiZ=sShxPVEFNyK; ___utmvbiYuNvtiZ=UZR XbEOoalt: htF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: W/"6369b895-b4c"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 586
Content-Encoding: gzip
Cache-Control: max-age=13745, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:37 GMT
Set-Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; expires=Sat, 18 Nov 2023 22:15:31 GMT; HttpOnly; path=/; Domain=.dd18li.info
incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; path=/; Domain=.dd18li.info
___utmvbiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
___utmvmiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
X-CDN: Imperva
X-Iinfo: 7-23235408-23229803 2CNN RT(1668857197540 17) q(0 0 0 -1) r(0 0)
www.dd18li.info/js/index.js
45.60.242.42200 OK 384 B URL HTTP/1.1 www.dd18li.info/js/index.js
IP 45.60.242.42:0
Hash 1e1d716b190167d270e0ebe3a9fb1a10
bd1fbc26f918e4597674d1a267ac4e3be5782cb0
de7b55a6a3044a442c5bc2b6f37f773762415076693cc7ea23a1d7998bbadfe0
Analyzer Verdict Alert fortinet Phishing
GET /js/index.js HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; ___utmvmiYuNvtiZ=sShxPVEFNyK; ___utmvbiYuNvtiZ=UZR XbEOoalt: htF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-248"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 384
Content-Encoding: gzip
Cache-Control: max-age=13745, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:37 GMT
Set-Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; expires=Sat, 18 Nov 2023 22:15:30 GMT; HttpOnly; path=/; Domain=.dd18li.info
incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; path=/; Domain=.dd18li.info
___utmvbiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
___utmvmiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
X-CDN: Imperva
X-Iinfo: 13-49144807-49139680 2CNN RT(1668857197541 18) q(0 0 0 -1) r(0 0)
www.dd18li.info/alpinejs.js
45.60.242.42200 OK 16 kB URL HTTP/1.1 www.dd18li.info/alpinejs.js
IP 45.60.242.42:0
File type ASCII text, with very long lines (34767)
Hash 3531101d49c589dcbb77489aecffb961
f88bce3a92cc8bb3c0c8d714bc579820e5907e35
8a2dfc8f7109929c75a6f207c9eac40a5232ac066c609403c6c276d39ea0c4ec
Analyzer Verdict Alert fortinet Phishing
GET /alpinejs.js HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; ___utmvmiYuNvtiZ=sShxPVEFNyK; ___utmvbiYuNvtiZ=UZR XbEOoalt: htF
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: W/"6369b895-9b85"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 16121
Content-Encoding: gzip
Cache-Control: max-age=13745, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:37 GMT
Set-Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; expires=Sat, 18 Nov 2023 22:15:34 GMT; HttpOnly; path=/; Domain=.dd18li.info
incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; path=/; Domain=.dd18li.info
___utmvbiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
___utmvmiYuNvtiZ=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
X-CDN: Imperva
X-Iinfo: 6-12223678-12221108 2CNN RT(1668857197540 19) q(0 0 0 -1) r(0 0)
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash bfb91f1623c2391f451d99b19fea112d
83780566df160c7d808e0a14871748e2e2dc218b
e41d9b395d48d1f905338a33aa94dd9dcee901bdd9b34ff154e52b3ab72270c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6240
Cache-Control: max-age=99374
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:37 GMT
Etag: "6377863b-2d7"
Expires: Sun, 20 Nov 2022 15:02:51 GMT
Last-Modified: Fri, 18 Nov 2022 13:18:51 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 727
s2.pstatp.com/cdn/expire-1-M/font-awesome/4.7.0/css/font-awesome.min.css
47.246.44.226200 OK 7.1 kB URL HTTP/2 s2.pstatp.com/cdn/expire-1-M/font-awesome/4.7.0/css/font-awesome.min.css
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type ASCII text, with very long lines (30837)
Hash 0ebb760c7d229fd1d2b3a63493306569
58961c039962ea4f5215caa2e0127a8658bcf847
18eecad8f04af6784d466cd2cad0337dea530bef457e6a7b3da473eea589b134
GET /cdn/expire-1-M/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: s2.pstatp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 7050
date: Fri, 04 Nov 2022 09:07:18 GMT
last-modified: Sat, 22 Jan 2022 22:37:37 GMT
etag: "61ec8731-7918"
expires: Sun, 04 Dec 2022 09:07:16 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
server-timing: cdn-cache;desc=HIT,edge;dur=13
x-tt-trace-host: 01db09afca56d0617892364b2d836eb2ec554a21adec61a80c45128412da4b95413a516f0968692743655dfa150b854a0e17f2ca54e508347e3f7f2e068a2aee12e0351a860bb003fe2a58029489b34cdd
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
vary: Accept-Encoding
ali-swift-global-savetime: 1667552838
via: cache20.l2de2[0,0,304-0,H], cache21.l2de2[1,0], cache2.se1[0,11,200-0,H], cache1.se1[13,0]
content-encoding: gzip
age: 1304359
x-cache: HIT TCP_HIT dirn:6:445002692
x-swift-savetime: Fri, 04 Nov 2022 09:18:46 GMT
x-swift-cachetime: 2591312
x-response-cache: edge_hit
timing-allow-origin: *
eagleid: 2ff62c9516688571976333197e
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-232123806-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-232123806-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash ae0603b20b5080a355b9eaf880119eff
fbf81163334265ad2ad7b168bb5af9f77eb98e8e
572be97fcb0e555b55e36a1572bdc4c756b5f09aed880e25d5a42612f01b9bf0
GET /gtag/js?id=UA-232123806-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 11:26:37 GMT
expires: Sat, 19 Nov 2022 11:26:37 GMT
cache-control: private, max-age=900
last-modified: Sat, 19 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.dd18li.info/img/scj.png?v=20220616
45.60.242.42200 OK 6.8 kB URL HTTP/1.1 www.dd18li.info/img/scj.png?v=20220616
IP 45.60.242.42:0
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash e19d160ef133af6d4b352a72b4cc7e10
cfa4e51ad03fd294b6d96287954a1e91a4f1ef3e
c4ccfb689ed9300935d121e51de1f9742be2c5d499f28fdc47863833cef753af
Analyzer Verdict Alert fortinet Phishing
GET /img/scj.png?v=20220616 HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/css/main.css?v=20220714001
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-210a"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 6758
Cache-Control: max-age=32204, public
Expires: Sat, 19 Nov 2022 20:23:21 GMT
Date: Sat, 19 Nov 2022 11:26:37 GMT
X-CDN: Imperva
X-Iinfo: 6-12223678-0 0CNN RT(1668857197540 119) q(0 -1 -1 -1) r(0 -1)
www.dd18li.info/img/honav.png
45.60.242.42200 OK 242 kB URL HTTP/1.1 www.dd18li.info/img/honav.png
IP 45.60.242.42:0
File type PNG image data, 1260 x 160, 8-bit/color RGB, non-interlaced\012- data
Size 242 kB (242000 bytes)
Hash 24d7232a5141ca857fdae27fa44a7810
62d7191357b12afcb56802bca7c141cdf61dd0ca
c8cca2dea1d167ed571f87dfa0fad559b02328c8bc81068685dc60835b6b8b12
GET /img/honav.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/css/main.css?v=20220714001
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-3e3fd"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 242000
Cache-Control: max-age=1, public
Expires: Sat, 19 Nov 2022 11:26:38 GMT
Date: Sat, 19 Nov 2022 11:26:37 GMT
X-CDN: Imperva
X-Iinfo: 7-23235362-23227757 2cNN RT(1668857196691 963) q(0 0 0 -1) r(0 0)
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.89.114.252101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.114.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M4z7sQ6gZiYBu+s2i1+UxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aLqBF6rt2a1Mc5H72ZEqnoemdZs=
s2.pstatp.com/cdn/expire-1-M/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
47.246.44.226200 OK 77 kB URL HTTP/2 s2.pstatp.com/cdn/expire-1-M/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /cdn/expire-1-M/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: s2.pstatp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://s2.pstatp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: application/octet-stream
content-length: 77160
date: Fri, 04 Nov 2022 09:07:33 GMT
last-modified: Sat, 22 Jan 2022 22:37:36 GMT
etag: "61ec8730-12d68"
expires: Sun, 04 Dec 2022 09:04:44 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 012161c8cea66c8d717be63c6cff44c44c8965bfa180f96357118c84eaab8fb76723681f98b4176091bf5b6fc623dde0b1689afd8352402e6cd62fd58d7c39ce0e6233c7d70ed598aad371dbac8e43d6bf
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
accept-ranges: bytes
ali-swift-global-savetime: 1667552853
via: cache17.l2de2[0,0,304-0,H], cache12.l2de2[1,0], cache8.se1[0,0,200-0,H], cache3.se1[2,0]
age: 1304344
x-cache: HIT TCP_MEM_HIT dirn:4:210305400
x-swift-savetime: Fri, 04 Nov 2022 09:13:30 GMT
x-swift-cachetime: 2591643
x-response-cache: edge_hit
timing-allow-origin: *
eagleid: 2ff62c9716688571977717953e
X-Firefox-Spdy: h2
www.dd18li.info/_Incapsula_Resource?SWKMTFSR=1&e=0.9748962131516646
45.60.242.42200 OK 1 B URL HTTP/1.1 www.dd18li.info/_Incapsula_Resource?SWKMTFSR=1&e=0.9748962131516646
IP 45.60.242.42:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /_Incapsula_Resource?SWKMTFSR=1&e=0.9748962131516646 HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; ___utmvc=5N5RSONRgx3zxTon4EuX2SRgcG2p/hANMenfogGTR+n1Ld0UOFqsi/awdGPbaCpiF+5kOvkCQAS3slXK6nEKSQ4tS+3ohkKcB2c1fXqoul5nIKlc15+b3zIv+0KzplkGbfE955GoX+Phqq6GorWxEDUZKA9AabhUK3/95FMD3kpQ2c27RhtFPzzaNxC0ztOWFFFZXtPS86WzKISjvAJitL62kQ+EUmVhz+lBBkrMTcm/3mDZhxsSoSCf+oIyskrTH7UktMfDDnNGdLcX/hxfqBHyys/UD4QByTzehMs0fbl28DpjBbzcGoB7Dfy6IEOIQiSoZk6MrgD9u5TKDwGk6mQlImuc7rp/Br2S5wATpCx0l11ZZv2udhXWqrMWrk4whbIX+BF/utt97y2/qcOX3nRG53ItWMxZXBWETAIIDcbf6IcvrYEKmRn0moqvX57CS1h1DGBUvlAqg9cFOYTaqRFMb3rX11fw/jxmnMoDATh9pXWobt9e9UHkWtaJ2dbiLn9/Op1Rt4RWTElbUbCJUSlDaj41lkAC0mAQI1eg6EKt356rZ3847pPpoqMNfzELvkX8QwLq6l2/T6KS557MN2u6y4PiXVgh5xpaQHOHvxV5a4FwqZj2jQ3FdihnjUpOkoK6N94DpQRzXCqI8WI3yueEEGiw/0Xs88iplGN6k1O7Ht35uLCLlgAf2KEglCGU03fUVOfeFvvOCLkwuvkQkWFKhvnQj7TSiur1zquyxomUsf1nEcMr1Mdx9NXmCPmyijdktuoAlO8FGN5kiU674hMrw+cpqlFTfhWyzJq+orybC1TEghh60kLgOeki95yAfhIQZjWeSpZhCF5upsAcY3c9Pn4eiLmlLKj1mIZ5AQplsv5qzRJHfLf7VKupSb1hlowWAqS7qY3fdx09dclw/kkpzzQHTShZIjwd+mVIMOD/HOoAewe7D5Fi7nZ7t9/ASqAwWGVlFVof8IoOTbZlHXMqEXTeMB54YEG5x2JMHtsmrqmd5s4nIp7LbxikXZKSt/JyutQMgoGN6lqyQDKPMuhSSLk92QoD05U2CxU+j1xUuYOzb8skD4WIcIIc6bLGQxc071YPO1Uo61WOQ7EHgkJsI35f66AA/BNQj9f+oghD7DqCN9vTeu61SD8gQAFMk4qWPQ92kXSbzWHEIDb6aCGRG8rXojJW0gToFM0jx7hLLKYSGfG/5Vp2smeiXX/w9ozAECIjWl2bY7hM6acqGULrCKAKPl34BpDFQyFv7myYAknd6/4Rf6j7F+FHQRTMbVXbJ8h3gryOc9sI4A6Wm5OtPMqNPfL8+ahkxOHnicZSLB5nn/kfF2KSWDHE9omRPEThCLFGWM+pQyGgG808sd+uT3j8OYH4vYdZXgGJMJRVnB6oxKKO0D4TX1YGBepcIdjtBrv5Z4ejuUa4em55YnTvgoEufKKlZeUuLGNUeXx+zF0EeyTF2ezcfKBOKHd2/+Ogv06WuBybkFOGTy9jnKCSxwrS+WvrhnG9hUBhcVqDd4s6+5WFpiGkS0F36f91crrYLTLWJi7cWHtf3WyAJvLmSHIi147pmnBYk+aeJ/mhcy8x/zimPdGbN5zRDnL7VbXr5Fq0QdEKwi3RbsgEciXaxYkRGDKEy9phMbCWN+wTRbY4ATn8G4grLIoKziotlh3ukejFRt8f5LiTyR21fh33dW6U9mtE63wvRam8Qym2Yomw0E/dM3kuUdlc3aEWUe5L7ZG8RziS8bSvuZq4im1CgrVIdRiVTKN3a9hySjs7Bktu5xTNSOkDllwqgUTqtC2Q6BIwbidRcwUhNKa0/MgPrKyog5LN0PvLzdJPznTWGqc+Y2gJRWiLk8d5Pie/dEZ5CuE0jFa8YSNPCBRN79RjIpBLWiVFuiz0lOCvWrcAQTR9Fio5cZj3zl/bwmAZLVdwgChbwUSGZyyA/42o6cIjLKiYknq9u/ucIKfoWFRVw5njfipBQXxHdxrLtg0baArE/RQjmyb5i97F9VU0c3JCPULptcLxX2rs6l79Dll/8cGS/5WGVayqIqmu8LvR2CdOQFCOaWZhY5VXjyOczF3fWTXZ09f1lLHqUdyFSXc7DqzWjEUTemzHHIl+fu9QmbDrerEzfCULGpYZFwyfcLc2yHSKb+zi+3TbK//pPv3zen+7eA/NykKlGkagRyKR65Ij25fmiwFtTUQMxyEgabezYd1EV9PuTiNP7eJQTXwppVZnK/aYUS8x7VAzG/8UF30CtLU1S91YqRTFkvFHtOHs2ocHmlgChL4AUyn8fbIfZ3LSs53YD4TUqW6pXUHGndeHDEuXWB/26XoZF1hyRcSlMexHR1ScJSUs+GjeuWTFXsCMSthmWNJ1QvBF5bxHIbmTrKfyGv/aHAqWTNRAMmbOBq6BfLz9Cs3DtHnOaIPkhMwqJf3pFJv4lN5xyl5wl/9CkndJYUK/nuDrSJZOQSpWl+ciGgOL2HhO6Yvdn08A11VcdsDfX0IVhfg3YlQkPg/hrkIrCEGJk+Mc/4Kdf3IP0JVxKoffVXjeWdJbybwa2wnH95V0cRcvQEmDICkazuVbLz9kIUM4pemf8E3IUHD9xOrq4ALG0DQRb98HAx+k0NgEXXXcQ/ZTamKMtEe4IdtiNuhacWtrj2l/7mEYnAAIQEUKg35Pht/HGkICYcNYPnbVwiQI8WGBUv+TyCcpPLAPLxP7WoKLpnZPEOLjNYHukPH+GSxkaWdlc3Q9MTg1MDM3LHM9NjY4YzY5ODg3ZGE0NjRiMjY4ODM5NzdmOWJiMjY5NzdhYzgxNzY4Zjc3NzVhYWFmOWRhZjhlNjA3OGFhNzJhMDdmNzE2MzZhNzQ4OTcyNmQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Content-Type: text/plain
X-Robots-Tag: noindex
Content-Length: 1
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d14042920d4967187abd95d13b73190
746671a670bc4608c438234725af98e89c6d53f7
531d66aa307a4b253f539b8bd6bc083e04ba54d04bc572076b98d13c7a50c33c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 311
Cache-Control: max-age=132715
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:37 GMT
Etag: "63781fa1-117"
Expires: Mon, 21 Nov 2022 00:18:32 GMT
Last-Modified: Sat, 19 Nov 2022 00:13:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d14042920d4967187abd95d13b73190
746671a670bc4608c438234725af98e89c6d53f7
531d66aa307a4b253f539b8bd6bc083e04ba54d04bc572076b98d13c7a50c33c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 311
Cache-Control: max-age=132715
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:37 GMT
Etag: "63781fa1-117"
Expires: Mon, 21 Nov 2022 00:18:32 GMT
Last-Modified: Sat, 19 Nov 2022 00:13:21 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d14042920d4967187abd95d13b73190
746671a670bc4608c438234725af98e89c6d53f7
531d66aa307a4b253f539b8bd6bc083e04ba54d04bc572076b98d13c7a50c33c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 311
Cache-Control: max-age=132715
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:37 GMT
Etag: "63781fa1-117"
Expires: Mon, 21 Nov 2022 00:18:32 GMT
Last-Modified: Sat, 19 Nov 2022 00:13:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d14042920d4967187abd95d13b73190
746671a670bc4608c438234725af98e89c6d53f7
531d66aa307a4b253f539b8bd6bc083e04ba54d04bc572076b98d13c7a50c33c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=132404
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:37 GMT
Etag: "63781fa1-117"
Expires: Mon, 21 Nov 2022 00:13:21 GMT
Last-Modified: Sat, 19 Nov 2022 00:13:21 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d14042920d4967187abd95d13b73190
746671a670bc4608c438234725af98e89c6d53f7
531d66aa307a4b253f539b8bd6bc083e04ba54d04bc572076b98d13c7a50c33c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=132403
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:38 GMT
Etag: "63781fa1-117"
Expires: Mon, 21 Nov 2022 00:13:21 GMT
Last-Modified: Sat, 19 Nov 2022 00:13:21 GMT
Server: nginx
Content-Length: 279
www.nvshennv.bar/ad/newbbs/daohang.json
172.67.176.253200 OK 1.1 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/daohang.json
IP 172.67.176.253:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash b192bda2ba557ba5dbaba975316b52e5
03df38a307c313a34398684b24fbba4a74903de5
f567c960f45fa743c8819ab7bf98ca4f196cfdc319b4156a3930fe914267a825
GET /ad/newbbs/daohang.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Wed, 16 Nov 2022 11:57:21 GMT
vary: Accept-Encoding
etag: W/"6374d021-c57"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLnEWhqch2kjdX5lJN5vC710LyzTMv0hxVUJh9uDsTMKGQBxkwADie9T22i0t3hXfK1e%2FrOz%2F2%2Bx4Nxd6uXnIaX0J778jB5i21g0RSXAVfVKzhclUi7gfvUIGiXEp%2BruMGDk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f197ab4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1be08053f218e8243921b6d65c96ee76
646b89a0c35ffc58afb343934a4540dae8dce9bc
77a5665e1336e0b2d5be03d0d854424948236dd83792861eb5361e67781c707b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6197
Cache-Control: max-age=89256
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:38 GMT
Etag: "63775ee1-117"
Expires: Sun, 20 Nov 2022 12:14:14 GMT
Last-Modified: Fri, 18 Nov 2022 10:30:57 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
www.nvshennv.bar/ad/newbbs/gongju.json
172.67.176.253200 OK 21 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/gongju.json
IP 172.67.176.253:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash ce724b0d80478d043c2922f5ea0447cb
4b4af7c789a73bedd2e5ba4dac797b6bad03fdc2
8accfb7fbbb9677d8cd9f720fd95678c7d60b94990f16b0ce45cb4e4d8474ffb
GET /ad/newbbs/gongju.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Fri, 18 Nov 2022 16:00:36 GMT
vary: Accept-Encoding
etag: W/"6377ac24-70a"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPlr0LSf8xzD7Pa3qrEwi8W9935OVWXAaIaFrWUFZ%2Fc1A0BXd5Fv6EciMKL9QYLczrg6g89uzlfznHyhLYyEwRpiS%2B055ZdqTRZkqVkzoQ7P1aApTvVfubtBjWWDSGCy%2FJCl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f197bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dd18li.info/favicon.ico
45.60.242.42404 Not Found 167 B URL HTTP/1.1 www.dd18li.info/favicon.ico
IP 45.60.242.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash dda62703609bf90c9fdcaf6bc498e875
010e20ebd61e79a89a314eac1f0ebda31d44a03f
e9d2470c6ec9ea25b0aff432b3f72072651efb22798742dbe7dfd1b522f5fb16
GET /favicon.ico HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==; ___utmvc=5N5RSONRgx3zxTon4EuX2SRgcG2p/hANMenfogGTR+n1Ld0UOFqsi/awdGPbaCpiF+5kOvkCQAS3slXK6nEKSQ4tS+3ohkKcB2c1fXqoul5nIKlc15+b3zIv+0KzplkGbfE955GoX+Phqq6GorWxEDUZKA9AabhUK3/95FMD3kpQ2c27RhtFPzzaNxC0ztOWFFFZXtPS86WzKISjvAJitL62kQ+EUmVhz+lBBkrMTcm/3mDZhxsSoSCf+oIyskrTH7UktMfDDnNGdLcX/hxfqBHyys/UD4QByTzehMs0fbl28DpjBbzcGoB7Dfy6IEOIQiSoZk6MrgD9u5TKDwGk6mQlImuc7rp/Br2S5wATpCx0l11ZZv2udhXWqrMWrk4whbIX+BF/utt97y2/qcOX3nRG53ItWMxZXBWETAIIDcbf6IcvrYEKmRn0moqvX57CS1h1DGBUvlAqg9cFOYTaqRFMb3rX11fw/jxmnMoDATh9pXWobt9e9UHkWtaJ2dbiLn9/Op1Rt4RWTElbUbCJUSlDaj41lkAC0mAQI1eg6EKt356rZ3847pPpoqMNfzELvkX8QwLq6l2/T6KS557MN2u6y4PiXVgh5xpaQHOHvxV5a4FwqZj2jQ3FdihnjUpOkoK6N94DpQRzXCqI8WI3yueEEGiw/0Xs88iplGN6k1O7Ht35uLCLlgAf2KEglCGU03fUVOfeFvvOCLkwuvkQkWFKhvnQj7TSiur1zquyxomUsf1nEcMr1Mdx9NXmCPmyijdktuoAlO8FGN5kiU674hMrw+cpqlFTfhWyzJq+orybC1TEghh60kLgOeki95yAfhIQZjWeSpZhCF5upsAcY3c9Pn4eiLmlLKj1mIZ5AQplsv5qzRJHfLf7VKupSb1hlowWAqS7qY3fdx09dclw/kkpzzQHTShZIjwd+mVIMOD/HOoAewe7D5Fi7nZ7t9/ASqAwWGVlFVof8IoOTbZlHXMqEXTeMB54YEG5x2JMHtsmrqmd5s4nIp7LbxikXZKSt/JyutQMgoGN6lqyQDKPMuhSSLk92QoD05U2CxU+j1xUuYOzb8skD4WIcIIc6bLGQxc071YPO1Uo61WOQ7EHgkJsI35f66AA/BNQj9f+oghD7DqCN9vTeu61SD8gQAFMk4qWPQ92kXSbzWHEIDb6aCGRG8rXojJW0gToFM0jx7hLLKYSGfG/5Vp2smeiXX/w9ozAECIjWl2bY7hM6acqGULrCKAKPl34BpDFQyFv7myYAknd6/4Rf6j7F+FHQRTMbVXbJ8h3gryOc9sI4A6Wm5OtPMqNPfL8+ahkxOHnicZSLB5nn/kfF2KSWDHE9omRPEThCLFGWM+pQyGgG808sd+uT3j8OYH4vYdZXgGJMJRVnB6oxKKO0D4TX1YGBepcIdjtBrv5Z4ejuUa4em55YnTvgoEufKKlZeUuLGNUeXx+zF0EeyTF2ezcfKBOKHd2/+Ogv06WuBybkFOGTy9jnKCSxwrS+WvrhnG9hUBhcVqDd4s6+5WFpiGkS0F36f91crrYLTLWJi7cWHtf3WyAJvLmSHIi147pmnBYk+aeJ/mhcy8x/zimPdGbN5zRDnL7VbXr5Fq0QdEKwi3RbsgEciXaxYkRGDKEy9phMbCWN+wTRbY4ATn8G4grLIoKziotlh3ukejFRt8f5LiTyR21fh33dW6U9mtE63wvRam8Qym2Yomw0E/dM3kuUdlc3aEWUe5L7ZG8RziS8bSvuZq4im1CgrVIdRiVTKN3a9hySjs7Bktu5xTNSOkDllwqgUTqtC2Q6BIwbidRcwUhNKa0/MgPrKyog5LN0PvLzdJPznTWGqc+Y2gJRWiLk8d5Pie/dEZ5CuE0jFa8YSNPCBRN79RjIpBLWiVFuiz0lOCvWrcAQTR9Fio5cZj3zl/bwmAZLVdwgChbwUSGZyyA/42o6cIjLKiYknq9u/ucIKfoWFRVw5njfipBQXxHdxrLtg0baArE/RQjmyb5i97F9VU0c3JCPULptcLxX2rs6l79Dll/8cGS/5WGVayqIqmu8LvR2CdOQFCOaWZhY5VXjyOczF3fWTXZ09f1lLHqUdyFSXc7DqzWjEUTemzHHIl+fu9QmbDrerEzfCULGpYZFwyfcLc2yHSKb+zi+3TbK//pPv3zen+7eA/NykKlGkagRyKR65Ij25fmiwFtTUQMxyEgabezYd1EV9PuTiNP7eJQTXwppVZnK/aYUS8x7VAzG/8UF30CtLU1S91YqRTFkvFHtOHs2ocHmlgChL4AUyn8fbIfZ3LSs53YD4TUqW6pXUHGndeHDEuXWB/26XoZF1hyRcSlMexHR1ScJSUs+GjeuWTFXsCMSthmWNJ1QvBF5bxHIbmTrKfyGv/aHAqWTNRAMmbOBq6BfLz9Cs3DtHnOaIPkhMwqJf3pFJv4lN5xyl5wl/9CkndJYUK/nuDrSJZOQSpWl+ciGgOL2HhO6Yvdn08A11VcdsDfX0IVhfg3YlQkPg/hrkIrCEGJk+Mc/4Kdf3IP0JVxKoffVXjeWdJbybwa2wnH95V0cRcvQEmDICkazuVbLz9kIUM4pemf8E3IUHD9xOrq4ALG0DQRb98HAx+k0NgEXXXcQ/ZTamKMtEe4IdtiNuhacWtrj2l/7mEYnAAIQEUKg35Pht/HGkICYcNYPnbVwiQI8WGBUv+TyCcpPLAPLxP7WoKLpnZPEOLjNYHukPH+GSxkaWdlc3Q9MTg1MDM3LHM9NjY4YzY5ODg3ZGE0NjRiMjY4ODM5NzdmOWJiMjY5NzdhYzgxNzY4Zjc3NzVhYWFmOWRhZjhlNjA3OGFhNzJhMDdmNzE2MzZhNzQ4OTcyNmQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 19 Nov 2022 11:26:38 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
X-Powered-By: Lua 5.4.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie: ___utmvc=a; Max-Age=0; path=/; expires=Wed, 09 Nov 2022 22:09:07 GMT
X-CDN: Imperva
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Iinfo: 7-23235362-23235363 SNYN RT(1668857196691 1600) q(0 0 0 -1) r(2 2) U11
www.dd18li.info/index_files/app01.png
45.60.242.42200 OK 27 kB URL HTTP/1.1 www.dd18li.info/index_files/app01.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 124df08949f6659f0b3def32991b03b0
ac1148ccbe684ed9fd4eabbfe7a1fd2034f7a9f9
211b7174fa857bdb23c5b31e715811e059d763ccdbbf92f5d9f38136135723ad
GET /index_files/app01.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-6c6b"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 26803
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 7-23235362-23230424 2CNN RT(1668857196691 1811) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/app03.png
45.60.242.42200 OK 20 kB URL HTTP/1.1 www.dd18li.info/index_files/app03.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c11fb23b3ca6e1721e4ad2e3d8b27ce
c25235a025b5d4a10d52f6d95cadae93e723311c
1f07dfb2689c841959d0b3655a332cebf3594bfb5dec86101fa87fd9157d18fe
GET /index_files/app03.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-50c3"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 20505
Cache-Control: max-age=13745, public
Expires: Sat, 19 Nov 2022 15:15:43 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 6-12223678-12221108 2CNN RT(1668857197540 969) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/app6.png
45.60.242.42200 OK 9.8 kB URL HTTP/1.1 www.dd18li.info/index_files/app6.png
IP 45.60.242.42:0
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash a03376bf1e4915be0aea850f40cdbdc5
18ba00b8633de40c84322b55b1a4d8343f2e9e7f
1ccb8eda8c3ad5127060677dd29e3918a6fed33b8b72643b7d9e8abb50339ddd
GET /index_files/app6.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-261d"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 9757
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 6-12223677-12221092 2CNN RT(1668857197538 977) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/app04.png
45.60.242.42200 OK 17 kB URL HTTP/1.1 www.dd18li.info/index_files/app04.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ca8f2958a8383f0caa92c535a05b8f3
232dede1d500154b4e08e26a3ef45b54b37391df
1b2760ccf7eb6093bcd2d6b05b75722467123fb31b91828d7c6356299f1e8e73
GET /index_files/app04.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-4249"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 16745
Cache-Control: max-age=13745, public
Expires: Sat, 19 Nov 2022 15:15:43 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 7-23235408-23229803 2CNN RT(1668857197540 970) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/120120.jpg
45.60.242.42200 OK 17 kB URL HTTP/1.1 www.dd18li.info/index_files/120120.jpg
IP 45.60.242.42:0
File type JPEG image data, baseline, precision 8, 120x120, components 3\012- data
Hash f769f1e760d766ad05d90317df0853f2
d144c1bc7736aeae2950f1ebbf626b5f48e0c3ae
40667233d0fe9eb60b3571b3192cdf9a401823c65a7145c564c5d296b5f8614b
GET /index_files/120120.jpg HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-4761"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/jpeg
Content-Length: 17356
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 13-49144807-49140359 2CNN RT(1668857197541 973) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/app7.png
45.60.242.42200 OK 20 kB URL HTTP/1.1 www.dd18li.info/index_files/app7.png
IP 45.60.242.42:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash f588c673287ae4378ff9b844e6cf33ea
a26facb80158d8638476202ede30d254c46a8630
5125601193975ba569f218e68d97e84159ef2e81b8e88e9be444708f18a8da04
GET /index_files/app7.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-5023"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 20515
Cache-Control: max-age=13745, public
Expires: Sat, 19 Nov 2022 15:15:43 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 7-23235362-23229803 2CNN RT(1668857196691 1861) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/app8.png
45.60.242.42200 OK 4.2 kB URL HTTP/1.1 www.dd18li.info/index_files/app8.png
IP 45.60.242.42:0
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 2ee737b3c06654b846cfc6aec713e2ee
9b74bc541bbdc7ab1d3f25affc87bce25ecec297
249d5170aa3417bb6a161471e41e65eb258bdf0eab4c72b9c3cfc9d7f6346e59
GET /index_files/app8.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-1089"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 4233
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 6-12223678-12223572 2CNN RT(1668857197540 1014) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/98t.png
45.60.242.42200 OK 7.0 kB URL HTTP/1.1 www.dd18li.info/index_files/98t.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash be4b282b3fcec6d031546f55f771296e
4adf8d684e4d184aacc93236d098e69e69e2d27b
f5fd8213d58e92bf8048e4156d7dfb86ab60f8faeb03bbb68e282a03d461bee6
GET /index_files/98t.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-1b31"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 6961
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 7-23235362-23227757 2CNN RT(1668857196691 1917) q(0 0 0 -1) r(0 0)
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 25eacd94ffeef9feff22b4a589c85d33
d91deaffb665513a7e21ccd44e117cc812151dbf
207ff8b76283964e234f11773f2bc29c8b978b7c3e4ddf01cd49a8d92dacbebf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "207FF8B76283964E234F11773F2BC29C8B978B7C3E4DDF01CD49A8D92DACBEBF"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18245
Expires: Sat, 19 Nov 2022 16:30:43 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 25eacd94ffeef9feff22b4a589c85d33
d91deaffb665513a7e21ccd44e117cc812151dbf
207ff8b76283964e234f11773f2bc29c8b978b7c3e4ddf01cd49a8d92dacbebf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "207FF8B76283964E234F11773F2BC29C8B978B7C3E4DDF01CD49A8D92DACBEBF"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18245
Expires: Sat, 19 Nov 2022 16:30:43 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 25eacd94ffeef9feff22b4a589c85d33
d91deaffb665513a7e21ccd44e117cc812151dbf
207ff8b76283964e234f11773f2bc29c8b978b7c3e4ddf01cd49a8d92dacbebf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "207FF8B76283964E234F11773F2BC29C8B978B7C3E4DDF01CD49A8D92DACBEBF"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18245
Expires: Sat, 19 Nov 2022 16:30:43 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 25eacd94ffeef9feff22b4a589c85d33
d91deaffb665513a7e21ccd44e117cc812151dbf
207ff8b76283964e234f11773f2bc29c8b978b7c3e4ddf01cd49a8d92dacbebf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "207FF8B76283964E234F11773F2BC29C8B978B7C3E4DDF01CD49A8D92DACBEBF"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18245
Expires: Sat, 19 Nov 2022 16:30:43 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 25eacd94ffeef9feff22b4a589c85d33
d91deaffb665513a7e21ccd44e117cc812151dbf
207ff8b76283964e234f11773f2bc29c8b978b7c3e4ddf01cd49a8d92dacbebf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "207FF8B76283964E234F11773F2BC29C8B978B7C3E4DDF01CD49A8D92DACBEBF"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18245
Expires: Sat, 19 Nov 2022 16:30:43 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
Connection: keep-alive
images.chemboweix.life/a04aa97ca58acb171e776fceca7a7ff1.png
172.67.7.162200 OK 7.8 kB URL HTTP/2 images.chemboweix.life/a04aa97ca58acb171e776fceca7a7ff1.png
IP 172.67.7.162:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 99c37c2d3dcd6b460311a2ee1e008233
f158ea164c87ce2b5a4eecbaf1cc5f8398e2db54
44ec35d8618d1459d56d18cb3083d1dadb817b4751c569737396f1539b55ae1b
GET /a04aa97ca58acb171e776fceca7a7ff1.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/png
content-length: 7769
etag: 99c37c2d3dcd6b460311a2ee1e008233
cache-control: max-age=7776000
cf-cache-status: HIT
age: 923110
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSbII942eMFzeSwpEEOW12oj1CIY%2FgkprSyS2KjdYnuXcvfeCy%2B2ZvucZvmaJ6rTdkskY%2FRhDAtVHu67sG1Rh6NQT89GgLQgE%2B7wmJE523HH5r%2FYHuebt%2F1%2F7j7P%2BuLJuYhnyF%2BmhiWU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897940e3bb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/shipin.json
172.67.176.253200 OK 4.7 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/shipin.json
IP 172.67.176.253:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash eef94a54f37ad519ba5081c7956d6109
30d43ed4cb40606ef2d9a966c4ee4961d765c0d3
2e5f9db638b9d8fac5a65ff41e7ba61b469a2b9b2689dd46f4765d45b53bc7d3
GET /ad/newbbs/shipin.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Thu, 17 Nov 2022 01:57:05 GMT
vary: Accept-Encoding
etag: W/"637594f1-1154"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taQgTwWOoPJrA9Ol%2BCszvyD6NTH2QK%2FqjCoRym1ymHuCumg0NnLjVNrJEm3oOiO%2BXeWUOlox%2Bm%2FP%2FGngjRlVh%2FVyqUaMmOPF%2B50OS61vwF1pnGCFlFXjSTEBpU%2B8LyLRHTSs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f1977b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/jiaoyou.json
172.67.176.253200 OK 18 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/jiaoyou.json
IP 172.67.176.253:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 0cc2a1bb3191da39b5e54c8aa7b9643e
c20275e061a69c4fad5699e760d68bb319535a44
756905ec385f7c746df4439a821acfb27007753aefdaf7a2b6eb7910578848af
GET /ad/newbbs/jiaoyou.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Thu, 17 Nov 2022 02:12:37 GMT
vary: Accept-Encoding
etag: W/"63759895-a6a"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4tH%2BM0BZ5lwTMvAhefAAdjU2rgxnXTFO22vBuq4CcVhLp1HO8ugR5YrdcQr1AXSuyMqc4zCoFHm2VNbgYvI4stlHplpA10qmwSJdJZ6EAA068VeUQYeTdRLneuaLBVBEOKJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f2987b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/86e8f7e13226eb2cdf6e3bad5ba1f769.png
172.67.7.162200 OK 1.9 kB URL HTTP/2 images.chemboweix.life/86e8f7e13226eb2cdf6e3bad5ba1f769.png
IP 172.67.7.162:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 65x65, components 3\012- data
Hash 756ca24fcd37038db9780f89042bf50e
94964e66b22e2a0c06d0c68256b186fa068509ce
8aa57eef4451b20e7793eb318d767562414badc5d74ef005d6169b2d9264b89a
GET /86e8f7e13226eb2cdf6e3bad5ba1f769.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/png
content-length: 1935
etag: 756ca24fcd37038db9780f89042bf50e
cache-control: max-age=7776000
cf-cache-status: HIT
age: 155038
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPrXtQuKJrZ5ttVCnzXKPepBgKofCr55gtnE%2BQlkrVMvImw%2FNnceFUrDWcaalN%2BnP7SXIdfjbayJBmHpb85cKWmcB3JPGg%2FZ0iGARizyzzABE0Ks2TVu8D%2BVWb3H%2Fr1havtVxJgwwlDO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897940e43b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dd18li.info/index_files/91ts.png
45.60.242.42200 OK 7.2 kB URL HTTP/1.1 www.dd18li.info/index_files/91ts.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash d87509de519afa65518d9bd9a7edaf0f
4a0c8a188b63042ee0a178a973b27219eb72cbe8
31b7025b77041ff1075734d200b9373cc2190318c478a6c8d152e55fdc14452d
GET /index_files/91ts.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-1c15"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 7189
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 7-23235362-23229803 2CNN RT(1668857196691 1997) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/91zpc.png
45.60.242.42200 OK 7.2 kB URL HTTP/1.1 www.dd18li.info/index_files/91zpc.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash c08a4f5a6ce0f4cb57417f1004633210
ae1ad2fb526617909100d41dc462fb598c76aff8
7f1401e7fc12ea1b1eddab30151ff5946e2f1d89f1b0904f539205abf8147a1e
GET /index_files/91zpc.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-1c33"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 7219
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 6-12223677-12223572 2CNN RT(1668857197538 1156) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/91p.png
45.60.242.42200 OK 3.9 kB URL HTTP/1.1 www.dd18li.info/index_files/91p.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash e9826472a4b5997f08ee6e55c18bca46
60f02039d74175876bc5837f155af43173ab4ccb
f3f12b7a7a7ec147b5cbba9788a1f641255d302a1e3b0139fcd88b3c564247b9
GET /index_files/91p.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-f3c"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 3900
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 7-23235408-23227757 2CNN RT(1668857197540 1154) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/mado.png
45.60.242.42200 OK 5.5 kB URL HTTP/1.1 www.dd18li.info/index_files/mado.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 3758237c06c0ca13580a27b29667cb46
a3ccecc046056203a9de00ba839f04345d19f04b
e2b8d119088d392a9b4b11fd1ce3ab686844f67755f65b099fc987d488dfa868
GET /index_files/mado.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-1558"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 5464
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 6-12223678-12221108 2CNN RT(1668857197540 1152) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/lsj.png
45.60.242.42200 OK 6.0 kB URL HTTP/1.1 www.dd18li.info/index_files/lsj.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 76b420b82bd8877a09182af47c3cad47
8f8586fb133ef2e08a053c6d3e3680b4c36f1f12
3f4c590b933d0608646144c1a3557038fa4eb7986ad3d061be4825cc6c440e9e
GET /index_files/lsj.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-17a1"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 6049
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 13-49144807-49139680 2CNN RT(1668857197541 1152) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/jiankang.png
45.60.242.42200 OK 3.4 kB URL HTTP/1.1 www.dd18li.info/index_files/jiankang.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash f5e117504ca8bedd872983fb9f75b936
b368c04891725de0bca21b2601b0eb45426b6d22
c2b75a088547dbe60dee7d455ec51842ded2a0bf06c48926fa36d71016f8d393
GET /index_files/jiankang.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-d55"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 3413
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 7-23235409-23232755 2CNN RT(1668857197542 1154) q(0 0 0 -1) r(0 0)
images.chemboweix.life/4eb76cb9a7e8ac47161180707abc8d45.jpg
172.67.7.162200 OK 8.1 kB URL HTTP/2 images.chemboweix.life/4eb76cb9a7e8ac47161180707abc8d45.jpg
IP 172.67.7.162:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 320x320, components 3\012- data
Hash 7ceb12db40478d08c4fa6cb3e9326bc4
fadae445ad7c4f38ad3e31da39b03a6e0ce40871
984587c929853b85200570c56565333a819225a0cf39c1ec2343005284ba5775
GET /4eb76cb9a7e8ac47161180707abc8d45.jpg HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/jpeg
content-length: 8063
etag: 7ceb12db40478d08c4fa6cb3e9326bc4
cache-control: max-age=7776000
cf-cache-status: HIT
age: 900597
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsxS8uafmbskfyHfilehyH8FCgxfX1Uuz0vyqu64ciJ9CF199plglpP1j74stek8U2N927yG8A8qAfw1m1q9F7dEKOlOl7JgYaCVQUn4j76Wz919wcLXjl1hZArutUMmbO4O6J5sZSxs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897940e45b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/ab1c5a38c7a9f187b27ed72b708d8ce8.png
172.67.7.162200 OK 1.8 kB URL HTTP/2 images.chemboweix.life/ab1c5a38c7a9f187b27ed72b708d8ce8.png
IP 172.67.7.162:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 65x65, components 3\012- data
Hash ddc149933a59e1c65eb007885ff86953
b8caa07b1d8325667088efcba9f51e03e1e318c3
26c950080d88e888c4bd5eab3e5e6399838abfb30fb36c7b4ad7edd44d5fb5a8
GET /ab1c5a38c7a9f187b27ed72b708d8ce8.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/png
content-length: 1844
etag: ddc149933a59e1c65eb007885ff86953
cache-control: max-age=7776000
cf-cache-status: HIT
age: 380362
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrTV2daJu%2BhD1PdLhZuaNPc4Qz9HC6t50xZEa2Y5w7fnO3wIFc2%2FKNkg5T5VFubZ%2FJaUJJeoyZWWkuNLabQBTKNYi1z43Ty1fR2LyCtkZ21cCU3a2UYbnIBX3i%2BpYvK2yIx4y3yljYKb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897940e44b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/d044a255bdc0319f8633ff0bee6e01c9.jpg
172.67.7.162200 OK 4.2 kB URL HTTP/2 images.chemboweix.life/d044a255bdc0319f8633ff0bee6e01c9.jpg
IP 172.67.7.162:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash a41cf9de1e70c7105dfd7e3ccc4ed159
2b427b651beb774ed3c17eb3dd81276ceb40cec5
d348d650894c92ac12a07baa48b9f5ccdfe8bb98c47dda77f4ead2a70c430275
GET /d044a255bdc0319f8633ff0bee6e01c9.jpg HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/jpeg
content-length: 4248
etag: a41cf9de1e70c7105dfd7e3ccc4ed159
cache-control: max-age=7776000
cf-cache-status: HIT
age: 380362
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbZsa3Fvs19dkLbbO1uiRQdZnI5Jv%2FHjpmU2VdFf5Dgcy1OzDtb78jeM8W54Ue2rCS%2BONW2SOz%2BnH8TcAy%2Bt2EAi1YPSNviGp8iClt8foSoxoJVNN8TpWo%2FHUJ8wc2C%2F8nJuWgydsgDD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897941e4fb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/b10fe6669ebe1408077ac3192ae921a9.png
172.67.7.162200 OK 1.5 kB URL HTTP/2 images.chemboweix.life/b10fe6669ebe1408077ac3192ae921a9.png
IP 172.67.7.162:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 65x65, components 3\012- data
Hash fdf191ade0fbf33fe1ae83ace2dff29c
99ec91ac91c5882980ebb7bb1a05ebbcf56de38c
5f5cc4656e929c4e2ff50c724263662ec8a5a92a4c7b298d394a8d0467b038f1
GET /b10fe6669ebe1408077ac3192ae921a9.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/png
content-length: 1497
etag: fdf191ade0fbf33fe1ae83ace2dff29c
cache-control: max-age=7776000
cf-cache-status: HIT
age: 923110
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRB9Va1lSOir2YTK1Z9CAX4hSL0ACDyMcTdh3R%2BuFP3c21tC3FJ4yZXHO%2FUJ%2BelLFbyv7b2mrgwEYpzs2yD0XBMFUaor%2Fp5IgoDNvusaYHxY9rx2ZTqtZf4WAjQq938GK5t1Asoo7O%2FG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897941e59b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/fe2cda08217baf263e3ec0213a8b27f3.png
172.67.7.162200 OK 2.0 kB URL HTTP/2 images.chemboweix.life/fe2cda08217baf263e3ec0213a8b27f3.png
IP 172.67.7.162:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 60x60, components 3\012- data
Hash 30cad6f833299fbfe7bc111efeb71b99
9e36ae5aab5d384d4d0594eb21633d117f0c56aa
c0a8bfc7a7f1828210a72e9244de4e5193bff0b72135d7819bdfa7137819d571
GET /fe2cda08217baf263e3ec0213a8b27f3.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/png
content-length: 1952
etag: 30cad6f833299fbfe7bc111efeb71b99
cache-control: max-age=7776000
cf-cache-status: HIT
age: 923112
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxUb44G4ieptt9dxVgsrKcDTkn%2FIUHVW88Gbz6kq%2FtYDOOEkRX6SNGRiTcw2dBHILJiTHcD3M6ynyg%2Fz11KQwNeUPTWq1P0qpL9QQB5B1aNXuG3UXDibCJ0TIenW6A6T3bXjMLKrOq0b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897941e5bb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/29f988712cabdf5a4ee1cc622f61ef49.png
172.67.7.162200 OK 1.6 kB URL HTTP/2 images.chemboweix.life/29f988712cabdf5a4ee1cc622f61ef49.png
IP 172.67.7.162:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 65x65, components 3\012- data
Hash 95ca2704cbbb8c06316bc8ea2466c5a1
c4e8cf0ef9cfa64329060381179987f5cc18dfdb
296515563fe50b0df09f9b39bde663e21ed3e8e872cccc403aff5de45ab4520c
GET /29f988712cabdf5a4ee1cc622f61ef49.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/png
content-length: 1621
etag: 95ca2704cbbb8c06316bc8ea2466c5a1
cache-control: max-age=7776000
cf-cache-status: HIT
age: 189975
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qvsl3bE8JEIIw38qx7fhNIc9pkbtkwn5ibRjv83bn2vF%2BZYGJUBgBtcySNGFznNt0TqDgUwWADv0XfVxsmSUZhKI%2BK1ZuEC%2B%2B2f9yOZOwmT02ViuaQPT71%2B8YO0Wy5%2BjnlgNRV0sIK9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897941e52b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dd18li.info/index_files/xhp.png
45.60.242.42200 OK 9.5 kB URL HTTP/1.1 www.dd18li.info/index_files/xhp.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 5193ab1659143f878d674cf504bff622
f85ee2c78c9d5027a425faed7db7326d4b86e497
0660a08979751705fce9a38b7501654bd03311fda8ed76651b414f92afd1aa02
GET /index_files/xhp.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-2510"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 9488
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 13-49144807-49139680 2CNN RT(1668857197541 1172) q(0 0 0 -1) r(0 0)
www.nvshennv.bar/ad/newbbs/tuijian.json
172.67.176.253200 OK 4.1 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/tuijian.json
IP 172.67.176.253:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash b9fe85e0fd94845c7fb3f96a591676f8
7204498aa8a5ed23d6a4d4eeaf1e0d03995abcf3
149a43d89631e6e8b776bf455a02adf3c7d5357843adf14019b02ddc5cb4b29e
GET /ad/newbbs/tuijian.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Thu, 17 Nov 2022 07:50:32 GMT
vary: Accept-Encoding
etag: W/"6375e7c8-d50"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KcGu3fcJ%2FfAVFM9O4032QTEAD3%2FwjIDydr6h7FdeVtift6nhuDJiSD1OG8iKE1vXLROfcGleoY8LWVDcwSwG76U68oU3cfVlfPkt9Hl%2B3wsQ5uWPQXh3yn5uhMQrjvDFfa0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f2988b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dd18li.info/index_files/xqsp.png
45.60.242.42200 OK 5.4 kB URL HTTP/1.1 www.dd18li.info/index_files/xqsp.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 42504bcf3f08e6455d008ee29ae39ad8
d967134f5d2c4f4b387bf2befab93e0a37c2d33a
d5110a2bb0350089aeab0bc164f462900bd72d57f8557615c6383aa802fa3459
GET /index_files/xqsp.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-14f1"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 5361
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 6-12223677-12221108 2CNN RT(1668857197538 1175) q(0 0 0 -1) r(0 0)
images.chemboweix.life/5835e68aa13e05e23012f3d756b8bf73.gif
172.67.7.162200 OK 350 kB URL HTTP/2 images.chemboweix.life/5835e68aa13e05e23012f3d756b8bf73.gif
IP 172.67.7.162:0
File type GIF image data, version 89a, 400 x 400\012- data
Size 350 kB (350433 bytes)
Hash 5835e68aa13e05e23012f3d756b8bf73
1336f568e348a3d8fc437e06afafc368478237e3
5b792e635ba084f6a702ce58c9d700595b73b3130c6fd28673b365b1e219d186
GET /5835e68aa13e05e23012f3d756b8bf73.gif HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/gif
content-length: 350433
etag: 5835e68aa13e05e23012f3d756b8bf73
cache-control: max-age=7776000
cf-cache-status: HIT
age: 217983
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHhZfal6OhcvUpC0v9VJgZbCBHxVb9P1bXUWjmnif3sDIkLkAvYfqimkDGtsnoLP%2BkFp9%2FinxMaX9z%2BcS8Ok%2FFlYt8RtHQVdxp3mDTD1On9oREos7XucmPH%2FT8rsffvKl0qrwpK9DQGA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897940e42b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dd18li.info/index_files/495.png
45.60.242.42200 OK 8.2 kB URL HTTP/1.1 www.dd18li.info/index_files/495.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 1b97775b4ee8d07b49413d72ae91686d
c316504636d6fe95faa591dba37011fe5705eb91
4df1866add4ee36a7ca15938fe4c29d1ca08807fc6882a57c0b502491027e11e
GET /index_files/495.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-1fef"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 8175
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 7-23235362-23229803 2CNN RT(1668857196691 2022) q(0 0 0 -1) r(0 0)
www.dd18li.info/index_files/yinghan.png
45.60.242.42200 OK 4.7 kB URL HTTP/1.1 www.dd18li.info/index_files/yinghan.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash f502800ef2257b3628d4bcd901e18be4
f70ebf12fd94e41c40100bdc217118f808d6c6b8
2aa04eee1eff69da1c33abcd535a60d42f0494e375b4fc5d31dfbd1d2a331ca3
GET /index_files/yinghan.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-123f"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 4671
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 7-23235408-23235499 2CNN RT(1668857197540 1174) q(0 0 0 -1) r(0 0)
www.nvshennv.bar/ad/newbbs/app.json
172.67.176.253200 OK 6.4 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/app.json
IP 172.67.176.253:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 3df340d3206e4de2fbbdd9d675a911d9
7087537fcbf76e08342e3f484a0fa8c032ae18d1
0b693ec59660dd8aafaf8fafcdb12b1847f6e5ead16942f815ff713525032056
GET /ad/newbbs/app.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Thu, 17 Nov 2022 07:49:30 GMT
vary: Accept-Encoding
etag: W/"6375e78a-155f"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkC18YApUkOFY8hvNnXTbyNaOMDzmTNswNXuqxc%2Ff6BATSvO7rzoAhkt3wmH9A4uEv1LA4aNJDgET%2B4GPyYG7kfxzY19GlejnJzmVwGU8rNaZmL2tTajRKoDQI%2FFu4Av13gQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978fca65b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/tips.json
172.67.176.253200 OK 4.4 kB URL HTTP/2 www.nvshennv.bar/ad/newbbs/tips.json
IP 172.67.176.253:0
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 840af116a13a9e477c1578b074800d81
98c375370e2ec1e281162bbcfd371f05825f076e
76802c30959c77e41d728fd36fa42e1b3beede5e5512bff22cd0e19572702ec2
GET /ad/newbbs/tips.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Thu, 03 Nov 2022 03:15:16 GMT
etag: W/"63633244-223"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOWFxAcWtkSsao0zP%2BDBUHUCtdmzehMv%2FFq0k8cbVq8oBNWljmYXua1hvAC79%2BJPHcNjV50zksh0T%2BFAxbY4hjyyN9S06sIryB3Rm2oGFzfrfoctF%2FCVh2brGOHHpXZXMmMS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c897902accb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 25eacd94ffeef9feff22b4a589c85d33
d91deaffb665513a7e21ccd44e117cc812151dbf
207ff8b76283964e234f11773f2bc29c8b978b7c3e4ddf01cd49a8d92dacbebf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "207FF8B76283964E234F11773F2BC29C8B978B7C3E4DDF01CD49A8D92DACBEBF"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18245
Expires: Sat, 19 Nov 2022 16:30:43 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
Connection: keep-alive
images.chemboweix.life/31227508629937ea86f9516d332c5ba1.gif
172.67.7.162200 OK 4.4 kB URL HTTP/2 images.chemboweix.life/31227508629937ea86f9516d332c5ba1.gif
IP 172.67.7.162:0
File type GIF image data, version 89a, 120 x 120\012- data
Hash 31227508629937ea86f9516d332c5ba1
d9bbc15bc9b5c7c0041eb03d19202337209f424b
70835544d1a82833fcf9a7927ffa7a10626e9575281b08d8317c06260c6a886e
GET /31227508629937ea86f9516d332c5ba1.gif HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/gif
content-length: 4412
etag: 31227508629937ea86f9516d332c5ba1
cache-control: max-age=7776000
cf-cache-status: HIT
age: 217983
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYl8tmX2DGDsvCyhOLNekV0qYUFBxa0Y3P9zc%2BZ4AxO3E0y8rXPZiE3jw0lKXljDdzp%2FB9KOM4dPZhJ7L%2B1OSsU2RdUbt7QjxKwGqqiqWEjZW%2BUKlWHEW%2B%2FnWqTdFd5BXbHA0xgHIvjz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897944e7fb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.chemboweix.life/8ff0cd4ed4b9605f79517dab26f07944.png
172.67.7.162200 OK 4.6 kB URL HTTP/2 images.chemboweix.life/8ff0cd4ed4b9605f79517dab26f07944.png
IP 172.67.7.162:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 160x160, components 3\012- data
Hash e90b78628c40606b9459df190d83efd9
d519ca62b54b210c9ed6ebd28c30b6ed8bd0f501
b7ee351a52d96f9297457df33ca32f620f18e44fa1c1f9d1e0ecc446b222e246
GET /8ff0cd4ed4b9605f79517dab26f07944.png HTTP/1.1
Host: images.chemboweix.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: image/png
content-length: 4637
etag: e90b78628c40606b9459df190d83efd9
cache-control: max-age=7776000
cf-cache-status: HIT
age: 380362
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ED8iEmBVddS43npE0DSrVVF5jzxvqkPOsZAIxxaOgobHuKK4I%2FOGAoGu6zQVRpYhtt68up7ny4gRON9LcdnlHyPA336W6S86L8nIFVKDpcbXGrlaQFJtIKpU%2BXFpOQ0X2wWUENChwG47"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c897944e81b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.dd18li.info/index_files/sex8.png
45.60.242.42200 OK 159 kB URL HTTP/1.1 www.dd18li.info/index_files/sex8.png
IP 45.60.242.42:0
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size 159 kB (159082 bytes)
Hash 32648961fd83a9710e67dc074b88a09f
2100f01aec3dc755c97f2dabdd7275b516444b2d
712ec0daf34c4d6b6189fd1ca2a1134fc83b7b143d5672452693995cd04ec291
GET /index_files/sex8.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-3df7d"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 159082
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:42 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
X-CDN: Imperva
X-Iinfo: 7-23235409-23232755 2CNN RT(1668857197542 1174) q(0 0 0 -1) r(0 0)
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1be08053f218e8243921b6d65c96ee76
646b89a0c35ffc58afb343934a4540dae8dce9bc
77a5665e1336e0b2d5be03d0d854424948236dd83792861eb5361e67781c707b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6197
Cache-Control: max-age=89256
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:26:38 GMT
Etag: "63775ee1-117"
Expires: Sun, 20 Nov 2022 12:14:14 GMT
Last-Modified: Fri, 18 Nov 2022 10:30:57 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5392
Expires: Sat, 19 Nov 2022 12:56:30 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5392
Expires: Sat, 19 Nov 2022 12:56:30 GMT
Date: Sat, 19 Nov 2022 11:26:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9472302a-1f5a-4747-8dae-6de1346c8e14.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9472302a-1f5a-4747-8dae-6de1346c8e14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b428c8fece61cb8500ff6f6152efcc0
2667b5a57a13817a95e2e82b0f96dc3456afca00
53403b823626d7cd0b88f33e924b55274c7283397075d074303faaf4eaafdc49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9472302a-1f5a-4747-8dae-6de1346c8e14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9235
x-amzn-requestid: 01e6ce53-df49-40c9-8002-4f063d085898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: beZlTE9oIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f3c88-6470fa1b7a9ad45e63fc485c;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 06:26:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1HrMFgOYkXaPg5VO1MRTQSNNf0JN9GL5PfLk-STEWg-1h01SmSs4wg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 12:39:59 GMT
age: 81999
etag: "2667b5a57a13817a95e2e82b0f96dc3456afca00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PYoD_MxycYfiNvyRlBnLWCcyqQK9sZi8y2ir1U9eCavNoAB-3oFcxg==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:43:53 GMT
age: 27765
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 49813
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cf981b1ea47b981c73aa1f291be4d8a
d18b869e1940841e9b03f66f5608e381f1727b37
3352a04b9596b594aeb5de3dc70047196a830e3ca79babf7c1b72ff1103b2d26
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7754
x-amzn-requestid: 2c21447c-03bb-4e50-9eeb-a8ae86c0d204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRmFuiIAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa70-7a7e65fc5d443a1d70feb62b;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MFN-Yhp70fPLS4R_tVxEvzt-YQ7COwXaXrmifEfXfpiC0epJHSJq7w==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 49813
etag: "d18b869e1940841e9b03f66f5608e381f1727b37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11bb9d337001b4d155c63b05a0dd9945
14de1c48a2fe80b5947945c9ffa9630f03c5447a
8ee6d3a2f6dec36c49361ef855edeb170e92fbeff29d2ed77c7fd0cf44cfecf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9146
x-amzn-requestid: e42f040e-a2f9-4538-bbaf-f1e64719f424
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brsmpGr5oAMFsmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748e2a-15b03190049271db549b1770;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:15:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OjQm2RW65ZJDsUNay0untDwlufnFhXHwbpfAnCwEK3seEDiPIKrnfQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:00:02 GMT
age: 15996
etag: "14de1c48a2fe80b5947945c9ffa9630f03c5447a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53a83e17-462d-4d4f-8f42-f44460fc79a2.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53a83e17-462d-4d4f-8f42-f44460fc79a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50a8727077dd86072a07bd2077c252a8
0e2df523714ca147a69465f3ad4867a33314acb2
9fd12b1e80aa231ffd709c05edda762a4c63d0c70010fb62efdf21c73e657459
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53a83e17-462d-4d4f-8f42-f44460fc79a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7445
x-amzn-requestid: 10c0e6f1-9264-49a0-93b1-16f291edb643
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bu9_nGVwIAMFlKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375dd30-42e9fc0207225de072a699c6;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 07:05:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qCvIW2IsCq9sLUWmSTXQOrBC61C1rL7qmSoTn1IHuaXrOzg-bM9NJQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:06:53 GMT
age: 15585
etag: "0e2df523714ca147a69465f3ad4867a33314acb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.dd18li.info/index_files/jjtv.png
45.60.242.42200 OK 10 kB URL HTTP/1.1 www.dd18li.info/index_files/jjtv.png
IP 45.60.242.42:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 0f98f834688f612e5b6cb3becb952479
06cd49f49dced1a5beda728c169debf0ca3dfc7f
46e2fee953b586ab8ca2a356f7335f65b90021e0ec984b8cc8b4e6dbb4d0c7e5
GET /index_files/jjtv.png HTTP/1.1
Host: www.dd18li.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.dd18li.info/
Connection: keep-alive
Cookie: visid_incap_2779530=gIDVXHhsSHySfT9j2hUNbWy9eGMAAAAAQUIPAAAAAAD469tnrf0iVoeWN+wEqtkR; nlbi_2779530=R6EaAoQ+kkCXyZeh93GWGAAAAADLOE/s+ZgsTowMnJXtxg2/; incap_ses_275_2779530=B96iEP6n/V50D3tklP/QA229eGMAAAAA26WwvvdZZVB+cYu3fTt4Pw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Etag: "6369b895-26ea"
Last-Modified: Tue, 08 Nov 2022 02:01:57 GMT
Content-Type: image/png
Content-Length: 9962
Cache-Control: max-age=13744, public
Expires: Sat, 19 Nov 2022 15:15:43 GMT
Date: Sat, 19 Nov 2022 11:26:39 GMT
X-CDN: Imperva
X-Iinfo: 6-12223678-12216256 2CNN RT(1668857197540 1175) q(0 0 0 -1) r(3 3)
cdn.inspectlet.com/inspectlet.js?wid=1109673675&r=463571
104.22.56.245200 OK 0 B URL HTTP/2 cdn.inspectlet.com/inspectlet.js?wid=1109673675&r=463571
IP 104.22.56.245:0
GET /inspectlet.js?wid=1109673675&r=463571 HTTP/1.1
Host: cdn.inspectlet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: text/javascript;charset=UTF-8
cache-control: s-maxage=60, max-age=14400
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Sat, 19 Nov 2022 11:26:38 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89791be60b506-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/good.json
172.67.176.253200 OK 0 B URL HTTP/2 www.nvshennv.bar/ad/newbbs/good.json
IP 172.67.176.253:0
GET /ad/newbbs/good.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Wed, 16 Nov 2022 07:56:20 GMT
vary: Accept-Encoding
etag: W/"637497a4-47a"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sq25QGrIMdhS1ElpjOByCCQo0QZ6iuXuJEIzHOKsUeWY2n2TOfe%2BHGFJsis0BEBYkbqQJgmMtmd0%2BNrR%2F9jBBjV5cKTnoNbPTAIzeBy4pqbTUSGGLc27M0dAvBLEmRU4OtPR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f2984b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/zhongzi.json
172.67.176.253200 OK 0 B URL HTTP/2 www.nvshennv.bar/ad/newbbs/zhongzi.json
IP 172.67.176.253:0
GET /ad/newbbs/zhongzi.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Wed, 16 Nov 2022 11:59:44 GMT
vary: Accept-Encoding
etag: W/"6374d0b0-5f0"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cn2UryuN8Zc5ZoIE4J1qhtaQQg5lFlnpo6aLJPfslTGKzQUHOaKGmo6abiw4H%2B%2FfmRYkfzAKbmjkedVNQJ9%2FU5t3vCEY5Jq7aZ%2BpCjKmd7AupSqP9GInJ9LImiNDcz2RUxdY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f197cb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/zhainan.json
172.67.176.253200 OK 0 B URL HTTP/2 www.nvshennv.bar/ad/newbbs/zhainan.json
IP 172.67.176.253:0
GET /ad/newbbs/zhainan.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Thu, 17 Nov 2022 01:58:28 GMT
vary: Accept-Encoding
etag: W/"63759544-cf0"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hF2coXzSq8lTTKa5HMFuxF5B724DyNm6wqNhg%2FYdBWeMk1OLp7YLP6pVnDKkx9KbOMRfZD%2B2SUd0nv29MFRWM4dnbXy3lEt%2BfmP0PKt8rL8ctmE0NC9OIsWuYDTunHxzFb3J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f1978b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/top100.json
172.67.176.253200 OK 0 B URL HTTP/2 www.nvshennv.bar/ad/newbbs/top100.json
IP 172.67.176.253:0
GET /ad/newbbs/top100.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Fri, 18 Nov 2022 11:33:56 GMT
vary: Accept-Encoding
etag: W/"63776da4-885"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeqrHQDcKEfYi%2FAen9%2FEwg5Kcjzyagau7Tx6ZtLtZOuKXkrxDVz7dwSqlsZOcOgXAhyhfx%2BKOihn05ZkWEx%2FNAEQ20%2FADLPhJ1dxPgz0KXSX4ZXNp7Ps1dK%2BnLHqY4Pyxc42"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f1979b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/pianshang.json
172.67.176.253200 OK 0 B URL HTTP/2 www.nvshennv.bar/ad/newbbs/pianshang.json
IP 172.67.176.253:0
GET /ad/newbbs/pianshang.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Mon, 14 Nov 2022 15:50:41 GMT
vary: Accept-Encoding
etag: W/"637263d1-610"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jN%2BFHAgPHRsFDyXfPhkj2LJIO85SaiUPeUdTbVxw5X9HxdZgDdfNdKHaqvDVu0f3u5uGRaP%2BglhiYVHagx4%2BYgkNe3rWxhdgFwZ00wKjdaX3H31VpGrpGUn6AfqpqVWHOPiW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f197db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nvshennv.bar/ad/newbbs/guowai.json
172.67.176.253200 OK 0 B URL HTTP/2 www.nvshennv.bar/ad/newbbs/guowai.json
IP 172.67.176.253:0
GET /ad/newbbs/guowai.json HTTP/1.1
Host: www.nvshennv.bar
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dd18li.info
Connection: keep-alive
Referer: https://www.dd18li.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:26:38 GMT
content-type: application/json
last-modified: Fri, 18 Nov 2022 16:01:05 GMT
vary: Accept-Encoding
etag: W/"6377ac41-61a"
x-powered-by: Lua 5.4.0
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFYPHCnqdugvqkJOIRucOMa3X7sdGHB65P33ENGmwnJrRQtsieDiTjwYg5As8gLhG%2FXNLXT85aoqqwpyBQaU0DBp4XKdmJG7g%2BRN7HxYhL7VNevAV45OlSDlBrKxgsa1Web5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8978f197fb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2