r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3933
Expires: Sun, 22 Jan 2023 03:47:09 GMT
Date: Sun, 22 Jan 2023 02:41:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11765
Expires: Sun, 22 Jan 2023 05:57:41 GMT
Date: Sun, 22 Jan 2023 02:41:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 01:42:27 GMT
content-type: application/json
age: 3549
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6857
Expires: Sun, 22 Jan 2023 04:35:53 GMT
Date: Sun, 22 Jan 2023 02:41:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Xurl88RKEWZ5owAqeeOHdrDgQJWXSPCPKQvHKpZvv3YmMTsToMvgFVt5he3nwS3noczXHGPoxgk=
x-amz-request-id: VZDPJNAM3MARMPK7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 01:47:05 GMT
age: 3271
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 02:41:36 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 01:48:58 GMT
age: 3158
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5806
Cache-Control: max-age=115318
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 02:41:36 GMT
Etag: "63cbab28-1d7"
Expires: Mon, 23 Jan 2023 10:43:34 GMT
Last-Modified: Sat, 21 Jan 2023 09:06:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
yinhotel.com/a/share/39.html
47.242.70.210200 OK 1.0 kB URL HTTP/1.1 yinhotel.com/a/share/39.html
IP 47.242.70.210:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 30544232435917ec816f01d74ab71d38
7be6e14500b6adc32b55cd4641ac1c26b341526c
fdb38a302c8451660c577ea4e5d1439c0560b463305edad4068c50767e27a533
Analyzer Verdict Alert fortinet Malware
GET /a/share/39.html HTTP/1.1
Host: yinhotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDSQDCDBCS=NBIPGAOBMJEEAOPBKFEIGMDN; path=/
X-Powered-By: ASP.NET
Date: Sun, 22 Jan 2023 02:41:36 GMT
Content-Length: 1007
push.services.mozilla.com/
52.88.143.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.143.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GCCDwGTjfoLWcEjWD+nJKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: imvcUvZkNlOBngfINQJ9zsOF4sk=
yinhotel.com/1043179.js
47.242.70.210200 OK 2.3 kB IP 47.242.70.210:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (4897), with no line terminators
Hash 1e0d8030ef17aaa1411e4c43a5bdf25d
ea7c25e1047689f4d45b3509bab014c75ff81550
a57a72fe063116691e1f60efd3f2ededa35b49777f673cdf8271dc679d1e628f
GET /1043179.js HTTP/1.1
Host: yinhotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yinhotel.com/a/share/39.html
Cookie: ASPSESSIONIDSQDCDBCS=NBIPGAOBMJEEAOPBKFEIGMDN
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 18:40:31 GMT
Accept-Ranges: bytes
ETag: "8079add5e428d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 22 Jan 2023 02:41:37 GMT
Content-Length: 2307
yinhotel.com/favicon.ico
47.242.70.210200 OK 620 B IP 47.242.70.210:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 47 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 5eb592e72aa56dee412fdd719437fdff
3cc1fa8268de106f7d4d14ccaee8f28ae88a73ab
93e2ffc8c78dd16b0f409355784957d8ca1e43b75527eaa6c5e76ad7be77b196
GET /favicon.ico HTTP/1.1
Host: yinhotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yinhotel.com/a/share/39.html
Cookie: ASPSESSIONIDSQDCDBCS=NBIPGAOBMJEEAOPBKFEIGMDN; __tins__1043179=%7B%22sid%22%3A%201674355296457%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201674357096457%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Mon, 03 May 2021 11:08:14 GMT
Accept-Ranges: bytes
ETag: "1fffdd9cc40d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 22 Jan 2023 02:41:37 GMT
Content-Length: 620
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12447
Expires: Sun, 22 Jan 2023 06:09:05 GMT
Date: Sun, 22 Jan 2023 02:41:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12447
Expires: Sun, 22 Jan 2023 06:09:05 GMT
Date: Sun, 22 Jan 2023 02:41:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12447
Expires: Sun, 22 Jan 2023 06:09:05 GMT
Date: Sun, 22 Jan 2023 02:41:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12447
Expires: Sun, 22 Jan 2023 06:09:05 GMT
Date: Sun, 22 Jan 2023 02:41:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12463
Expires: Sun, 22 Jan 2023 06:09:21 GMT
Date: Sun, 22 Jan 2023 02:41:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f86ec004a2042b4030cd2cce2bf1e1d
e3c00dcc55f095f03a6f4505960ac1cee0b3877c
64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8221
x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOEWGUMoAMF2QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VtzsQ7NI9ODiQfxm_EaSDsizPQhDOSH3O23UEaHg1KI9bg8imLdOnw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:16 GMT
age: 17602
etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70113ea7-c91e-43d6-831d-6e4d2bfdedd2.jpeg
34.120.237.76200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70113ea7-c91e-43d6-831d-6e4d2bfdedd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e6e79a6d39c1a68916ba137d2a26bc8
008b963daf94069a9ad22e5f170e2f3569e73709
df945becb760ffae4d118bf4bd7f10e766003cf8a4134687969d0f6a47a39319
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70113ea7-c91e-43d6-831d-6e4d2bfdedd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 18374
x-amzn-requestid: 7b64c39d-6328-4c21-884e-c35a72227396
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHN7fGzpoAMFj5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d16-78583c755c0a76b5268c879d;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:45:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jeBRrvGvpmegIpee7ux6WNGJJQ2XXXdLs91g8hX4HFr2gChsd_4GOg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
etag: "008b963daf94069a9ad22e5f170e2f3569e73709"
content-type: image/jpeg
age: 17612
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2aec02a691f126259e2a3c701e322ffe
af9161eefc1ee381a8f531c593ea7354d73493eb
e0094d54ca9bbbc4154abec2ce152453ddb1544e020b4a859e5da1f7073a26d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4796
x-amzn-requestid: 9ad3dcbc-3d19-4619-a8cb-b316a8d51290
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7ULpHgKIAMFmYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79a4a-769bcf2f4d7787d007ec30e2;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -TjivJmHgT_N2QWC1rn8ng1sl5h53FcgoU9ALMINJEY6onseYEWGRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 08:08:25 GMT
age: 66793
etag: "af9161eefc1ee381a8f531c593ea7354d73493eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54bb2c2439cbf0cefc3075f25576f161
e4e506d7acc877b266c18ae6da3b948e0d41bb1e
8cfef01c8eea67086fdea9865d760f9ed1ecc15dc42f3b2c94fc85d609a31aa2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9334
x-amzn-requestid: 23f9071b-5274-4c6a-9a4a-d63ea74c7483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWQETCoAMFdjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-393e62854ba77f783f142985;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BWc9_KsIp1FH10PJZFoIteQrb0Q8cfqRN8RiynsqbHyFUHhDCxwqIw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
age: 17612
etag: "e4e506d7acc877b266c18ae6da3b948e0d41bb1e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ec85cf23f6ed6a70e62e17998dfcede
2a690f14cf97f33da2c4f4b21c737a7ca37665b4
ae3cedd8f51f9ed2d996f1d75e7288802d68fa3c27d928934311e4d8821940cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 86dec496-ff1b-4db8-9bcb-12275f6feeb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkBGiOIAMFaCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c7f-16c24501673bc2161c1e8a3b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EIRH5l-dSShdZbMvwSEE8jKooGny-prLtbXwx8ZNUi0Wfj4GItKV7g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 22:08:36 GMT
age: 16382
etag: "2a690f14cf97f33da2c4f4b21c737a7ca37665b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffb6957f05eb26875b60b795a1a0e818
44c2febdf59c4f08401e7c3edd0837dd4b1a8886
0fdb841fbf2f336f58cc4b63d271c8cdd3fba345de4c774651826ea24e3628b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6399
x-amzn-requestid: e4b80b20-8aad-47aa-9059-7f7729f901bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7UZ1ExQoAMFXKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79aa5-66622b6c3e8fd210011618c5;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:07:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HSec-atXiQMoOd0Jqu8_jiC3cHqeyPpYvFJxKzqJcpp9i6sZhGMMEg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 07:40:37 GMT
age: 68461
etag: "44c2febdf59c4f08401e7c3edd0837dd4b1a8886"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ia.51.la/go1?id=1043179&rt=1674355296457&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1674355296457&tt=yinhotel.com%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25B3%25E9%2597%25AD%252C%25E5%259F%259F%25E5%2590%258D%25E5%2587%25BA%25E5%2594%25AE&kw=&cu=http%253A%252F%252Fyinhotel.com%252Fa%252Fshare%252F39.html&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=1043179&rt=1674355296457&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1674355296457&tt=yinhotel.com%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25B3%25E9%2597%25AD%252C%25E5%259F%259F%25E5%2590%258D%25E5%2587%25BA%25E5%2594%25AE&kw=&cu=http%253A%252F%252Fyinhotel.com%252Fa%252Fshare%252F39.html&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=1043179&rt=1674355296457&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1674355296457&tt=yinhotel.com%25E7%25BD%2591%25E7%25AB%2599%25E5%2585%25B3%25E9%2597%25AD%252C%25E5%259F%259F%25E5%2590%258D%25E5%2587%25BA%25E5%2594%25AE&kw=&cu=http%253A%252F%252Fyinhotel.com%252Fa%252Fshare%252F39.html&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yinhotel.com/
HTTP/1.1 200
Server: CloudWAF
Date: Sun, 22 Jan 2023 02:41:38 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=ee7157fc27e0f9cdddb; path=/
HWWAFSESTIME=1674355295170; path=/
www.yinhotel.com/
47.242.70.210200 OK 3.5 kB IP 47.242.70.210:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (456), with CRLF line terminators
Hash d8246c9d5e53349faf8e1c8bf77bfdab
bb4bb8b48b166d43bd5d0a75bb64ba3dece2ade9
dbfde8f1b8499afb769100d3918a47df62d32b90847f4a69c09f2cc5228cd8cb
GET / HTTP/1.1
Host: www.yinhotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yinhotel.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: ASPSESSIONIDSQDCDBCS=DDJPGAOBOOOAPGCKBIJCFMCL; path=/
X-Powered-By: ASP.NET
Date: Sun, 22 Jan 2023 02:41:40 GMT
Content-Length: 3504
www.yinhotel.com/1043179.js
47.242.70.210200 OK 2.3 kB URL HTTP/1.1 www.yinhotel.com/1043179.js
IP 47.242.70.210:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (4897), with no line terminators
Hash 1e0d8030ef17aaa1411e4c43a5bdf25d
ea7c25e1047689f4d45b3509bab014c75ff81550
a57a72fe063116691e1f60efd3f2ededa35b49777f673cdf8271dc679d1e628f
GET /1043179.js HTTP/1.1
Host: www.yinhotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yinhotel.com/
Cookie: ASPSESSIONIDSQDCDBCS=DDJPGAOBOOOAPGCKBIJCFMCL
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 18:40:31 GMT
Accept-Ranges: bytes
ETag: "8079add5e428d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 22 Jan 2023 02:41:41 GMT
Content-Length: 2307
ia.51.la/go1?id=1043179&rt=1674355300493&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=&ing=2&ekc=&sid=1674355300483&tt=yinhotel.com%2520is%2520for%2520sale%2520%25E5%259F%259F%25E5%2590%258D%25E7%259F%25A5%25E8%25AF%2586%25E4%25BA%25A7%25E6%259D%2583%25E4%25BA%25A4%25E6%2598%2593&kw=&cu=http%253A%252F%252Fwww.yinhotel.com%252F&pu=http%253A%252F%252Fyinhotel.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=1043179&rt=1674355300493&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=&ing=2&ekc=&sid=1674355300483&tt=yinhotel.com%2520is%2520for%2520sale%2520%25E5%259F%259F%25E5%2590%258D%25E7%259F%25A5%25E8%25AF%2586%25E4%25BA%25A7%25E6%259D%2583%25E4%25BA%25A4%25E6%2598%2593&kw=&cu=http%253A%252F%252Fwww.yinhotel.com%252F&pu=http%253A%252F%252Fyinhotel.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=1043179&rt=1674355300493&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=&ing=2&ekc=&sid=1674355300483&tt=yinhotel.com%2520is%2520for%2520sale%2520%25E5%259F%259F%25E5%2590%258D%25E7%259F%25A5%25E8%25AF%2586%25E4%25BA%25A7%25E6%259D%2583%25E4%25BA%25A4%25E6%2598%2593&kw=&cu=http%253A%252F%252Fwww.yinhotel.com%252F&pu=http%253A%252F%252Fyinhotel.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yinhotel.com/
HTTP/1.1 200
Server: CloudWAF
Date: Sun, 22 Jan 2023 02:41:41 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=8111b4697af0925fbd6; path=/
HWWAFSESTIME=1674355300172; path=/
ia.51.la/go1?id=1043179&rt=1674355300483&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1674355300483&tt=yinhotel.com%2520is%2520for%2520sale%2520%25E5%259F%259F%25E5%2590%258D%25E7%259F%25A5%25E8%25AF%2586%25E4%25BA%25A7%25E6%259D%2583%25E4%25BA%25A4%25E6%2598%2593&kw=&cu=http%253A%252F%252Fwww.yinhotel.com%252F&pu=http%253A%252F%252Fyinhotel.com%252F
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=1043179&rt=1674355300483&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1674355300483&tt=yinhotel.com%2520is%2520for%2520sale%2520%25E5%259F%259F%25E5%2590%258D%25E7%259F%25A5%25E8%25AF%2586%25E4%25BA%25A7%25E6%259D%2583%25E4%25BA%25A4%25E6%2598%2593&kw=&cu=http%253A%252F%252Fwww.yinhotel.com%252F&pu=http%253A%252F%252Fyinhotel.com%252F
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=1043179&rt=1674355300483&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1674355300483&tt=yinhotel.com%2520is%2520for%2520sale%2520%25E5%259F%259F%25E5%2590%258D%25E7%259F%25A5%25E8%25AF%2586%25E4%25BA%25A7%25E6%259D%2583%25E4%25BA%25A4%25E6%2598%2593&kw=&cu=http%253A%252F%252Fwww.yinhotel.com%252F&pu=http%253A%252F%252Fyinhotel.com%252F HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yinhotel.com/
HTTP/1.1 200
Server: CloudWAF
Date: Sun, 22 Jan 2023 02:41:41 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=8111b4637af0925fbd6; path=/
HWWAFSESTIME=1674355300172; path=/
www.yinhotel.com/favicon.ico
47.242.70.210200 OK 620 B URL HTTP/1.1 www.yinhotel.com/favicon.ico
IP 47.242.70.210:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 47 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 5eb592e72aa56dee412fdd719437fdff
3cc1fa8268de106f7d4d14ccaee8f28ae88a73ab
93e2ffc8c78dd16b0f409355784957d8ca1e43b75527eaa6c5e76ad7be77b196
GET /favicon.ico HTTP/1.1
Host: www.yinhotel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yinhotel.com/
Cookie: ASPSESSIONIDSQDCDBCS=DDJPGAOBOOOAPGCKBIJCFMCL; __tins__1043179=%7B%22sid%22%3A%201674355300483%2C%20%22vd%22%3A%202%2C%20%22expires%22%3A%201674357100493%7D; __51cke__=; __51laig__=2
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Mon, 03 May 2021 11:08:14 GMT
Accept-Ranges: bytes
ETag: "1fffdd9cc40d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 22 Jan 2023 02:41:41 GMT
Content-Length: 620
t.dom.com.cn/img/731562.jpg
101.43.178.182200 OK 41 kB URL HTTP/1.1 t.dom.com.cn/img/731562.jpg
IP 101.43.178.182:0
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 430x430, components 3\012- data
Hash 8e63ed04a633b9e5f7b2a84ed7e04ec8
6916fa58d314e303d5179d174bffe1e5bf6652bc
2e4e1e8a5df08a3676e3e2546ba692fe6d9a8a8f0b075c585bcac43f2f1594f7
GET /img/731562.jpg HTTP/1.1
Host: t.dom.com.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.yinhotel.com/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 17 Mar 2020 10:25:49 GMT
Accept-Ranges: bytes
ETag: "da2926d46fcd51:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sun, 22 Jan 2023 02:41:41 GMT
Content-Length: 40889
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.80200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.80:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 21 Jan 2023 04:04:58 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: n0CZNmwkC2RtCxTRy27lU4gyzm53iJvc4PnEixkG3FzUj-VNQkw0jw==
age: 81405
X-Firefox-Spdy: h2
cdn1.dan.com/assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js
143.204.55.119200 OK 4.4 kB URL HTTP/2 cdn1.dan.com/assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js
IP 143.204.55.119:0
File type ASCII text, with very long lines (15400), with no line terminators
Hash de2f4a801d555fd16c042093f091acd4
86110e7d996ff7d52e1bbb9f0083f5369c965634
8d772411db1b7ce8f803656bdc1e7e0dfb299eb51371d957fe5ef8656a4819c6
GET /assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 4434
server: openresty
date: Tue, 13 Dec 2022 07:36:57 GMT
last-modified: Thu, 09 Dec 2021 13:49:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Z1VWLvZgjSH3jvytABP2mhQx0cn_RgfdsJUimAebEXrIvTbeyW6mGw==
age: 3438286
X-Firefox-Spdy: h2
cdn1.dan.com/packs/js/7-648d8763e82fac7ca4e3.chunk.js
143.204.55.119200 OK 3.8 kB URL HTTP/2 cdn1.dan.com/packs/js/7-648d8763e82fac7ca4e3.chunk.js
IP 143.204.55.119:0
File type ASCII text, with very long lines (10731)
Hash 210cc14155bdbbce7a1b43cdca8159bf
6dda13ed3de4be20defb57e30581bc918c8fb0e3
5270d05aa956fc87a85da3f8636caa33b01368feeaf6799d3412feb0ab67b789
GET /packs/js/7-648d8763e82fac7ca4e3.chunk.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 3847
server: openresty
date: Mon, 16 Jan 2023 14:00:42 GMT
last-modified: Mon, 16 Jan 2023 13:58:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WSS-jHCVJ78R0oG8W9pyZ6uQcKgd2rdpGfdTGlj3Krf0RgH0eW_JOA==
age: 477661
X-Firefox-Spdy: h2
cdn1.dan.com/packs/js/6-09d88c7c7f946dc24bbd.chunk.js
143.204.55.119200 OK 65 kB URL HTTP/2 cdn1.dan.com/packs/js/6-09d88c7c7f946dc24bbd.chunk.js
IP 143.204.55.119:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5735f30b7cb3431b8c31f51c4dfa152b
e74db5eaea70fa127729d4550f1b60756ce4ef12
1c30988d3f8877e25cb24322f3d43c4d8bb04b614968d55ea91c1846457dbc19
GET /packs/js/6-09d88c7c7f946dc24bbd.chunk.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 65352
server: openresty
date: Wed, 11 Jan 2023 10:53:08 GMT
last-modified: Wed, 11 Jan 2023 10:51:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lToXH_XWY7zGvJ3R6yLjILieZ3kdorwNFgHixkewxPhu2JxIJ0Hfxw==
age: 920915
X-Firefox-Spdy: h2
cdn1.dan.com/assets/public-7af4f26c11499c346cedb3fa76933cab7b0a61963307dd4db4eb31e6743b7ebc.css
143.204.55.119200 OK 70 kB URL HTTP/2 cdn1.dan.com/assets/public-7af4f26c11499c346cedb3fa76933cab7b0a61963307dd4db4eb31e6743b7ebc.css
IP 143.204.55.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash 1625ca46a729631bd020f9be346d1d83
b468379f3e65a05695d98d34f277d1da4a24c429
0d73231c0c041805e3e1e70fd97862ae2b0619c018a7a4cfe2f373f8e1d8273c
GET /assets/public-7af4f26c11499c346cedb3fa76933cab7b0a61963307dd4db4eb31e6743b7ebc.css HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 69753
server: openresty
date: Tue, 17 Jan 2023 10:04:21 GMT
last-modified: Tue, 17 Jan 2023 09:58:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dtScIgBYKUWyscg-aBwqRddLL4DSsEZh-dzf441u3IGk2k8We9i4Gw==
age: 405442
X-Firefox-Spdy: h2
cdn1.dan.com/packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js
143.204.55.119200 OK 786 B URL HTTP/2 cdn1.dan.com/packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js
IP 143.204.55.119:0
File type ASCII text, with very long lines (1516)
Hash 37935f037e803e39105049fb0adeb1d4
f0a909ba834ba0ede36be821631ed8146699c8cb
aae6afa879fa3810847400272ebe7786d3f2b2d1be87ef9d16a235f05797b3bf
GET /packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 786
server: openresty
date: Wed, 11 Jan 2023 02:23:28 GMT
last-modified: Tue, 10 Jan 2023 13:21:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MResUf2ZWHF90ut0wPe4KHk0llTqfd6rY7oXWrPA503Vik_9aKdZRQ==
age: 951495
X-Firefox-Spdy: h2
cdn0.dan.com/packs/js/runtime~public/shared-849f663fc27cc3b2248e.js
143.204.55.93200 OK 790 B URL HTTP/2 cdn0.dan.com/packs/js/runtime~public/shared-849f663fc27cc3b2248e.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (1516)
Hash 5ded16adb29a0b410ea4663d16d31c40
dee72581a73c3a15eaa55c2da69baf6920f67871
212fa11629c831197de8b65ec9632e120479f34eeff90626c7f9d9c9d423e247
GET /packs/js/runtime~public/shared-849f663fc27cc3b2248e.js HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 790
server: openresty
date: Sat, 07 Jan 2023 01:33:16 GMT
last-modified: Thu, 05 Jan 2023 12:46:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Rt0K9G_5XDNUeV_FCeIGAQC1kp4Om1h0bNkIRACwNUwO46Dx7RFQ4A==
age: 1300106
X-Firefox-Spdy: h2
cdn1.dan.com/assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js
143.204.55.119200 OK 982 B URL HTTP/2 cdn1.dan.com/assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js
IP 143.204.55.119:0
File type ASCII text, with very long lines (1896), with no line terminators
Hash 7e27a1f78cf2901cf631835d1abdd80d
2a470ea7454f0d0da5d3f8c22052f96fdf949eb4
1b1e6270bc0e76e8f70a5024015b12e3833db1d9a3d8252a343b57edd2efdf2f
GET /assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 982
server: openresty
date: Sun, 25 Dec 2022 05:38:02 GMT
last-modified: Thu, 09 Dec 2021 13:49:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hz2MhxPTCyY3BFOS5ynTvzLS6vo9A_iufAgdAu8g9DMTY9JHGjz54g==
age: 2408621
X-Firefox-Spdy: h2
cdn0.dan.com/packs/js/3-316465271ff922f9ddad.chunk.js
143.204.55.93200 OK 56 kB URL HTTP/2 cdn0.dan.com/packs/js/3-316465271ff922f9ddad.chunk.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (65450)
Hash 3b93b400046fb7b947d1e0ee20d954e8
e72e1ba202567eb8bb35a50ae2f8794e601fd24c
c86aaae5ded0f8c8efcf131745147459ff4e9458560f7b03e8c381e8040c8671
GET /packs/js/3-316465271ff922f9ddad.chunk.js HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 55649
server: openresty
date: Thu, 12 Jan 2023 03:03:32 GMT
last-modified: Wed, 11 Jan 2023 10:51:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: E_JKx3WJcDh4DajN4FX2zjhw0brROABVm-Un7dROVaLB1a8BbAUDEA==
age: 862691
X-Firefox-Spdy: h2
cdn3.dan.com/packs/js/public/fonts-0e39ab15f410f27a26ed.chunk.js
143.204.55.119200 OK 426 B URL HTTP/2 cdn3.dan.com/packs/js/public/fonts-0e39ab15f410f27a26ed.chunk.js
IP 143.204.55.119:0
File type ASCII text, with very long lines (591)
Hash 2e0ab5df761d3cdc2832f1d9652c64a7
1bcebbb692d3a91210a690a8e78efa2b209083d7
5d7f1bb9ce49a8c57def94432651e770cb77236d32cbf33cd7777ba01e35ec56
GET /packs/js/public/fonts-0e39ab15f410f27a26ed.chunk.js HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 426
server: openresty
date: Mon, 16 Jan 2023 14:00:49 GMT
last-modified: Mon, 16 Jan 2023 13:58:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vJfRWHfQph-uiu61bYtYMueGiNGAkklrbghcvpGCzV97fF40syU03g==
age: 477654
X-Firefox-Spdy: h2
cdn3.dan.com/packs/js/runtime~public/fonts-029da93a03dc79cb1656.js
143.204.55.119200 OK 790 B URL HTTP/2 cdn3.dan.com/packs/js/runtime~public/fonts-029da93a03dc79cb1656.js
IP 143.204.55.119:0
File type ASCII text, with very long lines (1516)
Hash 4e1579868f8057dd0a8bf0b25fd96af4
40120bcce3f1a49de1b36e4d8c0856be56a2a7ff
65f6e4a432f30b9fccae58f470530f2993073543286126fd92bfa5707c3deb6f
GET /packs/js/runtime~public/fonts-029da93a03dc79cb1656.js HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 790
server: openresty
date: Tue, 06 Dec 2022 06:28:28 GMT
last-modified: Mon, 05 Dec 2022 12:56:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2piE-Juzj4Itf8m7shesQo9JhZanCvXjDKbzTMR_8HsXTJaKEHhkCA==
age: 4047195
X-Firefox-Spdy: h2
cdn1.dan.com/assets/svg-icons/last-online-eac3e973b9fd28c9c278a01e1b7612fbb071e96bd6ffcf22537986cd7f269b77.svg
143.204.55.119200 OK 150 B URL HTTP/2 cdn1.dan.com/assets/svg-icons/last-online-eac3e973b9fd28c9c278a01e1b7612fbb071e96bd6ffcf22537986cd7f269b77.svg
IP 143.204.55.119:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 6b1a9dbab05fbca3feb3f335e8a23048
52e7e90496c9f91ded3bf6f6e68d4a08fe0240d8
eac3e973b9fd28c9c278a01e1b7612fbb071e96bd6ffcf22537986cd7f269b77
GET /assets/svg-icons/last-online-eac3e973b9fd28c9c278a01e1b7612fbb071e96bd6ffcf22537986cd7f269b77.svg HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/assets/public-7af4f26c11499c346cedb3fa76933cab7b0a61963307dd4db4eb31e6743b7ebc.css
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 150
server: openresty
date: Wed, 28 Sep 2022 01:07:14 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LEqr-c-QWXHfEk-BNW0iO_mtAxu706eiTJQ-QayrRivnQkUQ0ys5IQ==
age: 10028069
X-Firefox-Spdy: h2
cdn3.dan.com/assets/svg-icons/shield-ok-a936605bb77c01425aa6eda45ffe5c0b1fd1232aa9611ca405b56a1a59e3cd03.svg
143.204.55.119200 OK 1.1 kB URL HTTP/2 cdn3.dan.com/assets/svg-icons/shield-ok-a936605bb77c01425aa6eda45ffe5c0b1fd1232aa9611ca405b56a1a59e3cd03.svg
IP 143.204.55.119:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (980)
Hash 587768785fefa310162a40cfe924ad56
221cbcadb22f15961b9c9e324b4783fdb3e5f0cc
a936605bb77c01425aa6eda45ffe5c0b1fd1232aa9611ca405b56a1a59e3cd03
GET /assets/svg-icons/shield-ok-a936605bb77c01425aa6eda45ffe5c0b1fd1232aa9611ca405b56a1a59e3cd03.svg HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1084
server: openresty
date: Mon, 26 Sep 2022 01:39:11 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: w7jFMAI6OtlK3_A0ZSTT6hZQtHMLfRRiCVtXXJLBhCJi8W99496iHA==
age: 10198952
X-Firefox-Spdy: h2
cdn1.dan.com/assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png
143.204.55.119200 OK 3.2 kB URL HTTP/2 cdn1.dan.com/assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png
IP 143.204.55.119:0
File type PNG image data, 272 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a20ff7a7df04a852f968c5c988dd6fa
260328a70eeb31d942e6bf3afdc3ba0abf9534f7
5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387
GET /assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/assets/public-7af4f26c11499c346cedb3fa76933cab7b0a61963307dd4db4eb31e6743b7ebc.css
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3181
server: openresty
date: Wed, 07 Dec 2022 02:59:53 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Piq-UOt0rsCVZr5DXbAGHaMFJqq6ern-RLIm_kU915sLJN1tB3z40Q==
age: 3973310
X-Firefox-Spdy: h2
cdn0.dan.com/assets/svg-icons/time-history-c52512ca23af293e24acd99d747e58a3760aad680b9400fb92a5833654e96990.svg
143.204.55.93200 OK 455 B URL HTTP/2 cdn0.dan.com/assets/svg-icons/time-history-c52512ca23af293e24acd99d747e58a3760aad680b9400fb92a5833654e96990.svg
IP 143.204.55.93:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (351)
Hash 900133f4432be1d282a17b9a795a21f9
7648a5bd155b8e14f84eff37f70abf47215be46d
c52512ca23af293e24acd99d747e58a3760aad680b9400fb92a5833654e96990
GET /assets/svg-icons/time-history-c52512ca23af293e24acd99d747e58a3760aad680b9400fb92a5833654e96990.svg HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 455
server: openresty
date: Fri, 25 Nov 2022 22:40:41 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zP0SWT87iV0mqbpex98EwLyDDsMtVWgMb1w4hZ2svmkp7MedG1-Ouw==
age: 4939262
X-Firefox-Spdy: h2
cdn3.dan.com/assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2
143.204.55.119200 OK 42 kB URL HTTP/2 cdn3.dan.com/assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2
IP 143.204.55.119:0
File type Web Open Font Format (Version 2), TrueType, length 42052, version 1.0\012- data
Hash 7d992431ee5e40d98d9ab99cb5cde954
3e82b380c81c2f83e143e4bb1a4437903c689f05
560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc
GET /assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2 HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 42052
server: openresty
date: Sun, 28 Aug 2022 13:39:13 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NZBiwkthOa-ITazYvU0D3k4hB0PtL6gKCcQ_J9GPM8zacOvJ2j4mjQ==
age: 12661350
X-Firefox-Spdy: h2
cdn1.dan.com/assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2
143.204.55.119200 OK 37 kB URL HTTP/2 cdn1.dan.com/assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2
IP 143.204.55.119:0
File type Web Open Font Format (Version 2), TrueType, length 37172, version 1.0\012- data
Hash 6b2f88dd1fc37ad2228bc4b0e12bb011
088cd68a9ce402835ff00e8e2c8ef2ccf4081a3b
1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6
GET /assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2 HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 37172
server: openresty
date: Thu, 25 Aug 2022 03:15:09 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: w2LEk-js4hDv0K-JM2BTc6WX4CrQfuHyjQmnm7nZors5lCbFQbSo4A==
age: 12957994
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 02:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.dan.com/assets/svg-icons/user-green-06c3809d7beec1ee6bde30283205ef85584ddd8321098116387d7a39fd6d2c2a.svg
143.204.55.119200 OK 897 B URL HTTP/2 cdn2.dan.com/assets/svg-icons/user-green-06c3809d7beec1ee6bde30283205ef85584ddd8321098116387d7a39fd6d2c2a.svg
IP 143.204.55.119:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (793)
Hash 877961041bbd7b6f179a12ef9f1a4e72
098b647d32fb0015fed7d382629f1138f2ad5bab
06c3809d7beec1ee6bde30283205ef85584ddd8321098116387d7a39fd6d2c2a
GET /assets/svg-icons/user-green-06c3809d7beec1ee6bde30283205ef85584ddd8321098116387d7a39fd6d2c2a.svg HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 897
server: openresty
date: Tue, 20 Sep 2022 15:50:37 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D3o6ampRF7SSejinCKVzQNV8u5YX2T5L8WxB5E4Ndyz37XDF4fsX2g==
age: 10666266
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer
142.250.74.40200 OK 40 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer
IP 142.250.74.40:0
File type ASCII text, with very long lines (3336)
Hash 2ced41ccc78ff4d57cad7eb28917e66a
1facf78dbf3a2c2b58c43c47f4e401d9a6a3670f
f045b263e71cb03541ef80dbd0ccbf355f012a0174856dce6caba38de3ec866d
GET /gtm.js?id=GTM-SXRF&l=_gaDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 22 Jan 2023 02:41:43 GMT
expires: Sun, 22 Jan 2023 02:41:43 GMT
cache-control: private, max-age=900
last-modified: Sun, 22 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39557
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.dan.com/assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg
143.204.55.119200 OK 12 kB URL HTTP/2 cdn2.dan.com/assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg
IP 143.204.55.119:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4396)
Hash 386fcff0359a238feae3616089163f60
3861370145d1176cdbeb8d44c70638efd49507e7
0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379
GET /assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 11658
server: openresty
date: Sat, 03 Dec 2022 08:14:10 GMT
last-modified: Mon, 18 Jul 2022 15:41:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J0InHBcvHHpCbqDsE7DrSDRynPzAdEXffqA9dvZDvgxP-bclZbfyFw==
age: 4300053
X-Firefox-Spdy: h2
cdn2.dan.com/assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2
143.204.55.5200 OK 39 kB URL HTTP/2 cdn2.dan.com/assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2
IP 143.204.55.5:0
File type Web Open Font Format (Version 2), TrueType, length 38556, version 1.0\012- data
Hash 15e0a4e9b6fc2834eec6ccba1973aa45
080a7126b7fb4063ea36c06beca3ebfdc4cc63ef
11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a
GET /assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2 HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 38556
server: openresty
date: Tue, 04 Oct 2022 23:13:23 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t9dAcyb7jssUfgy5pe64d7u0i0Wsk21qg2_arHjKiUe1TJf9GYsNAw==
age: 9430100
X-Firefox-Spdy: h2
cdn2.dan.com/assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2
143.204.55.5200 OK 36 kB URL HTTP/2 cdn2.dan.com/assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2
IP 143.204.55.5:0
File type Web Open Font Format (Version 2), TrueType, length 36308, version 1.0\012- data
Hash 47f09a78e5d17d771fb06bc91e174499
b335fe0226d224782678ff7bea49773993e6f052
cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3
GET /assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2 HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 36308
server: openresty
date: Sat, 01 Oct 2022 04:00:17 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7cbnj_xdasj3Zq6N9EREUwAib6r1lgui6YfsK21tQdI9nMTiPsKw6g==
age: 9758486
X-Firefox-Spdy: h2
cdn1.dan.com/assets/GraphikDan-Light-Web-683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e.woff2
143.204.55.119200 OK 34 kB URL HTTP/2 cdn1.dan.com/assets/GraphikDan-Light-Web-683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e.woff2
IP 143.204.55.119:0
File type Web Open Font Format (Version 2), TrueType, length 34092, version 1.0\012- data
Hash 9e90e7eccd164bdeee5ae1e9331316d5
4a8c44ec681947f676ee97f33aab743a079eff7b
683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e
GET /assets/GraphikDan-Light-Web-683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e.woff2 HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 34092
server: openresty
date: Sun, 02 Oct 2022 02:47:45 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ff_11T4MPbRe9Q7O_Dcy84ChCtQWwTge9T2e9aB1NNQkKj9rRsqFMw==
age: 9676438
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 02:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.dan.com/assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png
143.204.55.119200 OK 3.1 kB URL HTTP/2 cdn2.dan.com/assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png
IP 143.204.55.119:0
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c59777f5725af9a1d2d9153da1d7176
bc06fbcbf2170fe049279b7a1b6003eef8d6986a
56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290
GET /assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3054
server: openresty
date: Tue, 06 Sep 2022 00:23:51 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VFWL8DEfOITjYsPBC108kjzaFzQ1zhSPMcx6MCTSpwnC2xJ1Rbp9yA==
age: 11931472
X-Firefox-Spdy: h2
cdn3.dan.com/assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico
143.204.55.119200 OK 15 kB URL HTTP/2 cdn3.dan.com/assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico
IP 143.204.55.119:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 91b5b75e4f52df43982200873c1feef6
8a01193959229d10a361d4965e305490544c428c
17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f
GET /assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 15406
server: openresty
date: Mon, 09 Jan 2023 01:49:20 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1BWRd4hPSEcUEOasJcdPk1WmbiOxVD6s0mUfab1pplpc8FiMiAYphA==
age: 1126343
X-Firefox-Spdy: h2
d1lr4y73neawid.cloudfront.net/sale_pages/backgrounds/000/019/718/hero/dan.jpg?1671606409
54.230.245.93200 OK 67 kB URL HTTP/2 d1lr4y73neawid.cloudfront.net/sale_pages/backgrounds/000/019/718/hero/dan.jpg?1671606409
IP 54.230.245.93:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x500, components 3\012- data
Hash 686276eda9939f5b6c6bc9008a9a88aa
e57b62d71dc7fee25d26a3935813865df700c0e1
6c52de636b8de7aa6d48863f29def538da77faffc54e93faf820ff2cc5a57433
GET /sale_pages/backgrounds/000/019/718/hero/dan.jpg?1671606409 HTTP/1.1
Host: d1lr4y73neawid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 67265
date: Sat, 21 Jan 2023 19:57:43 GMT
last-modified: Wed, 21 Dec 2022 07:06:50 GMT
etag: "686276eda9939f5b6c6bc9008a9a88aa"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5X0TlHgv7vxQdqyU_qhhYwpa2PmTLMTvebWXPdVZt3PIXTNxwPSPpw==
age: 24241
X-Firefox-Spdy: h2
d1lr4y73neawid.cloudfront.net/clients/pictures/000/020/402/original/731562.jpg?1655135091
54.230.245.93200 OK 41 kB URL HTTP/2 d1lr4y73neawid.cloudfront.net/clients/pictures/000/020/402/original/731562.jpg?1655135091
IP 54.230.245.93:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 430x430, components 3\012- data
Hash 8e63ed04a633b9e5f7b2a84ed7e04ec8
6916fa58d314e303d5179d174bffe1e5bf6652bc
2e4e1e8a5df08a3676e3e2546ba692fe6d9a8a8f0b075c585bcac43f2f1594f7
GET /clients/pictures/000/020/402/original/731562.jpg?1655135091 HTTP/1.1
Host: d1lr4y73neawid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 40889
date: Sat, 21 Jan 2023 19:57:43 GMT
last-modified: Mon, 13 Jun 2022 15:44:52 GMT
etag: "8e63ed04a633b9e5f7b2a84ed7e04ec8"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U8fUh-2FWK7c18MDhpq8SzUacUwfVt2AAZJ19sXi1yUfVUkSRF0Aqg==
age: 24241
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 22 Jan 2023 01:45:20 GMT
expires: Sun, 22 Jan 2023 03:45:20 GMT
cache-control: public, max-age=7200
age: 3383
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/8b98e0fa27b6491fd089373de7711abb/tcc.min.js
23.36.79.43200 OK 29 kB URL HTTP/2 img6.wsimg.com/wrhs/8b98e0fa27b6491fd089373de7711abb/tcc.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 50ad4d37c07b2cb8394cd46951e1827e
9be3c8de364b3ee8aa162da93af284a44ffb2637
fce496ea7f4bb86b225425a6b413b5b05d3d425217e75e885ab2560212db2465
GET /wrhs/8b98e0fa27b6491fd089373de7711abb/tcc.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "8b98e0fa27b6491fd089373de7711abb"
last-modified: Thu, 19 Jan 2023 17:49:57 GMT
vary: Accept-Encoding
x-amz-id-2: KpObOJf8+wUOCNBlVmKuPfVvBuQ+/Y3pvkP6jPxPwJ+qC2/sAB/tz7WbLHHCkD3OztsTR2MKfQc=
x-amz-request-id: K1NE03ND8GMQV6A1
x-amz-server-side-encryption: AES256
x-amz-version-id: msjIMy4rl8m8KQ0IqvLHwFZAwXZ1RbaE
content-length: 28577
cache-control: max-age=31536000
date: Sun, 22 Jan 2023 02:41:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 02:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1594511030&gjid=1579343252&_gid=2110828587.1674355303&_u=YCDAgEABAAAAAEAAI~&z=1675137832
173.194.221.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1594511030&gjid=1579343252&_gid=2110828587.1674355303&_u=YCDAgEABAAAAAEAAI~&z=1675137832
IP 173.194.221.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1594511030&gjid=1579343252&_gid=2110828587.1674355303&_u=YCDAgEABAAAAAEAAI~&z=1675137832 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://dan.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 22 Jan 2023 02:41:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 02:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202212210441&nocookie=1
23.38.200.249200 OK 2 B URL HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202212210441&nocookie=1
IP 23.38.200.249:0
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=gpl/main/202212210441&nocookie=1 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
content-length: 2
cache-control: max-age=600
expires: Sun, 22 Jan 2023 02:51:44 GMT
date: Sun, 22 Jan 2023 02:41:44 GMT
X-Firefox-Spdy: h2
events.api.secureserver.net/image.aspx?referrer=http%3A%2F%2Fwww.yinhotel.com%2F&trace_id=461329ad97145447a0b4a81bb9dc67d3×tamp=1674355302907&corrid=1280076897&vs=visible&rand=598851848&sitename=dan.com&page=%2Fbuy-domain%2Fyinhotel.com&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2Fyinhotel.com&agent=false&delegated=false&salessite=false&event=gtm.dom&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=033e2f35-7d94-519d-b01a-304a88afd202&visitor_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&visit_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&page_count=1&has_consent=0&cv=3.33.1&client_name=tcc&same_site=none
104.84.152.186302 Found 0 B URL HTTP/2 events.api.secureserver.net/image.aspx?referrer=http%3A%2F%2Fwww.yinhotel.com%2F&trace_id=461329ad97145447a0b4a81bb9dc67d3×tamp=1674355302907&corrid=1280076897&vs=visible&rand=598851848&sitename=dan.com&page=%2Fbuy-domain%2Fyinhotel.com&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2Fyinhotel.com&agent=false&delegated=false&salessite=false&event=gtm.dom&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=033e2f35-7d94-519d-b01a-304a88afd202&visitor_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&visit_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&page_count=1&has_consent=0&cv=3.33.1&client_name=tcc&same_site=none
IP 104.84.152.186:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image.aspx?referrer=http%3A%2F%2Fwww.yinhotel.com%2F&trace_id=461329ad97145447a0b4a81bb9dc67d3×tamp=1674355302907&corrid=1280076897&vs=visible&rand=598851848&sitename=dan.com&page=%2Fbuy-domain%2Fyinhotel.com&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2Fyinhotel.com&agent=false&delegated=false&salessite=false&event=gtm.dom&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=033e2f35-7d94-519d-b01a-304a88afd202&visitor_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&visit_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&page_count=1&has_consent=0&cv=3.33.1&client_name=tcc&same_site=none HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
access-control-allow-origin: https://dan.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
location: https://events.api.secureserver.net/image.aspx?referrer=http%3A%2F%2Fwww.yinhotel.com%2F&trace_id=461329ad97145447a0b4a81bb9dc67d3×tamp=1674355302907&corrid=1280076897&vs=visible&rand=598851848&sitename=dan.com&page=%2Fbuy-domain%2Fyinhotel.com&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2Fyinhotel.com&agent=false&delegated=false&salessite=false&event=gtm.dom&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=033e2f35-7d94-519d-b01a-304a88afd202&visitor_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&visit_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&page_count=1&has_consent=0&cv=3.33.1&client_name=tcc&same_site=none&CookieTest=1
date: Sun, 22 Jan 2023 02:41:44 GMT
set-cookie: traffic=; domain=.secureserver.net; path=/;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 02:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 02:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1594511030&_u=YCDAgEABAAAAAEAAI~&z=756017597
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1594511030&_u=YCDAgEABAAAAAEAAI~&z=756017597
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1594511030&_u=YCDAgEABAAAAAEAAI~&z=756017597 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 02:41:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dan.com/domain_views
3.70.113.20200 OK 63 B IP 3.70.113.20:0
Hash fb72ce257bb4fb36a4741b2016a2e64d
a08a70b85d4a175f496728526d4a38e3bf36f9c3
519ba183fd3f4b47612077896e8e2378b35f7b8816098a5255c0127eae22fbe2
POST /domain_views HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/yinhotel.com
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 142
Origin: https://dan.com
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=%2BvRPZAM2CwACFpDbagXoeBuRUCBTrE4ZKlhHNgu5IUO3ziCkwhl2iP%2BICPzxdklR4cDvXllv3CT7g0bNPZCKtpey2DvikerHmpe8GJueiaOHo1GwwIAYDXCI3MdU7BeZY6WuHUmRhUvZP1vIh%2FS3gIxoMmPJPu7fq%2FSj2t0UMwh78Ns7jOrb4ucA1zkWs9rc8KeEgpOBCUNfeHET41sK%2BwbP8zxABEQRwfXgRr0VvxK6zP7dtsI6ChRLjthI5jmSHfjGcMO7BEpqJFbzJt5xiadoOB1RGA7PpDQ%2BGaOBK6wu%2BNydPudSDgS%2F4JA5mluVQaLSkWW1h87peStgEe9CDDtgkUiG3P%2B8M5NcyZYfXc40J5vi5OycInFt0Pw0bPwN3fFhHQtvJQ8Y7Ueb1A%2B7%2FJv8a614AsIANxBTRKeshhnYbV1T3XBFxIiCuEY0dRFkcbzTVOqmhb%2FFPlivSaKsVg%3D%3D--m6%2FVDSGPMyYYcHZj--Q%2FMKgdUEzWgj%2F57db1EmQA%3D%3D; time_zone_offset=0; _gid=GA1.2.2110828587.1674355303; _gat=1; traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f; fb_sessiontraffic=C_TOUCH=2023-01-22T02:41:42.907Z&pathway=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&V_DATE=2023-01-22T02:41:42.904Z&pc=1; visitor=vid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f; OPTOUTMULTI=0:1%7Cc3:1%7Cc2:1%7Cc4:1; utag_main=v_id:0185d75a62920067a4cebe26218000050002700900918$_sn:1$_ss:1$_st:1674357103059$ses_id:1674355303059%3Bexp-session$_pn:1%3Bexp-session; expBannerSplit=B; _consentBImpression=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 22 Jan 2023 02:41:44 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=zk22yZMUoM7OCM5ILfOEBExLHlBL3ae846uBq6JdNi2SbwM%2FRpBQK6XdyqNkjgVjknEjOOgJMrAiKhpuJmCaqVUy%2FkHzmnrd3%2Fk%2F5xDpP0P7NBLPfzWl6OV72%2B0OCHecfF1U8Sfukd0KAhOAPZthEZIpnUw2QMqyN9zMiLNNEOpbtxQ7F41WKGOABREemnv%2ByCbaPcCkd6Uc338cSvyYZfKT6mRxfs48gKl%2B43d8%2B%2FQqUxprJVjmOigme3tPscYmuYdXoKqG1LoslnmdXchBzns0faq7T0C93w%2Fc26CY6Et%2BdgJdhBQXF%2F4TIZ7nkSqEqvjXmeBOY0ZI9ioEduSJgJWBY5HMwwCm2x7hAH70lxhrhThepkm8qKfytPsEdUvAiL14CfEW9H9C8Phz7%2FfUbWVgUh%2B%2B8mVg2Q7XiM5PYFPrZ8zCW56bXc91bVQRst9B5moEj0yZv5kS4NwVZY2gNi9KtL%2BOCNtJ%2FtAO5lz4eczu2khC46MhF2V1GGQcJh2%2FwnyKapyBeGQ9OF6S--2Tf2XC0WgbmCFMfQ--mJdacZlEh%2FCdyfHrJsEG5A%3D%3D; path=/; secure; HttpOnly
x-request-id: 27037668-4919-458c-9f60-ad03bffff4ea
x-runtime: 0.010626
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1594511030&_u=YCDAgEABAAAAAEAAI~&z=756017597
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1594511030&_u=YCDAgEABAAAAAEAAI~&z=756017597
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1594511030&_u=YCDAgEABAAAAAEAAI~&z=756017597 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 02:41:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
23.36.79.43200 OK 7.5 kB URL HTTP/2 img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (24676)
Hash b8a5a228a358454084c34dd1cf431c61
37aa5fe6e083b8147156ca66a1993a7bd74e8a61
06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492
GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Tue, 30 Aug 2022 13:33:22 GMT
vary: Accept-Encoding
x-amz-id-2: Gj864Qjmq93jcEZuHoW24pggVZNYla9J0qIknWJmS1/a54ajkEAEn4NJX1U7ILOl1QvRdYwDDqw=
x-amz-request-id: MN6YE7R2QYB3VNPM
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
cache-control: max-age=31536000
date: Sun, 22 Jan 2023 02:41:44 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 02:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ace90ee2f1ce8ca0d69556c6398555a6
49b53ab37b77ebf26525ef3a84aaa9a817af9df4
6d66736ed5245c62987c88f0c3570eefd8f45c09f60dc9b2e1d585f05d1f00e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 02:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.intercom.io/widget/e2frgfyw
54.230.111.119200 OK 6.2 kB URL HTTP/2 widget.intercom.io/widget/e2frgfyw
IP 54.230.111.119:0
File type Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Hash 733ffbdb5e2a36b73997a4eaadff654f
1a7fca765847080098b0bf34249cadb1bb0c5df6
af16f0c7f751b34d40e65028252d85023a2824780e61b6191487f17690e50ab4
GET /widget/e2frgfyw HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6170
last-modified: Fri, 20 Jan 2023 17:25:46 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 9czC9tP3qI45cYj38krK3EL4GYThpmU3
accept-ranges: bytes
server: AmazonS3
date: Sun, 22 Jan 2023 02:23:34 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "733ffbdb5e2a36b73997a4eaadff654f"
x-cache: Error from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VNSkFbA-XXRENrHm8bQIjzcHGVw7jD2AyrMGimpV1PUhtX615OE9Dg==
age: 1090
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
js.intercomcdn.com/frame.3b190e20.js
54.230.111.118200 OK 139 kB URL HTTP/2 js.intercomcdn.com/frame.3b190e20.js
IP 54.230.111.118:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 139 kB (139118 bytes)
Hash 8be14ca81001fd5f6d3df724e51b2a34
bb06bef096303773805cfcc4467f77084ddaf621
1fb4ebe60935de340e0a62f76816c74ee8e1516f5b7a027c5eda95c712f578ac
GET /frame.3b190e20.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 139118
date: Sun, 22 Jan 2023 01:34:45 GMT
last-modified: Fri, 20 Jan 2023 17:24:00 GMT
etag: "8be14ca81001fd5f6d3df724e51b2a34"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, s-maxage=7200, public
content-encoding: gzip
x-amz-version-id: VpFOnjJ90k861H3413Fltll_OkBUa8fu
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: c7oKL2YyOAJAkzJ5A5swUcBAGUsvCfUjbT0K7aEwxXR62CsPU-oPXQ==
age: 4020
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
events.api.secureserver.net/b.aspx?timestamp=1674355303385&corrid=1280076897&referrer=http%3A%2F%2Fwww.yinhotel.com%2F&vs=visible&rand=419128568&sitename=dan.com&page=%2Fbuy-domain%2Fyinhotel.com&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2Fyinhotel.com&agent=false&delegated=false&salessite=false&event=gtm.load&loadSource=gtm&page_level_properties=loadSource&event_type=page.log&eventdate=2023-01-22T02%3A41%3A43.386Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1674355302072&connectStart=1674355302000&domComplete=1674355303377&domContentLoadedEventEnd=1674355302702&domContentLoadedEventStart=1674355302700&domInteractive=1674355302663&domLoading=1674355302241&domainLookupEnd=1674355302000&domainLookupStart=1674355301999&fetchStart=1674355301996&navigationStart=1674355301996&requestStart=1674355302072&responseEnd=1674355302238&responseStart=1674355302237&loadEventStart=1674355303377&loadEventEnd=0&transferSize=16641&encodedBodySize=15244&decodedBodySize=56910&navigationType=navigate&fcp=652&hit_id=829bc34f-d076-5ec8-ad3a-f8a0393bcfca&visitor_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&visit_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&page_count=1&has_consent=0&cv=3.33.1&client_name=tcc&same_site=none&trace_id=461329ad97145447a0b4a81bb9dc67d3
104.84.152.186200 OK 43 B URL HTTP/2 events.api.secureserver.net/b.aspx?timestamp=1674355303385&corrid=1280076897&referrer=http%3A%2F%2Fwww.yinhotel.com%2F&vs=visible&rand=419128568&sitename=dan.com&page=%2Fbuy-domain%2Fyinhotel.com&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2Fyinhotel.com&agent=false&delegated=false&salessite=false&event=gtm.load&loadSource=gtm&page_level_properties=loadSource&event_type=page.log&eventdate=2023-01-22T02%3A41%3A43.386Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1674355302072&connectStart=1674355302000&domComplete=1674355303377&domContentLoadedEventEnd=1674355302702&domContentLoadedEventStart=1674355302700&domInteractive=1674355302663&domLoading=1674355302241&domainLookupEnd=1674355302000&domainLookupStart=1674355301999&fetchStart=1674355301996&navigationStart=1674355301996&requestStart=1674355302072&responseEnd=1674355302238&responseStart=1674355302237&loadEventStart=1674355303377&loadEventEnd=0&transferSize=16641&encodedBodySize=15244&decodedBodySize=56910&navigationType=navigate&fcp=652&hit_id=829bc34f-d076-5ec8-ad3a-f8a0393bcfca&visitor_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&visit_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&page_count=1&has_consent=0&cv=3.33.1&client_name=tcc&same_site=none&trace_id=461329ad97145447a0b4a81bb9dc67d3
IP 104.84.152.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /b.aspx?timestamp=1674355303385&corrid=1280076897&referrer=http%3A%2F%2Fwww.yinhotel.com%2F&vs=visible&rand=419128568&sitename=dan.com&page=%2Fbuy-domain%2Fyinhotel.com&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2Fyinhotel.com&agent=false&delegated=false&salessite=false&event=gtm.load&loadSource=gtm&page_level_properties=loadSource&event_type=page.log&eventdate=2023-01-22T02%3A41%3A43.386Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1674355302072&connectStart=1674355302000&domComplete=1674355303377&domContentLoadedEventEnd=1674355302702&domContentLoadedEventStart=1674355302700&domInteractive=1674355302663&domLoading=1674355302241&domainLookupEnd=1674355302000&domainLookupStart=1674355301999&fetchStart=1674355301996&navigationStart=1674355301996&requestStart=1674355302072&responseEnd=1674355302238&responseStart=1674355302237&loadEventStart=1674355303377&loadEventEnd=0&transferSize=16641&encodedBodySize=15244&decodedBodySize=56910&navigationType=navigate&fcp=652&hit_id=829bc34f-d076-5ec8-ad3a-f8a0393bcfca&visitor_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&visit_guid=955b0aa9-8a06-5f58-9983-3a2a9d93cb5f&page_count=1&has_consent=0&cv=3.33.1&client_name=tcc&same_site=none&trace_id=461329ad97145447a0b4a81bb9dc67d3 HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://dan.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sun, 22 Jan 2023 02:41:44 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7734f39ab22dcf094343698040403cf1
1160fb987666cdeacb44192d822ddefa302244a0
76c71cb35dc655bf763929a5a7f8b2df73bc2142bea45d83d84d0a1a9aba4851
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 02:41:44 GMT
Last-Modified: Sun, 22 Jan 2023 01:56:13 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z5mK4p5XD3L9Zey9Rqx3uxa1yNfK97YPi24HK1fUHAPK-NTiqtU0NA==
Age: 2731
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 653fac5c6b606dc0cb8e30ef7997697b
e89e852d35c35d693b59c38d243f3908122dfc50
dd492706cb30197ad7d839f60d3edbf9b8d6a8e9f19f3351c0d98643449e7146
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114475
Date: Sun, 22 Jan 2023 02:41:44 GMT
Etag: "63cbb39b-1d7"
Expires: Mon, 23 Jan 2023 10:29:39 GMT
Last-Modified: Sat, 21 Jan 2023 09:42:51 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gBLcgL_BLG7QmNtho2NUAxAMqmOjxNEYNCnIFKtouC6phSG4eNpzuw==
Age: 2808
csp.secureserver.net/eventbus
104.110.14.92200 OK 0 B URL HTTP/1.1 csp.secureserver.net/eventbus
IP 104.110.14.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /eventbus HTTP/1.1
Host: csp.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://dan.com/
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 0
x-amzn-requestid: 32252f84-e846-4a51-9ede-c68162ba3652
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type,authorization
x-amz-apigw-id: fH5QaFi2oAMF8Ng=
Access-Control-Allow-Methods: OPTIONS,POST
x-amzn-trace-id: Root=1-63cca268-671b1e6630cac5734430bc31
x-envoy-upstream-service-time: 82
Expires: Sun, 22 Jan 2023 02:41:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 22 Jan 2023 02:41:44 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
dan.com/buy-domain/yinhotel.com
3.70.113.20200 OK 0 B URL HTTP/2 dan.com/buy-domain/yinhotel.com
IP 3.70.113.20:0
GET /buy-domain/yinhotel.com HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.yinhotel.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sun, 22 Jan 2023 02:41:43 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"4df5be3fa6273f2aca5357379f88bb92"
cache-control: max-age=0, private, must-revalidate
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=%2BvRPZAM2CwACFpDbagXoeBuRUCBTrE4ZKlhHNgu5IUO3ziCkwhl2iP%2BICPzxdklR4cDvXllv3CT7g0bNPZCKtpey2DvikerHmpe8GJueiaOHo1GwwIAYDXCI3MdU7BeZY6WuHUmRhUvZP1vIh%2FS3gIxoMmPJPu7fq%2FSj2t0UMwh78Ns7jOrb4ucA1zkWs9rc8KeEgpOBCUNfeHET41sK%2BwbP8zxABEQRwfXgRr0VvxK6zP7dtsI6ChRLjthI5jmSHfjGcMO7BEpqJFbzJt5xiadoOB1RGA7PpDQ%2BGaOBK6wu%2BNydPudSDgS%2F4JA5mluVQaLSkWW1h87peStgEe9CDDtgkUiG3P%2B8M5NcyZYfXc40J5vi5OycInFt0Pw0bPwN3fFhHQtvJQ8Y7Ueb1A%2B7%2FJv8a614AsIANxBTRKeshhnYbV1T3XBFxIiCuEY0dRFkcbzTVOqmhb%2FFPlivSaKsVg%3D%3D--m6%2FVDSGPMyYYcHZj--Q%2FMKgdUEzWgj%2F57db1EmQA%3D%3D; path=/; secure; HttpOnly
x-request-id: 18ed41db-a306-4ff8-ad9d-adbdb2f51ee6
x-runtime: 0.092674
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
X-Firefox-Spdy: h2
dan.com/packs/spritemap.svg
3.70.113.20200 OK 0 B URL HTTP/2 dan.com/packs/spritemap.svg
IP 3.70.113.20:0
GET /packs/spritemap.svg HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/yinhotel.com
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=%2BvRPZAM2CwACFpDbagXoeBuRUCBTrE4ZKlhHNgu5IUO3ziCkwhl2iP%2BICPzxdklR4cDvXllv3CT7g0bNPZCKtpey2DvikerHmpe8GJueiaOHo1GwwIAYDXCI3MdU7BeZY6WuHUmRhUvZP1vIh%2FS3gIxoMmPJPu7fq%2FSj2t0UMwh78Ns7jOrb4ucA1zkWs9rc8KeEgpOBCUNfeHET41sK%2BwbP8zxABEQRwfXgRr0VvxK6zP7dtsI6ChRLjthI5jmSHfjGcMO7BEpqJFbzJt5xiadoOB1RGA7PpDQ%2BGaOBK6wu%2BNydPudSDgS%2F4JA5mluVQaLSkWW1h87peStgEe9CDDtgkUiG3P%2B8M5NcyZYfXc40J5vi5OycInFt0Pw0bPwN3fFhHQtvJQ8Y7Ueb1A%2B7%2FJv8a614AsIANxBTRKeshhnYbV1T3XBFxIiCuEY0dRFkcbzTVOqmhb%2FFPlivSaKsVg%3D%3D--m6%2FVDSGPMyYYcHZj--Q%2FMKgdUEzWgj%2F57db1EmQA%3D%3D; time_zone_offset=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sun, 22 Jan 2023 02:41:43 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 19 Jan 2023 12:11:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/gpl/main/prod/utag.js
23.38.200.249200 OK 0 B URL HTTP/2 tags.tiqcdn.com/utag/gpl/main/prod/utag.js
IP 23.38.200.249:0
GET /utag/gpl/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "57224d9a9707a839ae4d94757696d852:1671597719.036008"
last-modified: Wed, 21 Dec 2022 04:41:59 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 22 Jan 2023 02:46:44 GMT
date: Sun, 22 Jan 2023 02:41:44 GMT
X-Firefox-Spdy: h2
js.intercomcdn.com/vendor.125a2035.js
54.230.111.118200 OK 0 B URL HTTP/2 js.intercomcdn.com/vendor.125a2035.js
IP 54.230.111.118:0
GET /vendor.125a2035.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108271
last-modified: Fri, 20 Jan 2023 17:24:00 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 5b7ioR.7g0SqZaPv_7xnsa5eG1C6IEgd
accept-ranges: bytes
server: AmazonS3
date: Sun, 22 Jan 2023 02:16:16 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "d7841cf11a784340d6f64aa8956832ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Y2voah4NubAcTS9IdZm_M2lJfYPiaUEtp0Ur8WGUAYCz6W56XTRGwQ==
age: 1528
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2