r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14920
Expires: Fri, 09 Dec 2022 10:38:27 GMT
Date: Fri, 09 Dec 2022 06:29:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15354
Expires: Fri, 09 Dec 2022 10:45:41 GMT
Date: Fri, 09 Dec 2022 06:29:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5851
Expires: Fri, 09 Dec 2022 08:07:18 GMT
Date: Fri, 09 Dec 2022 06:29:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aPvCeeXs9NyP8XH6SjfycA/owOikvyrTUMIFiV5pdUi0veaK+r9VnRNYF3eyIkwyqhbe3+41uns=
x-amz-request-id: M7Q95QVP0DK9G2ZF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 05:50:08 GMT
age: 2379
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 06:08:18 GMT
content-type: application/json
age: 1289
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 06:29:47 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.huangdaobook.com/active!activeLog.action?provider=1&clickId=1&manu=QEMU&type=Standard+PC+(i440FX+++PIIX,+1996)&system=27&ua=Mozilla/5.0+(Linux;+Android+8.1.0;+Standard+PC+(i440FX+++PIIX,+1996)+Build/OPM8.190605.003;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/78.0.3904.108+Mobile+Safari/537.36&mac=42010a960055&sc=590x720x160&name=%E7%A6%8F%E5%88%A9%E5%BD%B1%E9%99%A2&dexver=2295&simid=&v=214748&smsc=&et=6000187-1-214748-90017-1&imsi=null&imei=null&md5=308203453082022d&aid=a393802eb0f8ca67&sv=20170606
107.163.11.225302 Moved Temporarily 0 B URL HTTP/1.1 www.huangdaobook.com/active!activeLog.action?provider=1&clickId=1&manu=QEMU&type=Standard+PC+(i440FX+++PIIX,+1996)&system=27&ua=Mozilla/5.0+(Linux;+Android+8.1.0;+Standard+PC+(i440FX+++PIIX,+1996)+Build/OPM8.190605.003;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/78.0.3904.108+Mobile+Safari/537.36&mac=42010a960055&sc=590x720x160&name=%E7%A6%8F%E5%88%A9%E5%BD%B1%E9%99%A2&dexver=2295&simid=&v=214748&smsc=&et=6000187-1-214748-90017-1&imsi=null&imei=null&md5=308203453082022d&aid=a393802eb0f8ca67&sv=20170606
IP 107.163.11.225:0
ASN #395776 FEDERAL-ONLINE-GROUP-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /active!activeLog.action?provider=1&clickId=1&manu=QEMU&type=Standard+PC+(i440FX+++PIIX,+1996)&system=27&ua=Mozilla/5.0+(Linux;+Android+8.1.0;+Standard+PC+(i440FX+++PIIX,+1996)+Build/OPM8.190605.003;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/78.0.3904.108+Mobile+Safari/537.36&mac=42010a960055&sc=590x720x160&name=%E7%A6%8F%E5%88%A9%E5%BD%B1%E9%99%A2&dexver=2295&simid=&v=214748&smsc=&et=6000187-1-214748-90017-1&imsi=null&imei=null&md5=308203453082022d&aid=a393802eb0f8ca67&sv=20170606 HTTP/1.1
Host: www.huangdaobook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 09 Dec 2022 06:29:48 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=rumqp0q9sda73m0ob1es8csme7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: /indexx.php
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 06:07:55 GMT
age: 1313
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6426
Cache-Control: max-age=102250
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:29:48 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:53:58 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.huangdaobook.com/indexx.php
107.163.11.225200 OK 383 B URL HTTP/1.1 www.huangdaobook.com/indexx.php
IP 107.163.11.225:0
ASN #395776 FEDERAL-ONLINE-GROUP-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 4dc2dc114db9aed3f35ef297cca82172
f798a2010c9680cb130a607290a18791556e396a
79d31cff5b22fe79246dedbbdeffd05271cbdfcc72593c5cae5af3032bda295f
Analyzer Verdict Alert fortinet Malware
GET /indexx.php HTTP/1.1
Host: www.huangdaobook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=rumqp0q9sda73m0ob1es8csme7
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 06:29:48 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
push.services.mozilla.com/
35.164.186.39101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.186.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tDDtNDpcvzwOQ0FuaBiEIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CkUUUo3PyHa0nltmWA2zAOMs9no=
www.huangdaobook.com/jquery.mobile.js
107.163.11.225200 OK 778 B URL HTTP/1.1 www.huangdaobook.com/jquery.mobile.js
IP 107.163.11.225:0
ASN #395776 FEDERAL-ONLINE-GROUP-LLC
File type ASCII text, with very long lines (1686), with no line terminators
Hash 8525b2b00d1f4ce2f26a207f8789adab
0c4a04a8176007987ffeb9b4f7400e4e8b0d37b4
0307166ba425b18ea33ef5c5e42b04dedfbc2a087fbef27539be1bb22dbc32f1
Analyzer Verdict Alert fortinet Malware
GET /jquery.mobile.js HTTP/1.1
Host: www.huangdaobook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.huangdaobook.com/indexx.php
Cookie: PHPSESSID=rumqp0q9sda73m0ob1es8csme7
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 06:29:48 GMT
Content-Type: application/javascript
Last-Modified: Mon, 16 Nov 2020 03:51:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fb1f752-696"
Expires: Fri, 09 Dec 2022 18:29:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.huangdaobook.com/jquery.min.js
107.163.11.225200 OK 708 B URL HTTP/1.1 www.huangdaobook.com/jquery.min.js
IP 107.163.11.225:0
ASN #395776 FEDERAL-ONLINE-GROUP-LLC
File type ASCII text, with very long lines (1875), with no line terminators
Hash 039a34bf4c1416c8b4ae2e3f6c821e5b
ede6f9354ae084a6e08886aee337495d500d511d
9baf7d1ddcd556e06506e7fe7710c419521b2d1a23ec78b7d5728a2c75ef4df4
Analyzer Verdict Alert fortinet Malware
GET /jquery.min.js HTTP/1.1
Host: www.huangdaobook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.huangdaobook.com/indexx.php
Cookie: PHPSESSID=rumqp0q9sda73m0ob1es8csme7
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 06:29:48 GMT
Content-Type: application/javascript
Last-Modified: Mon, 16 Nov 2020 03:51:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fb1f742-753"
Expires: Fri, 09 Dec 2022 18:29:48 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.huangdaobook.com/tj.js
107.163.11.225200 OK 258 B URL HTTP/1.1 www.huangdaobook.com/tj.js
IP 107.163.11.225:0
ASN #395776 FEDERAL-ONLINE-GROUP-LLC
File type ASCII text, with CRLF line terminators
Hash 9275155239f3863765b69fe1e88f3b98
b93ede7aaa9cb9830604b125dd5d42498ba756b3
574f3dbb2b23e1839c58733c01aa4ea98385ba791816fefc4b2f8b2c8aac439a
Analyzer Verdict Alert fortinet Malware
GET /tj.js HTTP/1.1
Host: www.huangdaobook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.huangdaobook.com/indexx.php
Cookie: PHPSESSID=rumqp0q9sda73m0ob1es8csme7
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 06:29:48 GMT
Content-Type: application/javascript
Content-Length: 258
Last-Modified: Sun, 17 Jul 2022 04:09:19 GMT
Connection: keep-alive
ETag: "62d38b6f-102"
Expires: Fri, 09 Dec 2022 18:29:48 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
107.163.11.220/js.js
107.163.11.220200 OK 1.3 kB IP 107.163.11.220:0
ASN #395776 FEDERAL-ONLINE-GROUP-LLC
File type HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (546), with CRLF line terminators
Hash 60db9d023e6fec432d81a02acd17e999
d0bed534de7af33d4d0cceadf2ade7452d8d19da
20dbfe1fd48da160d6ad6ae2ed3cd055e2060e2717af1bfcc2b9d2c8880b13df
Analyzer Verdict Alert quad9 Sinkholed
GET /js.js HTTP/1.1
Host: 107.163.11.220
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.huangdaobook.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 06:29:49 GMT
Content-Type: application/javascript
Last-Modified: Sat, 14 Nov 2020 17:41:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5fb016c3-bfc"
Expires: Fri, 09 Dec 2022 18:29:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
107.163.11.220/tiao.js
107.163.11.220200 OK 40 B IP 107.163.11.220:0
ASN #395776 FEDERAL-ONLINE-GROUP-LLC
File type ASCII text, with no line terminators
Hash 04af84ba6eaf77f0107b56cdd4210404
21329ec8e38a0ff6274307e2d9a86a93ab1b3892
7ca71a79274d7b8e79bdcc2824a03a57a8601bbc83941b882b38a1d170444c76
Analyzer Verdict Alert quad9 Sinkholed
GET /tiao.js HTTP/1.1
Host: 107.163.11.220
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.huangdaobook.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 06:29:49 GMT
Content-Type: application/javascript
Content-Length: 40
Last-Modified: Tue, 06 Sep 2022 02:53:19 GMT
Connection: keep-alive
ETag: "6316b61f-28"
Expires: Fri, 09 Dec 2022 18:29:49 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b1c7582d3f59d3f9654f14472d65d038
34e3aa68f13df93541c40dfd60508be245d112bf
5d3f087d129ca6ae978f85256658eb83be30ad608856789796e78d6392c9bcd1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D3F087D129CA6AE978F85256658EB83BE30AD608856789796E78D6392C9BCD1"
Last-Modified: Wed, 07 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Dec 2022 12:29:49 GMT
Date: Fri, 09 Dec 2022 06:29:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18994
Expires: Fri, 09 Dec 2022 11:46:23 GMT
Date: Fri, 09 Dec 2022 06:29:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18994
Expires: Fri, 09 Dec 2022 11:46:23 GMT
Date: Fri, 09 Dec 2022 06:29:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18994
Expires: Fri, 09 Dec 2022 11:46:23 GMT
Date: Fri, 09 Dec 2022 06:29:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18994
Expires: Fri, 09 Dec 2022 11:46:23 GMT
Date: Fri, 09 Dec 2022 06:29:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1be0ae00ba0c6009ac14c8df38b8ad0
33edd1469c54a08e3c4cb0003b87b225eba55b3f
ab70390c49c5bb3dd7e97ba008c01213a59b3bc271aa8a350ab35ff422d8b3fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3030
x-amzn-requestid: c5e5e4a1-bc45-42e8-a021-9c8f99e22556
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUqCFWBoAMFiqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639134a6-5cc9bdf360f2bfb54e16b448;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: x5FUJ8Cbw9B9BWcHlencYw564Xri5cgoVXkQ2MbhEjYq7Y5v2P0IxQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:18:08 GMT
age: 69101
etag: "33edd1469c54a08e3c4cb0003b87b225eba55b3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46275ec87d8221804dbb99f95b035131
c47af4e5770daad212f4290527b00321285105f8
2118ec68c738683d8f7e11b95239ca92fda2b9b5054aa7b128267eec0d0634c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8803
x-amzn-requestid: e8516be3-5ce9-4f15-b522-c81c1e57a0e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtK9GavoAMFjpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af579-538cc8f300938698004f2241;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MiOdXHxd9Vmeji8Yqd8LG_EqYoMGf0YBy6by9bhfjb12y1OxKVvvqw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:56:08 GMT
age: 9221
etag: "c47af4e5770daad212f4290527b00321285105f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06799a30d9977b0845f525ae82355d23
6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea
d7a7eeb42d36167243b3dea7147a61119cbb5d1dcc2e2304c6ddd4a62e41efd3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4914
x-amzn-requestid: b709d5ff-617b-480b-8fc3-b1408ee358b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsoEkSIAMF0ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7ea-4150ac397b97d1217cece045;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8DqbjuQMX0JOMpduQ1-wy_B1a957NXgsAHrZc1OwUzsmqJRKfkEpoA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:49:06 GMT
age: 31243
etag: "6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 31105
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:15:07 GMT
age: 83682
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: b1cf2094-2cf5-4e19-9ed7-4d7e220c93cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUoREPoIAMF4hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391349b-1b78fe0a155179643ae2aeed;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YMFI6I2o0A4rGZTluooPsDLGNRRY9kSAfDAFrwzXhIG4HC_W-hFIoQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:31:33 GMT
age: 68296
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b1c7582d3f59d3f9654f14472d65d038
34e3aa68f13df93541c40dfd60508be245d112bf
5d3f087d129ca6ae978f85256658eb83be30ad608856789796e78d6392c9bcd1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "5D3F087D129CA6AE978F85256658EB83BE30AD608856789796E78D6392C9BCD1"
Last-Modified: Wed, 07 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Fri, 09 Dec 2022 12:29:49 GMT
Date: Fri, 09 Dec 2022 06:29:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2886423a289e85ac6ef0317cb5c16b14
7ed6c86feb7a2336706dcfa3b0c4064a37001e87
09ac4e5ae85daf72fa5b5b734248237be228252781db70f7319ef9b64fd0abd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114549
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:29:51 GMT
Etag: "6391f254-117"
Expires: Sat, 10 Dec 2022 14:19:00 GMT
Last-Modified: Thu, 08 Dec 2022 14:19:00 GMT
Server: nginx
Content-Length: 279
socket.365raylines.com/socketcluster/
104.18.42.183101 Switching Protocols 0 B URL HTTP/1.1 socket.365raylines.com/socketcluster/
IP 104.18.42.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socketcluster/ HTTP/1.1
Host: socket.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ray150.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: esJLb5iHMjPlAMfZbJS8zg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 09 Dec 2022 06:29:52 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ttn5WC/qS6Ix6ZnvyL7CekRvXvU=
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776bb056ee240afa-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:29:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 04:41:08 GMT
expires: Fri, 09 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 6524
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=866903107&t=pageview&_s=1&dl=https%3A%2F%2Fray150.com%2F&dr=http%3A%2F%2Fwww.huangdaobook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=RAYBET%E9%9B%B7%E7%AB%9E%E6%8A%80-%E6%9C%80%E4%BD%B3%E7%94%B5%E5%AD%90%E7%AB%9E%E6%8A%80%E5%8D%B3%E6%97%B6%E7%AB%9E%E7%8C%9C%E5%B9%B3%E5%8F%B0%E3%80%82&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAEABEAAAACAAI~&jid=1706713538&gjid=1393888079&cid=633262242.1670567392&tid=UA-115025704-2&_gid=1575770739.1670567392&_r=1&_slc=1&z=151412525
216.58.207.206200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=866903107&t=pageview&_s=1&dl=https%3A%2F%2Fray150.com%2F&dr=http%3A%2F%2Fwww.huangdaobook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=RAYBET%E9%9B%B7%E7%AB%9E%E6%8A%80-%E6%9C%80%E4%BD%B3%E7%94%B5%E5%AD%90%E7%AB%9E%E6%8A%80%E5%8D%B3%E6%97%B6%E7%AB%9E%E7%8C%9C%E5%B9%B3%E5%8F%B0%E3%80%82&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAEABEAAAACAAI~&jid=1706713538&gjid=1393888079&cid=633262242.1670567392&tid=UA-115025704-2&_gid=1575770739.1670567392&_r=1&_slc=1&z=151412525
IP 216.58.207.206:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=866903107&t=pageview&_s=1&dl=https%3A%2F%2Fray150.com%2F&dr=http%3A%2F%2Fwww.huangdaobook.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=RAYBET%E9%9B%B7%E7%AB%9E%E6%8A%80-%E6%9C%80%E4%BD%B3%E7%94%B5%E5%AD%90%E7%AB%9E%E6%8A%80%E5%8D%B3%E6%97%B6%E7%AB%9E%E7%8C%9C%E5%B9%B3%E5%8F%B0%E3%80%82&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aEBAAEABEAAAACAAI~&jid=1706713538&gjid=1393888079&cid=633262242.1670567392&tid=UA-115025704-2&_gid=1575770739.1670567392&_r=1&_slc=1&z=151412525 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://ray150.com
date: Fri, 09 Dec 2022 06:29:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:29:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gameinfo.365raylines.com/v2/match?page=1&match_type=2
172.64.145.73204 No Content 0 B URL HTTP/2 gameinfo.365raylines.com/v2/match?page=1&match_type=2
IP 172.64.145.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/match?page=1&match_type=2 HTTP/1.1
Host: gameinfo.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 06:29:52 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,DELETE,PUT,OPTIONS,PATCH
access-control-allow-headers: lang
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb057cddeb4f1-OSL
X-Firefox-Spdy: h2
gameinfo.365raylines.com/v2/notice?source=0
172.64.145.73204 No Content 0 B URL HTTP/2 gameinfo.365raylines.com/v2/notice?source=0
IP 172.64.145.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/notice?source=0 HTTP/1.1
Host: gameinfo.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 06:29:52 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,DELETE,PUT,OPTIONS,PATCH
access-control-allow-headers: lang
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb057ddf1b4f1-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:29:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-115025704-2&cid=633262242.1670567392&jid=1706713538&gjid=1393888079&_gid=1575770739.1670567392&_u=aEBAAEAAEAAAACAAI~&z=199908008
64.233.165.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-115025704-2&cid=633262242.1670567392&jid=1706713538&gjid=1393888079&_gid=1575770739.1670567392&_u=aEBAAEAAEAAAACAAI~&z=199908008
IP 64.233.165.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-115025704-2&cid=633262242.1670567392&jid=1706713538&gjid=1393888079&_gid=1575770739.1670567392&_u=aEBAAEAAEAAAACAAI~&z=199908008 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ray150.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 06:29:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:29:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cfscoreboard.666.gg/socketcluster/
172.64.145.250101 Switching Protocols 0 B URL HTTP/1.1 cfscoreboard.666.gg/socketcluster/
IP 172.64.145.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socketcluster/ HTTP/1.1
Host: cfscoreboard.666.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ray150.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +2Fwzakx/i33qvXZChSarw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 09 Dec 2022 06:29:53 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e0eAy+cK/U0XxF8fC/N/q5lYTG0=
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776bb058db580b45-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3b00784dfe288a7983c75571902b1b15
3719ae12a384b44da2266302256e04c3968e0555
3ef952ab142044ebe18b8cdf9032c03e8be6e569d957cf49543c2a2a78e078e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:29:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
storage.googleapis.com/workbox-cdn/releases/3.6.3/workbox-sw.js
142.250.74.48200 OK 811 B URL HTTP/2 storage.googleapis.com/workbox-cdn/releases/3.6.3/workbox-sw.js
IP 142.250.74.48:0
File type ASCII text, with very long lines (1463)
Hash 3b2b6271620232c4a83409b32bb8be3d
f65c8f96f43f15fcf8f9da263c571f617a4eee41
3d545891478171bfa007cfa847ad3fc76e894bd1470517ef9d1790311a522dda
GET /workbox-cdn/releases/3.6.3/workbox-sw.js HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ray150.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ADPycduTE-6b1T4qQGM3zrANVd9ZmMfZNzVW7CcAmFKsSfC_1iwK7Ho4kl9p99lfDB1UvQQLL2HteXb36sxHcF-9zwRihw5b1QZG
x-goog-generation: 1540216602882216
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 811
content-encoding: gzip
x-goog-hash: crc32c=ZmyS3A==, md5=OyticWICMsSoNAmzK7i+PQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 811
access-control-allow-origin: *
server: UploadServer
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
date: Fri, 09 Dec 2022 05:59:34 GMT
expires: Sat, 09 Dec 2023 05:59:34 GMT
cache-control: public, max-age=31536000
age: 1819
last-modified: Mon, 22 Oct 2018 13:56:42 GMT
etag: "3b2b6271620232c4a83409b32bb8be3d"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gameinfo.365raylines.com/v2/match?page=2&match_type=2
172.64.145.73204 No Content 0 B URL HTTP/2 gameinfo.365raylines.com/v2/match?page=2&match_type=2
IP 172.64.145.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/match?page=2&match_type=2 HTTP/1.1
Host: gameinfo.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: lang
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 06:29:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,DELETE,PUT,OPTIONS,PATCH
access-control-allow-headers: lang
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb061fec4b4f1-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3b00784dfe288a7983c75571902b1b15
3719ae12a384b44da2266302256e04c3968e0555
3ef952ab142044ebe18b8cdf9032c03e8be6e569d957cf49543c2a2a78e078e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 06:29:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ray150.com/css/app.c92b2889.css
188.114.97.1200 OK 27 kB URL HTTP/2 ray150.com/css/app.c92b2889.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fb7a2185b5a5346a0086d3de84fecabb
cf2902097f8a2ad20ccfbc6a68e20bc111fd8c22
45d6788fc2c49805e3a9c23bccc428d284ff6ccbd2963abbf3f4c8ff4ef10596
GET /css/app.c92b2889.css HTTP/1.1
Host: ray150.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Dec 2022 02:46:05 GMT
etag: W/"6388156d-2fa91"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfZFxnzRw8yNtevfrGPbQGdOU1DGvg4GewFUHWs76tkQ8H8VGX%2B6%2FQx6oAmQT6XAyl98dgX%2B2EMlHG3UqeYk8t7TvrxoyTrbXqtb2Sz2VKXYPc0WV3RSahcNaBhd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776bb04dbe380b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ray150.com/css/vendors~app.ef173cce.css
188.114.97.1200 OK 37 kB URL HTTP/2 ray150.com/css/vendors~app.ef173cce.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (46831)
Hash de52f6f72beda36221b23da9c5b09f45
73b9c9c78988f7782fb2285099a515e29be40d0e
d93f8d6f890fcd33bf198d8b0c7cde3fefe8a397d9e41d7141821fcea6271519
GET /css/vendors~app.ef173cce.css HTTP/1.1
Host: ray150.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:50 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Dec 2022 02:46:05 GMT
etag: W/"6388156d-be7e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzVxVMhZ35rOgcG0vBCIqCIqtIU7YhzSzmiLJpkp6GrFh3tilZjfmKJo3P%2BKVIU7V6%2BHVVeq3ixYdxLJJ1LHL6qN30EMB0N6QIK8asqHJw%2BGviopKEBkp5TjeIkw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776bb04dbe3a0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
statics.freestaticsasia.com/file/c7a12d488c3643641004355272fb9124.png
212.24.127.8200 OK 14 kB URL HTTP/1.1 statics.freestaticsasia.com/file/c7a12d488c3643641004355272fb9124.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 0925444a45937e82867e9a59323cb9e4
f8964f1e054d3c274808630c8f8e388d86088f2c
29cae09ce59ecef4c5a9fc0b04caa921233480fd2ef7eeb77a5faeb98fd5c2d3
GET /file/c7a12d488c3643641004355272fb9124.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 14253
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-37ad"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: abb099f3dfc8f4f8a97d65c242cd451c
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
gameinfo.365raylines.com/v2/match?page=2&match_type=2
172.64.145.73200 OK 31 kB URL HTTP/2 gameinfo.365raylines.com/v2/match?page=2&match_type=2
IP 172.64.145.73:0
Hash 258d092a9ac8e3ef524cf6b1562edf6d
5580766b3ebf48e31cc8eb8838c32fc513b1c826
e3f1721d7943658b28cd5b18f892136e0f7720ffe069f927c3d8a8f5ee4376bf
GET /v2/match?page=2&match_type=2 HTTP/1.1
Host: gameinfo.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
lang: en-US
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,authorization
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb0635ffcb4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gameinfo.365raylines.com/v2/notice?source=0
172.64.145.73200 OK 30 kB URL HTTP/2 gameinfo.365raylines.com/v2/notice?source=0
IP 172.64.145.73:0
Hash e88dde75f9fc2cff91bf9e566bba0565
bf25d8067064960462907a9ff0a0629655b8e77d
5a7a7e0383002bf5552816cd550678b4f435815e9e568898e4b28dcdb351643f
GET /v2/notice?source=0 HTTP/1.1
Host: gameinfo.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
lang: en-US
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:53 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,authorization
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb05d4afcb4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
api.365raylines.com/activity/promotionv3?displayType=3&platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78
172.64.144.18200 OK 30 kB URL HTTP/2 api.365raylines.com/activity/promotionv3?displayType=3&platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78
IP 172.64.144.18:0
Hash 7977a556326967bb5587d6114d931df5
7dbb85a7a5b998f05151dad07fc5c3f5f2d0a806
8d4536541753f7ed6154a6a61769cc4a1d157815cf95ebe0d0b8281f62cce115
GET /activity/promotionv3?displayType=3&platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: api.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:53 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache
pragma: no-cache
expires: -1
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb05eebec0b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
statics.freestaticsasia.com/file/4d998036a267b3147652118cdacc24d3.png
212.24.127.8200 OK 14 kB URL HTTP/1.1 statics.freestaticsasia.com/file/4d998036a267b3147652118cdacc24d3.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
Hash a1e0250dd2882d339d8f716f9b3aaebe
e7b5e33b45fecc6fa2cb9a9e071126397a96fda8
69b6293ef0539fa439ab4771ada8e9c115fead65a3fcc418562610c8559593d5
GET /file/4d998036a267b3147652118cdacc24d3.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 12535
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 08:09:39 GMT
ETag: "62c3f1c3-30f7"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: d19974f5f86a66d98b2761828cf34d68
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/3bcb88304901e81b156cf0da0a20f4f0.png
212.24.127.8200 OK 36 kB URL HTTP/1.1 statics.freestaticsasia.com/file/3bcb88304901e81b156cf0da0a20f4f0.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 9af0500fe32e8b0008a9ee3af41dac33
fdbc7be85d21ada3f8dd33e66075a9a245b312b4
ee1874f1e1ad1c646b466b419208ebc32f69b7f4af6db439c8eabba1364cd888
GET /file/3bcb88304901e81b156cf0da0a20f4f0.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 36445
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-8e5d"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 45716c86e38676f4946373ed3b601d0b
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/cbdd2dcd12150515bb7e884db3c6775d.png
212.24.127.8200 OK 14 kB URL HTTP/1.1 statics.freestaticsasia.com/file/cbdd2dcd12150515bb7e884db3c6775d.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 25b64bf8b5aafaa60d96aac7a55a3b1a
fce8d08fe07c7d5632ef9eef55cedb4fcbac9275
53c036cc904fa8bc7b0a85f769131984c940309ec5fc6b394853671b7f5740dd
GET /file/cbdd2dcd12150515bb7e884db3c6775d.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 13727
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-359f"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 95374e79421afc0886dbc235da6b8ef1
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
api.365raylines.com/configv4?platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78
172.64.144.18200 OK 15 kB URL HTTP/2 api.365raylines.com/configv4?platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78
IP 172.64.144.18:0
Hash 5d38820c102a1c7bfc5aabfabbd1acbf
70b5b81b5f7e1b99635362d0ef637e9140b2a2cb
299208428c0bb7aea703df7658902707e9b38fbd6b36f6e38e82736a1a1a371a
GET /configv4?platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: api.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:53 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache
pragma: no-cache
expires: -1
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb058d8520b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
statics.freestaticsasia.com/file/22a2dc378acb953ecb9ada1d40b8290b.png
212.24.127.8200 OK 31 kB URL HTTP/1.1 statics.freestaticsasia.com/file/22a2dc378acb953ecb9ada1d40b8290b.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash dd63bbf5a5e54b6f357aad397de16ed5
36ed37b8ba731a28008ca3cf3d79b6c91d274ea6
4ec0fb3a0b4202a82c15a6b6417390ea080ac7da9fe0cf2cc8603c8cde29b7d3
GET /file/22a2dc378acb953ecb9ada1d40b8290b.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 30734
Connection: keep-alive
Last-Modified: Tue, 01 Nov 2022 11:09:15 GMT
ETag: "6360fe5b-780e"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 3a228f4854a8738b847083ec4b89f2f3
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/cbc7d4b47b9cd22e960a02fc06b20161.png
212.24.127.8200 OK 19 kB URL HTTP/1.1 statics.freestaticsasia.com/file/cbc7d4b47b9cd22e960a02fc06b20161.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
Hash da972bdf63e04c43739f9e0ec7db5440
5b2b1e1eb270b655afbe376a7b20a5088753d487
5425687357c4bef167d0f3ec5f1219dc0239345ffe8804ee54aca437a3061b27
GET /file/cbc7d4b47b9cd22e960a02fc06b20161.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 13014
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-32d6"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 71c60383f1b8aada1dc77b7c3e375fd1
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/7de3db31dad69b0fc86bcf6d598b336c.png
212.24.127.8200 OK 27 kB URL HTTP/1.1 statics.freestaticsasia.com/file/7de3db31dad69b0fc86bcf6d598b336c.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
Hash 9af6462cc949651270cd7f7dc0743806
7a6386557f5a583a3a2c206599bf2438208b462c
482e85e5f6d7940765bd1142814c75435e1f42132e90879f2bcb77169405897a
GET /file/7de3db31dad69b0fc86bcf6d598b336c.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 26033
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-65b1"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: ce360219e5f5c32824da983ff9e53e72
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/e9a32081a0d5ea698747246056fe5082.png
212.24.127.8200 OK 29 kB URL HTTP/1.1 statics.freestaticsasia.com/file/e9a32081a0d5ea698747246056fe5082.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
Hash 97a1f66d1670706374299474d225a335
e2725a6a8c01c370659244290c55eeda1a9a0efa
22d96164540a5039692f5476979ac4711baf9f3a74e1b849db456739598e40f9
GET /file/e9a32081a0d5ea698747246056fe5082.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 28258
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-6e62"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 16f03a33d66729ce087f2219435aa940
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/69d06b3969ec9b59ddb716dff1ca5e9a.png
212.24.127.8200 OK 29 kB URL HTTP/1.1 statics.freestaticsasia.com/file/69d06b3969ec9b59ddb716dff1ca5e9a.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
Hash 71ef954776045efc453fc49ccd3bcf2c
489cf7aa19f50fe16a71a10de16dbe6257ee64cb
a7e4000a793f838ef23e221a66f7ef66758f9a0feebbaf8ae940cae610794cda
GET /file/69d06b3969ec9b59ddb716dff1ca5e9a.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 27616
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-6be0"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: a28afa23e30ed9c8e552fe047bb72798
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
api.365raylines.com/host2agentId?host=ray150.com&platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78
172.64.144.18200 OK 294 kB URL HTTP/2 api.365raylines.com/host2agentId?host=ray150.com&platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78
IP 172.64.144.18:0
Size 294 kB (294313 bytes)
Hash b981d4338be41d9a39068a7967997954
4388b18022cc5530cfcbbb029a887dd98f788d82
5074d9d8b12dc9f6cddaf5f10abb34d054a3e7a008ca0263a11717a942c89397
GET /host2agentId?host=ray150.com&platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: api.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:54 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache
pragma: no-cache
expires: -1
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb05efbf10b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ray150.com/
188.114.97.1200 OK 12 kB IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3531), with no line terminators
Hash 8e9602787a95dbb132464b27acd5092b
4c92ef00d7ee308d331d7e9b7ff51fe508f7d316
d4fca4db4075309bef0099081ecc790e179bfd81d185a27953b40a94f7680aa5
GET / HTTP/1.1
Host: ray150.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.huangdaobook.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:50 GMT
content-type: text/html
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Dec 2022 02:46:05 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tO%2BBBrCslCUHS73QytwKYXZeAF4JD6aacWmwJhM7WgXS5061D3dFcuREVkbTEXyYzu1nVP32reaudrvk2SmhfFK8DKb2zlEDIZ08ovgBB2cWNhgNOCT1lLLq7e8z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776bb04a9c1a0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
statics.freestaticsasia.com/file/ecc1f11b4bc66e5398309bfd720036bc.png
212.24.127.8200 OK 25 kB URL HTTP/1.1 statics.freestaticsasia.com/file/ecc1f11b4bc66e5398309bfd720036bc.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash a2f132d759c0c2af905ba55031062c40
52aeeba45e07ba5cd1345e03e808024f7b67ecdb
6c46b92c78afd4862b887b253ca51dcde6592e5097e690d20c9407d6ae0046c5
GET /file/ecc1f11b4bc66e5398309bfd720036bc.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 24687
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-606f"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 057b57ae7a562034afafce5c432b88cb
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/92bdb3ebe37c0446da5cbb765c873a7f.png
212.24.127.8200 OK 28 kB URL HTTP/1.1 statics.freestaticsasia.com/file/92bdb3ebe37c0446da5cbb765c873a7f.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
Hash 53d873721899cf2764a10fe685fd3f34
dce4f4f9aed5eb133e3df27eca48873a807275f8
6dc59541025047aaa019dcfe891d5f307837c86f899db04aeaff9481f4b06994
GET /file/92bdb3ebe37c0446da5cbb765c873a7f.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 27142
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-6a06"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 7d8e6b21a7158882d7b17eff4fc04a6b
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/c0d5eed2c2849a6faf809b2d1a337cf3.png
212.24.127.8200 OK 15 kB URL HTTP/1.1 statics.freestaticsasia.com/file/c0d5eed2c2849a6faf809b2d1a337cf3.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 56de79fc4154e85a81f2352faf355ffe
469771df67e16df20a436bc87025198e5c1978ba
52e0ced07b9f9debe76b276dbaee694ed797b67862554f9faa2ff171bd9832df
GET /file/c0d5eed2c2849a6faf809b2d1a337cf3.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 15355
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-3bfb"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 9ca695771e93caf3e2ce0273a3a5c5f9
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/267216cd0473c5335541eb4849d5b3a6.png
212.24.127.8200 OK 18 kB URL HTTP/1.1 statics.freestaticsasia.com/file/267216cd0473c5335541eb4849d5b3a6.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 306bc1c6cb802e23912bc7b2cfe964ef
f37a1ba75b0542a269c2e2902067a540630e7ef6
1efe91c6fea320cbccd7a6659e8b4d7fa862e93fb7e032980d62f1c74a52d1bc
GET /file/267216cd0473c5335541eb4849d5b3a6.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 17560
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-4498"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: dd36982bd5dfa28ddb352c23918cdc77
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/bd22515ffb7824fdd151cb2883b2d9e2.png
212.24.127.8200 OK 20 kB URL HTTP/1.1 statics.freestaticsasia.com/file/bd22515ffb7824fdd151cb2883b2d9e2.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
Hash 94d5037f73affd87b315be978150752a
1c3579d526691d47d3b6f5a5318aeb12daa9f71c
3eaa2b0e9a0d256f6bdbc71ceb6305467644d22f26bb7808e65b8c6aa37c762f
GET /file/bd22515ffb7824fdd151cb2883b2d9e2.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 16458
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-404a"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 662813f75a11caef0b815c391dd4eeb0
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
statics.freestaticsasia.com/file/37349c44586faa6fbec75b0d140ecd8c.png
212.24.127.8200 OK 46 kB URL HTTP/1.1 statics.freestaticsasia.com/file/37349c44586faa6fbec75b0d140ecd8c.png
IP 212.24.127.8:0
ASN #61317 Ipxo Uk Limited
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash c702ceb593e3d49f5734bef1cba01a11
62f391689c9e5c0955c5307fcaa1b78724d4d086
62a6c878bf14e392bf2c157905a3d9ef22b70caf3d708f7482bcc25163e0a53c
GET /file/37349c44586faa6fbec75b0d140ecd8c.png HTTP/1.1
Host: statics.freestaticsasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 06:29:37 GMT
Content-Type: image/png
Content-Length: 46289
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 09:23:10 GMT
ETag: "6343e47e-b4d1"
server: ****
X-Cache: HIT
X-Cache-Hit: edge
X-Request-Id: 2557703879c33a1418c53a5f827fd3ac
Cache-Control: max-age=31104000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
34.120.237.76200 OK 23 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
IP 34.120.237.76:0
Hash 44361920d704f2fb12288360877013a6
5cb78992cce752a844b1bf6d2907032ce7cf8bfa
48b0e16c7f2c92ca13f04ed896f578d0dac24a8a037798fa8a875e1e45a5ff19
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 26914070-22ad-49fd-bacb-7842dcb203b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZPGd-oAMF5OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925907-5c62555a65327ff934ae232e;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gkClPXMpz53Lmf56qAHXyd3IcOjTGjcBonaTpq2_4v7XRxPFv8q8QA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:49:12 GMT
age: 31244
etag: "433e295328d6c821a1df907c232bff4195e2860b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ray150.com/css/chunk-vuetify.89aa964c.css
188.114.97.1200 OK 0 B URL HTTP/2 ray150.com/css/chunk-vuetify.89aa964c.css
IP 188.114.97.1:0
GET /css/chunk-vuetify.89aa964c.css HTTP/1.1
Host: ray150.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:51 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Dec 2022 02:46:05 GMT
etag: W/"6388156d-1ed23"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FllBUfYV5KWSBGkMNoMQXegGXXPcDJ17hG8ZPtjFCQdq2apLkr%2Fwewmyrk0%2Bc%2FbyAy3iYvHgXpVzlEVeLv%2BTaEbGS7ojgbNCRaCjlomjQZ8m25pjGHkfzZpMjRN3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776bb04dbe390b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ray150.com/js/vendors~app.11c9aee4.js
188.114.97.1200 OK 0 B URL HTTP/2 ray150.com/js/vendors~app.11c9aee4.js
IP 188.114.97.1:0
GET /js/vendors~app.11c9aee4.js HTTP/1.1
Host: ray150.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Dec 2022 02:46:05 GMT
etag: W/"6388156d-10939c"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4oY%2BHvclXiwskaInJdQeh3lG9aaCzR9Vg8pTyiWZwbgzyFJSQm3wm8ru9QBQJ0ZLuqcWOciMemsJBGfmaBCeLZxF3lO3TJ2UXPEkheZQ7lC77Lq7U5YYGpCkZXs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776bb04dbe460b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.365raylines.com/system/announcement?platform=1&deviceId=
172.64.144.18200 OK 0 B URL HTTP/2 api.365raylines.com/system/announcement?platform=1&deviceId=
IP 172.64.144.18:0
GET /system/announcement?platform=1&deviceId= HTTP/1.1
Host: api.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: -1
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb057dfd30b51-OSL
X-Firefox-Spdy: h2
gameinfo.365raylines.com/v2/match?page=1&match_type=2
172.64.145.73200 OK 0 B URL HTTP/2 gameinfo.365raylines.com/v2/match?page=1&match_type=2
IP 172.64.145.73:0
GET /v2/match?page=1&match_type=2 HTTP/1.1
Host: gameinfo.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
lang: en-US
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:53 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,authorization
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb05d4af8b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
api.365raylines.com/activity/promotionv3?displayType=5&platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78
172.64.144.18200 OK 0 B URL HTTP/2 api.365raylines.com/activity/promotionv3?displayType=5&platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78
IP 172.64.144.18:0
GET /activity/promotionv3?displayType=5&platform=1&deviceId=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: api.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:54 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache
pragma: no-cache
expires: -1
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb05efbf00b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gameinfo.365raylines.com/v2/game
172.64.145.73200 OK 0 B URL HTTP/2 gameinfo.365raylines.com/v2/game
IP 172.64.145.73:0
GET /v2/game HTTP/1.1
Host: gameinfo.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
lang: en-US
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,authorization
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb0684be0b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ray150.com/js/app.37fb6aad.js
188.114.97.1200 OK 0 B URL HTTP/2 ray150.com/js/app.37fb6aad.js
IP 188.114.97.1:0
GET /js/app.37fb6aad.js HTTP/1.1
Host: ray150.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:50 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Dec 2022 02:46:05 GMT
etag: W/"6388156d-50616"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayB%2BIlVv8UERGJezrbry1ssPEVyPkh9gQoexWd7jmhCW%2FrIOelfS%2BpO%2FDP%2FowC3UIrXbCbV0tSL8Edx7NMZLZQ6SeA%2BITk1Ph8b7zs%2FiUQUjqJ6%2FC3rUHq3A3LfF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776bb04dbe430b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ray150.com/js/chunk-vuetify.1c6121aa.js
188.114.97.1200 OK 0 B URL HTTP/2 ray150.com/js/chunk-vuetify.1c6121aa.js
IP 188.114.97.1:0
GET /js/chunk-vuetify.1c6121aa.js HTTP/1.1
Host: ray150.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 01 Dec 2022 02:46:05 GMT
etag: W/"6388156d-1f013"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfHD1Y8a%2BRpMs%2Bf3jrk3Ng0I5%2BY9YMwLq5R%2BHqa0MFwWflpOqLvNL%2Byc17xf1gngtyq%2FNEMT6JQ97TNzMN3K8iHotwhqiWYM6qHTHRhOcj9SKU17vCworE6mHDia"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776bb04dbe450b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gameinfo.365raylines.com/v2/game
172.64.145.73200 OK 0 B URL HTTP/2 gameinfo.365raylines.com/v2/game
IP 172.64.145.73:0
GET /v2/game HTTP/1.1
Host: gameinfo.365raylines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
lang: en-US
Origin: https://ray150.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 06:29:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Date,authorization
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776bb06478ceb4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2