Full Code of kn007/patch for AI

Repository: kn007/patch
Branch: master
Commit: 879caa54f2a2
Files: 29
Total size: 1.2 MB

Directory structure:
gitextract_z0ab69s5/

├── CustomHighlightSyntax.msyn
├── DoNotProxy.list
├── DoProxy.list
├── Enable_BoringSSL_OCSP.patch
├── LICENSE
├── README.md
├── blacklist.dgjy
├── bypass.list
├── dns.routes
├── dropbox_fs_fix.patch
├── fcm.hosts
├── ffmpeg-let-rtmp-flv-support-hevc-h265-opus.patch
├── gl_mt1300_led_daemon.patch
├── keys.dict
├── nginx.patch
├── nginx_dynamic_tls_records.patch
├── nginx_for_1.23.4.patch
├── nginx_io_uring.patch
├── nginx_with_quic.patch
├── nginx_with_quic_for_1.19.6.patch
├── nginx_with_quic_for_1.19.7_full.patch
├── nginx_with_spdy.patch
├── nginx_with_spdy_quic.patch
├── openssl-1.1.1.patch
├── rimworld.mods
├── seewo.fw
├── trackers.best.cn.list
├── trackers.list
└── use_openssl_md5_sha1.patch

================================================
FILE CONTENTS
================================================

================================================
FILE: CustomHighlightSyntax.msyn
================================================
[CustomSyntax]
Name=Custom
UseRegex=1
Underline=[^A-Za-z_&-](http(s)?://[A-Za-z0-9_.&?=%~#{}()@+-]+:?[A-Za-z0-9_./&?=%~#{}()@+-]+)[^A-Za-z0-9_-]
Red=[^A-Za-z0-9_\-](loss|down|deny|disabled?|unknown|fault|shutdown|disconnected|error|failed|denied|not permitted|disallowed|not allowed|refused|Attack occurred|problem|failure|not permitted|notconnect|service-type|forbidden-ip|excluded-ip-address|sysname|hostname|arp static|ip ((rpf-)?route(-static)?(-group)?|forward-broadcast)|user-bind static|static-bind|stp( global)?|lacp|reboot|(mac-address )?blackhole)[^A-Za-z0-9_\-]
Green=[^A-Za-z0-9_\-](received|recovered|permit( vlan)?|(allow-pass|pvid|access|default|hybrid) vlan|allowed|enabled?|successful(ly)?|available|connected|up|yes|ok)[^A-Za-z0-9_\-]
Yellow=[^A-Za-z0-9_\-]([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)[^A-Za-z0-9_\-]
Blue=[^A-Za-z0-9]((interface )?(((X|Ten-|M-)?Gigabit|Fiber)?(Ethernet) ?|(100|40|25|X|F)?(G|T)?(E|i|ei)|(Twenty-Five|Forty|Hundred)?GigE ?|BAGG|NULL|LoopBack|Bridge-Aggregation|AggregatePort|Eth-Trunk|Vlan-interface|Vlanif)-?[0-9]+(\/[0-9]+)*|acl( (name [A-Za-z0-9&_-]+ [0-9]+|number ?[0-9]+))?|ospf( [0-9]+)?|(ip-pool|ip pool) [A-Za-z0-9 :"'\.\\\/&_\-]+)[^A-Za-z0-9]
Magenta=[^A-Za-z0-9_\-]([0-9a-f][0-9a-f][0-9a-f][0-9a-f](:|-)[0-9a-f][0-9a-f][0-9a-f][0-9a-f](:|-)[0-9a-f][0-9a-f][0-9a-f][0-9a-f]|[0-9a-f][0-9a-f](:|-)[0-9a-f][0-9a-f](:|-)[0-9a-f][0-9a-f](:|-)[0-9a-f][0-9a-f](:|-)[0-9a-f][0-9a-f](:|-)[0-9a-f][0-9a-f]|(Please )?Press ENTER( to get started)?\.?)[^A-Za-z0-9_\-]
Cyan=[^A-Za-z0-9_\-]((no|undo|description)( [A-Za-z0-9 :"'\.\\\/&_\-]+)?|acl [0-9]+|dhcp( (server( (enable|detect|database|option ?[0-9]+))?|select( interface)?|relay|enable|snooping))?|rule [0-9]+|source(-port)?|destination(-port)?|snmp-agent|import-route|traffic-policy [A-Za-z0-9_\-]+ (in|out)bound|protocol (in|out)bound [A-za-z]+|authentication-mode( (aaa|scheme|password))?|(un)?tagged)[^A-Za-z0-9_\-]
Blinking=
CaseSensitive=0



================================================
FILE: DoNotProxy.list
================================================
DOMAIN-SUFFIX,local
DOMAIN-SUFFIX,localhost
DOMAIN-SUFFIX,internal
DOMAIN-SUFFIX,lan
DOMAIN-SUFFIX,ip6-localhost
DOMAIN-SUFFIX,ip6-loopback
IP-CIDR,0.0.0.0/8,no-resolve
IP-CIDR,10.0.0.0/8,no-resolve
IP-CIDR,100.64.0.0/10,no-resolve
IP-CIDR,127.0.0.0/8,no-resolve
IP-CIDR,169.254.0.0/16,no-resolve
IP-CIDR,172.16.0.0/12,no-resolve
IP-CIDR,192.168.0.0/16,no-resolve
IP-CIDR,198.18.0.0/16,no-resolve
IP-CIDR,224.0.0.0/4,no-resolve
IP-CIDR6,::1/128,no-resolve
IP-CIDR6,fc00::/7,no-resolve
IP-CIDR6,fe80::/10,no-resolve
IP-CIDR6,fd00::/8,no-resolve
DOMAIN-KEYWORD,aria2
DOMAIN-KEYWORD,announce
DOMAIN-KEYWORD,tracker
DOMAIN,injections.adguard.org
DOMAIN,local.adguard.org
PROCESS-NAME,aria2c.exe
PROCESS-NAME,fdm.exe
PROCESS-NAME,Folx.exe
PROCESS-NAME,NetTransport.exe
PROCESS-NAME,Thunder.exe
PROCESS-NAME,Transmission.exe
PROCESS-NAME,uTorrent.exe
PROCESS-NAME,Azureus.exe
PROCESS-NAME,deluge.exe
PROCESS-NAME,BitComet.exe
PROCESS-NAME,BitComet_x64.exe
PROCESS-NAME,qbittorrent.exe
PROCESS-NAME,WebTorrent.exe
PROCESS-NAME,WebTorrent Helper.exe
PROCESS-NAME,rufus.exe
PROCESS-NAME,DownloadService.exe
PROCESS-NAME,Weiyun.exe
PROCESS-NAME,BaiduNetdisk.exe
PROCESS-NAME,aDrive.exe
PROCESS-NAME,Quark.exe


================================================
FILE: DoProxy.list
================================================
# Basic on https://raw.githubusercontent.com/kn007/patch/master/bypass.list

DOMAIN-SUFFIX,c.gle
DOMAIN-SUFFIX,wallhaven.cc
DOMAIN-SUFFIX,manhuagui.com
DOMAIN-SUFFIX,catbox.moe
DOMAIN-SUFFIX,mixtape.moe
DOMAIN-SUFFIX,maxroll.gg
DOMAIN-SUFFIX,simaware.ca
DOMAIN-SUFFIX,arcgisonline.com
DOMAIN-SUFFIX,rainviewer.com
DOMAIN-SUFFIX,csb.app
DOMAIN-SUFFIX,codesandbox.io
DOMAIN-SUFFIX,subscriptionsmanagement-pa.googleapis.com
DOMAIN-SUFFIX,subscriptionsmobile-pa.googleapis.com
DOMAIN-SUFFIX,phosphor-pa.googleapis.com
DOMAIN-SUFFIX,growth-pa.googleapis.com
DOMAIN-SUFFIX,cloud.cupronickel.goog
DOMAIN-SUFFIX,openai.com
DOMAIN-SUFFIX,twitch.tv
DOMAIN-SUFFIX,bose.com
DOMAIN-SUFFIX,beautifyconverter.com
DOMAIN-SUFFIX,worldofwarships.asia
DOMAIN-SUFFIX,worldofwarships.jp
DOMAIN-SUFFIX,wargaming.net
DOMAIN-SUFFIX,hikarifield.co.jp
DOMAIN-SUFFIX,postfix.org
DOMAIN-SUFFIX,ietf.org
DOMAIN-SUFFIX,schema.org
DOMAIN-SUFFIX,youtu.be
DOMAIN-SUFFIX,doubleclick.net
DOMAIN-SUFFIX,googleadservices.com
DOMAIN-SUFFIX,google.cn
DOMAIN-SUFFIX,googleapps.com
DOMAIN-SUFFIX,thinkwithgoogle.com
DOMAIN-SUFFIX,withgoogle.com
DOMAIN-SUFFIX,fbcdn.net
DOMAIN-SUFFIX,flickr.com
DOMAIN-SUFFIX,youtube-nocookie.com
DOMAIN-SUFFIX,youtube.com
DOMAIN-SUFFIX,googleusercontent.com
DOMAIN-SUFFIX,gstatic.com
DOMAIN-SUFFIX,thepiratebay.se
DOMAIN-SUFFIX,gmail.com
DOMAIN-SUFFIX,facebook.com
DOMAIN-SUFFIX,vimeo.com
DOMAIN-SUFFIX,twitter.com
DOMAIN-SUFFIX,staticflickr.com
DOMAIN-SUFFIX,sstatic.net
DOMAIN-SUFFIX,imgur.com
DOMAIN-SUFFIX,fastly.net
DOMAIN-SUFFIX,bit.ly
DOMAIN-SUFFIX,newrelic.com
DOMAIN-SUFFIX,paypal.com
DOMAIN-SUFFIX,paypalobjects.com
DOMAIN-SUFFIX,cloudfront.net
DOMAIN-SUFFIX,googlepages.com
DOMAIN-SUFFIX,twimg.com
DOMAIN-SUFFIX,t.co
DOMAIN-SUFFIX,ytimg.com
DOMAIN-SUFFIX,adzerk.net
DOMAIN-SUFFIX,xmages.net
DOMAIN-SUFFIX,fucklo.li
DOMAIN-SUFFIX,freeproxylists.net
DOMAIN-SUFFIX,archive.org
DOMAIN-SUFFIX,shadowsocks.org
DOMAIN-SUFFIX,dropbox.com
DOMAIN-SUFFIX,blogspot.com
DOMAIN-SUFFIX,rage4.com
DOMAIN-SUFFIX,googleapis.com
DOMAIN-SUFFIX,brandonchecketts.com
DOMAIN-SUFFIX,googleratings.com
DOMAIN-SUFFIX,letscorp.net
DOMAIN-SUFFIX,googlevideo.com
DOMAIN-SUFFIX,gravatar.com
DOMAIN-SUFFIX,goods-pro.com
DOMAIN-SUFFIX,w.org
DOMAIN-SUFFIX,wp.com
DOMAIN-SUFFIX,deviantart.com
DOMAIN-SUFFIX,deviantart.net
DOMAIN-SUFFIX,archive.fo
DOMAIN-SUFFIX,blogger.com
DOMAIN-SUFFIX,wordpress.com
DOMAIN-SUFFIX,instagram.com
DOMAIN-SUFFIX,facebook.net
DOMAIN-SUFFIX,github.io
DOMAIN-SUFFIX,github.com
DOMAIN-SUFFIX,githubusercontent.com
DOMAIN-SUFFIX,ssl-images-amazon.com
DOMAIN-SUFFIX,associates-amazon.com
DOMAIN-SUFFIX,media-amazon.com
DOMAIN-SUFFIX,awsstatic.com
DOMAIN-SUFFIX,googlecode.com
DOMAIN-SUFFIX,live.com
DOMAIN-SUFFIX,onedriver.com
DOMAIN-SUFFIX,wikipedia.org
DOMAIN-SUFFIX,*.wikimedia.org
DOMAIN-SUFFIX,nodequery.com
DOMAIN-SUFFIX,androidfilehost.com
DOMAIN-SUFFIX,appspot.com
DOMAIN-SUFFIX,pastebin.com
DOMAIN-SUFFIX,dropboxstatic.com
DOMAIN-SUFFIX,disq.us
DOMAIN-SUFFIX,disquscdn.com
DOMAIN-SUFFIX,disqus.com
DOMAIN-SUFFIX,alexa.com
DOMAIN-SUFFIX,amazonaws.com
DOMAIN-SUFFIX,bbc.co.uk
DOMAIN-SUFFIX,travis-ci.org
DOMAIN-SUFFIX,pki.goog
DOMAIN-SUFFIX,cdninstagram.com
DOMAIN-SUFFIX,wordpress.org
DOMAIN-SUFFIX,slideshare.net
DOMAIN-SUFFIX,textnow.com
DOMAIN-SUFFIX,gfx.ms
DOMAIN-SUFFIX,chromium.org
DOMAIN-SUFFIX,goo.gl
DOMAIN-SUFFIX,googleblog.com
DOMAIN-SUFFIX,wikileaks.org
DOMAIN-SUFFIX,ggpht.com
DOMAIN-SUFFIX,t.me
DOMAIN-SUFFIX,telegram.me
DOMAIN-SUFFIX,telegra.ph
DOMAIN-SUFFIX,telegram.org
DOMAIN-SUFFIX,tdesktop.com
DOMAIN-SUFFIX,cisco.com
DOMAIN-SUFFIX,oneplus.net
DOMAIN-SUFFIX,g.co
DOMAIN-SUFFIX,amazon.com
DOMAIN-SUFFIX,xda-developers.com
DOMAIN-SUFFIX,mysql.com
DOMAIN-SUFFIX,tiny.cc
DOMAIN-SUFFIX,speedyrails.net
DOMAIN-SUFFIX,androidfilehost.com
DOMAIN-SUFFIX,pinimg.com
DOMAIN-SUFFIX,flightradar24.com
DOMAIN-SUFFIX,dropboxusercontent.com
DOMAIN-SUFFIX,cloudconvert.com
DOMAIN-SUFFIX,steaminventoryhelper.com
DOMAIN-SUFFIX,steamcardexchange.net
DOMAIN-SUFFIX,steamcommunity.com
DOMAIN-SUFFIX,steampowered.com
DOMAIN-SUFFIX,steam-api.com
DOMAIN-SUFFIX,akamaihd.net
DOMAIN-SUFFIX,keycdn.com
DOMAIN-SUFFIX,pumpcloud.net
DOMAIN-SUFFIX,mega.nz
DOMAIN-SUFFIX,mega.co.nz
DOMAIN-SUFFIX,telesco.pe
DOMAIN-SUFFIX,discordapp.net
DOMAIN-SUFFIX,discordapp.com
DOMAIN-SUFFIX,discord.com
DOMAIN-SUFFIX,discord.gg
DOMAIN-SUFFIX,redd.it
DOMAIN-SUFFIX,reddit.com
DOMAIN-SUFFIX,redditstatic.com
DOMAIN-SUFFIX,redditmedia.com
DOMAIN-SUFFIX,rawgit.com
DOMAIN-SUFFIX,ampproject.net
DOMAIN-SUFFIX,windy.com
DOMAIN-SUFFIX,githubassets.com
DOMAIN-SUFFIX,bootstrapcdn.com
DOMAIN-SUFFIX,ubi.com
DOMAIN-SUFFIX,ubisoft.com
DOMAIN-SUFFIX,wonderpush.com
DOMAIN-SUFFIX,goo.gl
DOMAIN-SUFFIX,similarweb.com
DOMAIN-SUFFIX,similarcdn.com
DOMAIN-SUFFIX,intercom.io
DOMAIN-SUFFIX,intercomcdn.com
DOMAIN-SUFFIX,regex101.com
DOMAIN-SUFFIX,jsfiddle.net
DOMAIN-SUFFIX,jshell.net
DOMAIN-SUFFIX,tunemymusic.com
DOMAIN-SUFFIX,unsplash.com
DOMAIN-SUFFIX,ping.pe
DOMAIN-SUFFIX,spotify.com
DOMAIN-SUFFIX,scdn.co
DOMAIN-SUFFIX,3dmark.com
DOMAIN-SUFFIX,futuremark.com
DOMAIN-SUFFIX,ultravps.eu
DOMAIN-SUFFIX,providerdienste.de
DOMAIN-SUFFIX,virtualhosts.de
DOMAIN-SUFFIX,he.net
DOMAIN-SUFFIX,akamaized.net
DOMAIN-SUFFIX,typekit.net
DOMAIN-SUFFIX,akamaihd.net
DOMAIN-SUFFIX,jquery.com
DOMAIN-SUFFIX,ubi.li
DOMAIN-SUFFIX,github.blog
DOMAIN-SUFFIX,steamdb.info
DOMAIN-SUFFIX,algolia.net
DOMAIN-SUFFIX,steamstatic.com
DOMAIN-SUFFIX,pixiv.net
DOMAIN-SUFFIX,pximg.net
DOMAIN-SUFFIX,pixnet.net
DOMAIN-SUFFIX,pixfs.net
DOMAIN-SUFFIX,sharemods.com
DOMAIN-SUFFIX,notion.so
DOMAIN-SUFFIX,imgbox.com
DOMAIN-SUFFIX,geeks3d.com
DOMAIN-SUFFIX,nvidia.com
DOMAIN-SUFFIX,gamepadviewer.com
DOMAIN-SUFFIX,humansofnewyork.com
DOMAIN-SUFFIX,cloudflare.com
DOMAIN-SUFFIX,wagnardsoft.com
DOMAIN-SUFFIX,gitlab.com
DOMAIN-SUFFIX,gitlab-static.net
DOMAIN-SUFFIX,soundcloud.com
DOMAIN-SUFFIX,sndcdn.com
DOMAIN-SUFFIX,dl.sourceforge.net
DOMAIN-SUFFIX,javmost.com
DOMAIN-SUFFIX,javtrust.com
DOMAIN-SUFFIX,jable.tv
DOMAIN-SUFFIX,dmm.co.jp
DOMAIN-SUFFIX,tomyangsh.pw
DOMAIN-SUFFIX,rouman5.com
DOMAIN-SUFFIX,rou.video
DOMAIN-SUFFIX,htpt.cc
DOMAIN-SUFFIX,soulvoice.club
DOMAIN-SUFFIX,m-team.cc
DOMAIN-SUFFIX,m-team.io
DOMAIN-SUFFIX,hdcmct.org
DOMAIN-SUFFIX,springsunday.net
DOMAIN-SUFFIX,pterclub.com
DOMAIN-SUFFIX,totheglory.im
DOMAIN-SUFFIX,imgurl.org
DOMAIN-SUFFIX,flycrow.pro
DOMAIN-SUFFIX,groueta.cc
DOMAIN-SUFFIX,mantou.biz
DOMAIN-SUFFIX,ccache.org
DOMAIN-SUFFIX,seejav.bid
DOMAIN-SUFFIX,picturedata.org
DOMAIN-SUFFIX,javbee.net
DOMAIN-SUFFIX,bmp.ovh
DOMAIN-SUFFIX,open.cd
DOMAIN-SUFFIX,dmhy.org
DOMAIN-SUFFIX,keepfrds.com
DOMAIN-SUFFIX,jdbimgs.com
DOMAIN-SUFFIX,gifyu.com
DOMAIN-SUFFIX,dmmsee.fun
DOMAIN-SUFFIX,bitvise.com
DOMAIN-SUFFIX,chucklefish.org
DOMAIN-SUFFIX,steamgames.com
DOMAIN-SUFFIX,steamcontent.com
DOMAIN-SUFFIX,steamusercontent.com
DOMAIN-SUFFIX,fast.com
DOMAIN-SUFFIX,netflix.com
DOMAIN-SUFFIX,nflxvideo.net
DOMAIN-SUFFIX,nflxext.com
DOMAIN-SUFFIX,nflxso.net
DOMAIN-SUFFIX,onetrust.com
DOMAIN-SUFFIX,fosshub.com
DOMAIN-SUFFIX,autodesk.com.cn
DOMAIN-SUFFIX,autodesk.com
DOMAIN-SUFFIX,autodesk.net
DOMAIN-SUFFIX,openvpn.net
DOMAIN-SUFFIX,webflow.io
DOMAIN-SUFFIX,webflow.com
DOMAIN-SUFFIX,pstorage.space
DOMAIN-SUFFIX,netcdn.space
DOMAIN-SUFFIX,boost.org
DOMAIN-SUFFIX,tarolink.top
DOMAIN-SUFFIX,o--o.xyz
DOMAIN-SUFFIX,simgbb.com
DOMAIN-SUFFIX,imgbb.com
DOMAIN-SUFFIX,ibb.co
DOMAIN-SUFFIX,z4a.net
DOMAIN-SUFFIX,iili.io
DOMAIN-SUFFIX,weserv.nl
DOMAIN-SUFFIX,shoot.photo
DOMAIN-SUFFIX,ccp.ovh
DOMAIN-SUFFIX,imagebam.com
DOMAIN-SUFFIX,truenas.com
DOMAIN-SUFFIX,themoneyconverter.com
DOMAIN-SUFFIX,jpopsuki.eu
DOMAIN-SUFFIX,skyvector.com
DOMAIN-SUFFIX,postimgs.org
DOMAIN-SUFFIX,postlmg.cc
DOMAIN-SUFFIX,imagecurl.com
DOMAIN-SUFFIX,simbrief.com
DOMAIN-SUFFIX,flightsim.to
DOMAIN-SUFFIX,flybywiresim.com
DOMAIN-SUFFIX,chartfox.org
DOMAIN-SUFFIX,openstreetmap.org
DOMAIN-SUFFIX,vatsim.net
DOMAIN-SUFFIX,navigraph.com
DOMAIN-SUFFIX,gog-statics.com
DOMAIN-SUFFIX,gog.com
DOMAIN-SUFFIX,zendesk.com
DOMAIN-SUFFIX,zdassets.com
DOMAIN-SUFFIX,avsim.com
DOMAIN-SUFFIX,sda1.dev
DOMAIN-SUFFIX,sl.al
DOMAIN-SUFFIX,ccimg.xyz
DOMAIN-SUFFIX,admod.com
DOMAIN-SUFFIX,web.dev
DOMAIN-SUFFIX,jsdelivr.net
DOMAIN-SUFFIX,jsdelivr.com
DOMAIN-SUFFIX,evga.com
DOMAIN-SUFFIX,adultempire.com
DOMAIN-SUFFIX,imageshack.com
DOMAIN-SUFFIX,exoticaz.to
DOMAIN-SUFFIX,storages.cc
DOMAIN-SUFFIX,rockstargames.com
DOMAIN-SUFFIX,arkoselabs.com
DOMAIN-SUFFIX,arkoselabs.cn
DOMAIN-SUFFIX,javhdporn.net
DOMAIN-SUFFIX,i18n.pw
DOMAIN-SUFFIX,qbittorrent.org
DOMAIN-SUFFIX,seejav.bid
DOMAIN-SUFFIX,jdbstatic.com
DOMAIN-SUFFIX,021jf.com
DOMAIN-SUFFIX,pic599.net
DOMAIN-SUFFIX,98tuch.net
DOMAIN-SUFFIX,postto.me
DOMAIN-SUFFIX,aspnetcdn.com
DOMAIN-SUFFIX,netlify.app
DOMAIN-SUFFIX,netlify.com
DOMAIN-SUFFIX,healthchecks.io
DOMAIN-SUFFIX,mgstage.com
DOMAIN-SUFFIX,gvt2.com
DOMAIN-SUFFIX,gstatic.com
DOMAIN-SUFFIX,googleapis.com
DOMAIN-SUFFIX,gmodules.com
DOMAIN-SUFFIX,googlesyndication.com
DOMAIN-SUFFIX,sesexiaozhan.com
DOMAIN-SUFFIX,biquge.tw
DOMAIN-SUFFIX,acgnx.se
DOMAIN-SUFFIX,combot.org
DOMAIN-SUFFIX,tenor.com
DOMAIN-SUFFIX,pixeldrain.com
DOMAIN-SUFFIX,gamer.com.tw
DOMAIN-SUFFIX,bahamut.com.tw
DOMAIN-SUFFIX,seiya-saiga.com
DOMAIN-SUFFIX,ptpimg.me
DOMAIN-SUFFIX,wiki.gg
DOMAIN-SUFFIX,1024search.tk
DOMAIN-SUFFIX,1080.tw
DOMAIN-SUFFIX,1688.com.au
DOMAIN-SUFFIX,1dpw.com
DOMAIN-SUFFIX,2008xianzhang.info
DOMAIN-SUFFIX,24smile.org
DOMAIN-SUFFIX,4shared.com
DOMAIN-SUFFIX,5i01.com
DOMAIN-SUFFIX,5z5.com
DOMAIN-SUFFIX,64memo.com
DOMAIN-SUFFIX,64tianwang.com
DOMAIN-SUFFIX,64wiki.com
DOMAIN-SUFFIX,666kb.com
DOMAIN-SUFFIX,6do.news
DOMAIN-SUFFIX,6park.com
DOMAIN-SUFFIX,a1080hd.com
DOMAIN-SUFFIX,abc.xyz
DOMAIN-SUFFIX,ablwang.com
DOMAIN-SUFFIX,aboluowang.com
DOMAIN-SUFFIX,actimes.com.au
DOMAIN-SUFFIX,adsafeprotected.com
DOMAIN-SUFFIX,adsrvr.org
DOMAIN-SUFFIX,adultblogranking.com
DOMAIN-SUFFIX,aforcemorepowerful.org
DOMAIN-SUFFIX,ahd1080.com
DOMAIN-SUFFIX,aisex.com
DOMAIN-SUFFIX,aishangyou.tube
DOMAIN-SUFFIX,ait.org.tw
DOMAIN-SUFFIX,alabout.com
DOMAIN-SUFFIX,alicejapan.co.jp
DOMAIN-SUFFIX,aliengu.com
DOMAIN-SUFFIX,alliance.org.hk
DOMAIN-SUFFIX,allinfa.com
DOMAIN-SUFFIX,am730.com.hk
DOMAIN-SUFFIX,amazon.co.jp
DOMAIN-SUFFIX,amazonwebapps.com
DOMAIN-SUFFIX,amnesty.org
DOMAIN-SUFFIX,amnesty.tw
DOMAIN-SUFFIX,ananass.fr
DOMAIN-SUFFIX,android.com
DOMAIN-SUFFIX,androidfilehost.com
DOMAIN-SUFFIX,animecrazy.net
DOMAIN-SUFFIX,anti1984.com
DOMAIN-SUFFIX,anygoing.com
DOMAIN-SUFFIX,aomiwang.com
DOMAIN-SUFFIX,aoqinet.com
DOMAIN-SUFFIX,apkmirror.com
DOMAIN-SUFFIX,app2.hkatv.com
DOMAIN-SUFFIX,appledaily.hk
DOMAIN-SUFFIX,appspot.com
DOMAIN-SUFFIX,archive.org
DOMAIN-SUFFIX,asahichinese.com
DOMAIN-SUFFIX,asianews.it
DOMAIN-SUFFIX,atchinese.com
DOMAIN-SUFFIX,atdmt.com
DOMAIN-SUFFIX,atgfw.org
DOMAIN-SUFFIX,aurl.mobi
DOMAIN-SUFFIX,ausdaily.net.au
DOMAIN-SUFFIX,autoit-cdn.com
DOMAIN-SUFFIX,autoitscript.com
DOMAIN-SUFFIX,avbbs.tv
DOMAIN-SUFFIX,avcity.tv
DOMAIN-SUFFIX,avlang.com
DOMAIN-SUFFIX,av-scouter.info
DOMAIN-SUFFIX,avsp2p.com
DOMAIN-SUFFIX,backchina.com
DOMAIN-SUFFIX,backtotiananmen.com
DOMAIN-SUFFIX,badongo.com
DOMAIN-SUFFIX,baisex.me
DOMAIN-SUFFIX,bannedbook.org
DOMAIN-SUFFIX,bayfiles.net
DOMAIN-SUFFIX,bbcchinese.com
DOMAIN-SUFFIX,bbg.gov
DOMAIN-SUFFIX,bcchinese.net
DOMAIN-SUFFIX,beijingspring.com
DOMAIN-SUFFIX,bet365.com
DOMAIN-SUFFIX,betanews.com
DOMAIN-SUFFIX,beyondfirewall.com
DOMAIN-SUFFIX,bind9.net
DOMAIN-SUFFIX,binux.me
DOMAIN-SUFFIX,bit.ly
DOMAIN-SUFFIX,bitshare.com
DOMAIN-SUFFIX,bitsnoop.com
DOMAIN-SUFFIX,biz.tm
DOMAIN-SUFFIX,bjs.org
DOMAIN-SUFFIX,bjzc.org
DOMAIN-SUFFIX,blinkx.com
DOMAIN-SUFFIX,blockedinchina.net
DOMAIN-SUFFIX,blog.jp
DOMAIN-SUFFIX,blog.xuite.net
DOMAIN-SUFFIX,blog.yam.com
DOMAIN-SUFFIX,blogblog.com
DOMAIN-SUFFIX,blogcatalog.com
DOMAIN-SUFFIX,blogcity.me
DOMAIN-SUFFIX,blogimg.jp
DOMAIN-SUFFIX,bloglines.com
DOMAIN-SUFFIX,bloglovin.com
DOMAIN-SUFFIX,blogs.com
DOMAIN-SUFFIX,blogspot.in
DOMAIN-SUFFIX,blogspot.kr
DOMAIN-SUFFIX,bmvflorida.us
DOMAIN-SUFFIX,bod.asia
DOMAIN-SUFFIX,book.com.tw
DOMAIN-SUFFIX,books.com.tw
DOMAIN-SUFFIX,botanwang.com
DOMAIN-SUFFIX,botanwang.org
DOMAIN-SUFFIX,bowenpress.com
DOMAIN-SUFFIX,boxun.com
DOMAIN-SUFFIX,boxun.us
DOMAIN-SUFFIX,break.com
DOMAIN-SUFFIX,brizzly.com
DOMAIN-SUFFIX,btdigg.org
DOMAIN-SUFFIX,btku.org
DOMAIN-SUFFIX,btn.weather.ca
DOMAIN-SUFFIX,bud.org.tw
DOMAIN-SUFFIX,buff.ly
DOMAIN-SUFFIX,bullog.org
DOMAIN-SUFFIX,bullogger.com
DOMAIN-SUFFIX,businessweek.com
DOMAIN-SUFFIX,bwp.im
DOMAIN-SUFFIX,bx.tl
DOMAIN-SUFFIX,c000.me
DOMAIN-SUFFIX,c080.me
DOMAIN-SUFFIX,c800.me
DOMAIN-SUFFIX,c9x.info
DOMAIN-SUFFIX,cahr.org.tw
DOMAIN-SUFFIX,campaign.tw-npo.org
DOMAIN-SUFFIX,cams.org.sg
DOMAIN-SUFFIX,canyu.org
DOMAIN-SUFFIX,caochangqing.com
DOMAIN-SUFFIX,cap.org.hk
DOMAIN-SUFFIX,cari.com.my
DOMAIN-SUFFIX,caribbeancom.com
DOMAIN-SUFFIX,catholic.org.hk
DOMAIN-SUFFIX,catholic.org.tw
DOMAIN-SUFFIX,catwizard.net
DOMAIN-SUFFIX,cbc.ca
DOMAIN-SUFFIX,ccdtr.org
DOMAIN-SUFFIX,ccim.org
DOMAIN-SUFFIX,ccw.org.tw
DOMAIN-SUFFIX,cdef.org
DOMAIN-SUFFIX,cdjp.org
DOMAIN-SUFFIX,cdnews.com.tw
DOMAIN-SUFFIX,cdns.com.tw
DOMAIN-SUFFIX,cecc.gov
DOMAIN-SUFFIX,cenews.eu
DOMAIN-SUFFIX,centralnation.com
DOMAIN-SUFFIX,cfhks.org.hk
DOMAIN-SUFFIX,cgdepot.org
DOMAIN-SUFFIX,chicagoncmtv.com
DOMAIN-SUFFIX,china.ucanews.com
DOMAIN-SUFFIX,chinaaid.net
DOMAIN-SUFFIX,chinabiz.org.tw
DOMAIN-SUFFIX,chinadigitaltimes.net
DOMAIN-SUFFIX,chinaelections.com
DOMAIN-SUFFIX,chinaelections.org
DOMAIN-SUFFIX,chinaeweekly.com
DOMAIN-SUFFIX,chinafile.com
DOMAIN-SUFFIX,chinagfw.org
DOMAIN-SUFFIX,chinainperspective.com
DOMAIN-SUFFIX,chinapress.com.my
DOMAIN-SUFFIX,chinarightsia.org
DOMAIN-SUFFIX,chinatcc.gov.cn
DOMAIN-SUFFIX,china-week.com
DOMAIN-SUFFIX,chinaworker.info
DOMAIN-SUFFIX,chinesedaily.com
DOMAIN-SUFFIX,chinesenewsnet.com
DOMAIN-SUFFIX,chinesepen.org
DOMAIN-SUFFIX,chosun.com
DOMAIN-SUFFIX,christianstudy.com
DOMAIN-SUFFIX,christiantimes.org.hk
DOMAIN-SUFFIX,chrlawyers.hk
DOMAIN-SUFFIX,chrome.com
DOMAIN-SUFFIX,chromium.org
DOMAIN-SUFFIX,chubun.com
DOMAIN-SUFFIX,cincainews.com
DOMAIN-SUFFIX,citizenlab.org
DOMAIN-SUFFIX,citizensradio.org
DOMAIN-SUFFIX,city9x.com
DOMAIN-SUFFIX,civicparty.hk
DOMAIN-SUFFIX,civilhrfront.org
DOMAIN-SUFFIX,civilmedia.tw
DOMAIN-SUFFIX,clickme.net
DOMAIN-SUFFIX,cna.com.tw
DOMAIN-SUFFIX,cnd.org
DOMAIN-SUFFIX,cnliberals.com
DOMAIN-SUFFIX,cnn.com
DOMAIN-SUFFIX,cnyes.com
DOMAIN-SUFFIX,codeproject.com
DOMAIN-SUFFIX,comefromchina.com
DOMAIN-SUFFIX,competitionforce.hk
DOMAIN-SUFFIX,cool18.com
DOMAIN-SUFFIX,coolloud.org.tw
DOMAIN-SUFFIX,cotweet.com
DOMAIN-SUFFIX,crazys.cc
DOMAIN-SUFFIX,creaders.net
DOMAIN-SUFFIX,creadersnet.com
DOMAIN-SUFFIX,crwdcntrl.net
DOMAIN-SUFFIX,c--spanarchives.-org
DOMAIN-SUFFIX,c-spanvideo.org
DOMAIN-SUFFIX,cts.com.tw
DOMAIN-SUFFIX,cw.com.tw
DOMAIN-SUFFIX,d100.net
DOMAIN-SUFFIX,d2pass.com
DOMAIN-SUFFIX,dadazim.com
DOMAIN-SUFFIX,dailymotion.com
DOMAIN-SUFFIX,dalailamaworld.com
DOMAIN-SUFFIX,danwei.org
DOMAIN-SUFFIX,daolan.net
DOMAIN-SUFFIX,del.icio.us
DOMAIN-SUFFIX,democraticchina.org
DOMAIN-SUFFIX,democrats.org
DOMAIN-SUFFIX,de-sci.org
DOMAIN-SUFFIX,dfs.kuaipan.cn
DOMAIN-SUFFIX,dfzdaili.com
DOMAIN-SUFFIX,dieneueepoche.com
DOMAIN-SUFFIX,digg.com
DOMAIN-SUFFIX,digitalocean.com
DOMAIN-SUFFIX,digitalvolcano.co.uk
DOMAIN-SUFFIX,diigo.com
DOMAIN-SUFFIX,dipity.com
DOMAIN-SUFFIX,discuss.com.hk
DOMAIN-SUFFIX,disp.cc
DOMAIN-SUFFIX,disqus.com
DOMAIN-SUFFIX,djjsq.com
DOMAIN-SUFFIX,djorz.com
DOMAIN-SUFFIX,dnscrypt.org
DOMAIN-SUFFIX,doit.im
DOMAIN-SUFFIX,dolc.de
DOMAIN-SUFFIX,dolf.org.hk
DOMAIN-SUFFIX,dongtaiwang.com
DOMAIN-SUFFIX,doub.io
DOMAIN-SUFFIX,doubibackup.com
DOMAIN-SUFFIX,download.aircrack-ng.org
DOMAIN-SUFFIX,dphk.org
DOMAIN-SUFFIX,dpp.org.tw
DOMAIN-SUFFIX,dropbox.com
DOMAIN-SUFFIX,dropboxusercontent.com
DOMAIN-SUFFIX,drsunacademy.com
DOMAIN-SUFFIX,dtiblog.com
DOMAIN-SUFFIX,duga.jp
DOMAIN-SUFFIX,duihua.org
DOMAIN-SUFFIX,duping.net
DOMAIN-SUFFIX,dupola.com
DOMAIN-SUFFIX,dw.com
DOMAIN-SUFFIX,dw.de
DOMAIN-SUFFIX,dw-world.com
DOMAIN-SUFFIX,dw-world.de
DOMAIN-SUFFIX,dxlive.com
DOMAIN-SUFFIX,e123.hk
DOMAIN-SUFFIX,ebookbrowse.com
DOMAIN-SUFFIX,ecfa.org.tw
DOMAIN-SUFFIX,echinanews.com.tw
DOMAIN-SUFFIX,edge.liveleak.com
DOMAIN-SUFFIX,edicypages.com
DOMAIN-SUFFIX,edoors.com
DOMAIN-SUFFIX,efcc.org.hk
DOMAIN-SUFFIX,eic-av.com
DOMAIN-SUFFIX,e-info.org.tw
DOMAIN-SUFFIX,elpais.com
DOMAIN-SUFFIX,emilylau.org.hk
DOMAIN-SUFFIX,erabaru.net
DOMAIN-SUFFIX,erights.net
DOMAIN-SUFFIX,eroantenna.com
DOMAIN-SUFFIX,ero-video.net
DOMAIN-SUFFIX,es-visiontimes.com
DOMAIN-SUFFIX,etaiwannews.com
DOMAIN-SUFFIX,ettoday.net
DOMAIN-SUFFIX,extremetube.com
DOMAIN-SUFFIX,extremetube.phncdn.com
DOMAIN-SUFFIX,facebook.com
DOMAIN-SUFFIX,facebook.net
DOMAIN-SUFFIX,fangeming.com
DOMAIN-SUFFIX,fanqiang.network
DOMAIN-SUFFIX,fanqianghou.com
DOMAIN-SUFFIX,farxian.com
DOMAIN-SUFFIX,fastly.net
DOMAIN-SUFFIX,faststone.org
DOMAIN-SUFFIX,favstar.fm
DOMAIN-SUFFIX,faydao.com
DOMAIN-SUFFIX,fb.me
DOMAIN-SUFFIX,fbcdn.net
DOMAIN-SUFFIX,fc2.com
DOMAIN-SUFFIX,fdc89.jp
DOMAIN-SUFFIX,feedburner.com
DOMAIN-SUFFIX,feedjit.com
DOMAIN-SUFFIX,feedsportal.com
DOMAIN-SUFFIX,felixcat.net
DOMAIN-SUFFIX,ffx.io
DOMAIN-SUFFIX,filecroco.com
DOMAIN-SUFFIX,filesor.com
DOMAIN-SUFFIX,filestube.com
DOMAIN-SUFFIX,firebaseio.com
DOMAIN-SUFFIX,firepic.org
DOMAIN-SUFFIX,flyzy2005.com
DOMAIN-SUFFIX,fmnnow.com
DOMAIN-SUFFIX,foofind.is
DOMAIN-SUFFIX,fooooo.com
DOMAIN-SUFFIX,forum.kaiyuan.de
DOMAIN-SUFFIX,forum.tvb.com
DOMAIN-SUFFIX,fqrouter.com
DOMAIN-SUFFIX,free4u.com.ar
DOMAIN-SUFFIX,freebrowser.org
DOMAIN-SUFFIX,freedomhouse.org
DOMAIN-SUFFIX,freeproxyserver.net
DOMAIN-SUFFIX,freeshadow.info
DOMAIN-SUFFIX,freetufu.com
DOMAIN-SUFFIX,freewechat.com
DOMAIN-SUFFIX,freeweibo.com
DOMAIN-SUFFIX,friendfeed.com
DOMAIN-SUFFIX,fring.com
DOMAIN-SUFFIX,frontlinedefenders.org
DOMAIN-SUFFIX,fukugan.com
DOMAIN-SUFFIX,fuli.ba
DOMAIN-SUFFIX,fullyillustrated.com
DOMAIN-SUFFIX,fungchiwood.com
DOMAIN-SUFFIX,fw.cm
DOMAIN-SUFFIX,fw.com
DOMAIN-SUFFIX,g.co
DOMAIN-SUFFIX,gaeproxy.com
DOMAIN-SUFFIX,gamebase.com.tw
DOMAIN-SUFFIX,gameclub.tw
DOMAIN-SUFFIX,ganges.com
DOMAIN-SUFFIX,gcpnews.com
DOMAIN-SUFFIX,geocities.co.jp
DOMAIN-SUFFIX,getfoxyproxy.org
DOMAIN-SUFFIX,getgom.com
DOMAIN-SUFFIX,getsync.com
DOMAIN-SUFFIX,ggpht.com
DOMAIN-SUFFIX,ghd1080.com
DOMAIN-SUFFIX,gigacircle.com
DOMAIN-SUFFIX,github.com
DOMAIN-SUFFIX,git-scm.com
DOMAIN-SUFFIX,gittigidiyor.com
DOMAIN-SUFFIX,globalvoices.org
DOMAIN-SUFFIX,globalvoicesonline.org
DOMAIN-SUFFIX,glorystar.me
DOMAIN-SUFFIX,gmail.com
DOMAIN-SUFFIX,gnews.org
DOMAIN-SUFFIX,goagent.biz
DOMAIN-SUFFIX,goo.gl
DOMAIN-SUFFIX,google.com
DOMAIN-SUFFIX,googlecode.com
DOMAIN-SUFFIX,googlesource.com
DOMAIN-SUFFIX,googletagmanager.com
DOMAIN-SUFFIX,googleusercontent.com
DOMAIN-SUFFIX,gopetition.com
DOMAIN-SUFFIX,gospelherald.com
DOMAIN-SUFFIX,gospelherald.com.hk
DOMAIN-SUFFIX,gov.tw
DOMAIN-SUFFIX,gpass1.com
DOMAIN-SUFFIX,greatfire.org
DOMAIN-SUFFIX,greatfirewallofchina.org
DOMAIN-SUFFIX,greatzhonghua.org
DOMAIN-SUFFIX,greenparty.org.tw
DOMAIN-SUFFIX,gvm.com.tw
DOMAIN-SUFFIX,h528.com
DOMAIN-SUFFIX,haixiainfo.com.tw
DOMAIN-SUFFIX,hakkatv.org.tw
DOMAIN-SUFFIX,hav.tv
DOMAIN-SUFFIX,have8.com
DOMAIN-SUFFIX,h-china.org
DOMAIN-SUFFIX,hcocoa.com
DOMAIN-SUFFIX,hd1080.org
DOMAIN-SUFFIX,hdtransform.com
DOMAIN-SUFFIX,hechaji.com
DOMAIN-SUFFIX,helpzhuling.org
DOMAIN-SUFFIX,heqinglian.net
DOMAIN-SUFFIX,hetnieuwetijdperk.com
DOMAIN-SUFFIX,hexieshe.com
DOMAIN-SUFFIX,hikinggfw.org
DOMAIN-SUFFIX,hilive.tv
DOMAIN-SUFFIX,hioz.org
DOMAIN-SUFFIX,hitwister.com
DOMAIN-SUFFIX,hjav.org
DOMAIN-SUFFIX,hjclub.info
DOMAIN-SUFFIX,hk01.com
DOMAIN-SUFFIX,hkatvnews.com
DOMAIN-SUFFIX,hkchurch.org
DOMAIN-SUFFIX,hkci.org.hk
DOMAIN-SUFFIX,hkcnews.com
DOMAIN-SUFFIX,hkcrm.org.hk
DOMAIN-SUFFIX,hkdailynews.com.hk
DOMAIN-SUFFIX,hkdash.com
DOMAIN-SUFFIX,hkej.com
DOMAIN-SUFFIX,hket.com
DOMAIN-SUFFIX,hketgroup.com
DOMAIN-SUFFIX,hkgolden.com
DOMAIN-SUFFIX,hkgoldenmobile.com
DOMAIN-SUFFIX,hkhkhk.com
DOMAIN-SUFFIX,hkhrm.org.hk
DOMAIN-SUFFIX,hkja.org.hk
DOMAIN-SUFFIX,hkjc.com
DOMAIN-SUFFIX,hkjp.org
DOMAIN-SUFFIX,hkptu.org
DOMAIN-SUFFIX,hk-pub.com
DOMAIN-SUFFIX,hkreporter.com
DOMAIN-SUFFIX,hksilicon.com
DOMAIN-SUFFIX,hkumall.com
DOMAIN-SUFFIX,hkupop.hku.hk
DOMAIN-SUFFIX,hkusu.org
DOMAIN-SUFFIX,hkwcc.org.hk
DOMAIN-SUFFIX,hongkongfp.com
DOMAIN-SUFFIX,hongkongtibetfilmfestival2015.com
DOMAIN-SUFFIX,hotchyx.com
DOMAIN-SUFFIX,hotspotshield.com
DOMAIN-SUFFIX,hrichina.org
DOMAIN-SUFFIX,hrw.org
DOMAIN-SUFFIX,huanghuagang.org
DOMAIN-SUFFIX,huaren.us
DOMAIN-SUFFIX,huaxia-news.com
DOMAIN-SUFFIX,huping.net
DOMAIN-SUFFIX,hutong9.net
DOMAIN-SUFFIX,hwinfo.com
DOMAIN-SUFFIX,hxmmdd.com
DOMAIN-SUFFIX,hyperrate.com
DOMAIN-SUFFIX,hzy.pw
DOMAIN-SUFFIX,i1.hk
DOMAIN-SUFFIX,i2ocr.com
DOMAIN-SUFFIX,i2p2.de
DOMAIN-SUFFIX,iask.ca
DOMAIN-SUFFIX,iceimg.com
DOMAIN-SUFFIX,icij.org
DOMAIN-SUFFIX,idol-mile.com
DOMAIN-SUFFIX,idv.tw
DOMAIN-SUFFIX,ifanqiang.com
DOMAIN-SUFFIX,ift.tt
DOMAIN-SUFFIX,igfw.???
DOMAIN-SUFFIX,igfw.tk
DOMAIN-SUFFIX,igossip.com
DOMAIN-SUFFIX,ihao.org
DOMAIN-SUFFIX,ihd1080.org
DOMAIN-SUFFIX,ihktv.com
DOMAIN-SUFFIX,imagebam.com
DOMAIN-SUFFIX,imageshack.us
DOMAIN-SUFFIX,imagestorming.com
DOMAIN-SUFFIX,imageurlhost.com
DOMAIN-SUFFIX,imagevenue.com
DOMAIN-SUFFIX,imagezilla.net
DOMAIN-SUFFIX,img.ly
DOMAIN-SUFFIX,imgchili.com
DOMAIN-SUFFIX,imgchili.net
DOMAIN-SUFFIX,imgdino.com
DOMAIN-SUFFIX,imgkeep.com
DOMAIN-SUFFIX,imgly.net
DOMAIN-SUFFIX,imgtiger.com
DOMAIN-SUFFIX,immoral.jp
DOMAIN-SUFFIX,inmediahk.net
DOMAIN-SUFFIX,inote.tw
DOMAIN-SUFFIX,inside.com.tw
DOMAIN-SUFFIX,instagram.com
DOMAIN-SUFFIX,insynchq.com
DOMAIN-SUFFIX,intermargins.net
DOMAIN-SUFFIX,internet.org
DOMAIN-SUFFIX,internetfreedom.org
DOMAIN-SUFFIX,inxian.com
DOMAIN-SUFFIX,ipcf.org.tw
DOMAIN-SUFFIX,ipicture.ru
DOMAIN-SUFFIX,ipkmedia.com
DOMAIN-SUFFIX,isohunt.com
DOMAIN-SUFFIX,isunaffairs.com
DOMAIN-SUFFIX,isuntv.com
DOMAIN-SUFFIX,ithelp.ithome.com.tw
DOMAIN-SUFFIX,ixxx.com
DOMAIN-SUFFIX,iyouport.com
DOMAIN-SUFFIX,iyouport.org
DOMAIN-SUFFIX,j.mp
DOMAIN-SUFFIX,jasonsavard.com
DOMAIN-SUFFIX,jav008.com
DOMAIN-SUFFIX,javblog.biz
DOMAIN-SUFFIX,javfree.me
DOMAIN-SUFFIX,javideo.info
DOMAIN-SUFFIX,javsharing.com
DOMAIN-SUFFIX,jbtalks.cc
DOMAIN-SUFFIX,jinbushe.org
DOMAIN-SUFFIX,jingfeng.info
DOMAIN-SUFFIX,jingpin.org
DOMAIN-SUFFIX,jiruan.net
DOMAIN-SUFFIX,jjgirls.com
DOMAIN-SUFFIX,jkforum.net
DOMAIN-SUFFIX,jpavgod.com
DOMAIN-SUFFIX,justin.tv
DOMAIN-SUFFIX,just-ping.com
DOMAIN-SUFFIX,kan.center
DOMAIN-SUFFIX,kankan.today
DOMAIN-SUFFIX,keakon.net
DOMAIN-SUFFIX,keephkshining.com
DOMAIN-SUFFIX,kenengba.com
DOMAIN-SUFFIX,kexueshangwang.info
DOMAIN-SUFFIX,kinghost.com
DOMAIN-SUFFIX,kingstone.com.tw
DOMAIN-SUFFIX,kir.jp
DOMAIN-SUFFIX,kwongwah.com.my
DOMAIN-SUFFIX,la-forum.org
DOMAIN-SUFFIX,lagranepoca.com
DOMAIN-SUFFIX,lailaibt.com
DOMAIN-SUFFIX,laqingdan.net
DOMAIN-SUFFIX,latteye.com
DOMAIN-SUFFIX,lcx.cc
DOMAIN-SUFFIX,lefora.com
DOMAIN-SUFFIX,left21.hk
DOMAIN-SUFFIX,lemonde.fr
DOMAIN-SUFFIX,lesoir.be
DOMAIN-SUFFIX,letscorp.net
DOMAIN-SUFFIX,libertytimes.com.tw
DOMAIN-SUFFIX,limbopro.xyz
DOMAIN-SUFFIX,lineageosrom.com
DOMAIN-SUFFIX,line-scdn.net
DOMAIN-SUFFIX,linkbucks.com
DOMAIN-SUFFIX,listhub.net
DOMAIN-SUFFIX,liuxiaobo.net
DOMAIN-SUFFIX,liveleak.com
DOMAIN-SUFFIX,livestation.com
DOMAIN-SUFFIX,livestream.com
DOMAIN-SUFFIX,localpresshk.com
DOMAIN-SUFFIX,lockerz.com
DOMAIN-SUFFIX,lolbin.net
DOMAIN-SUFFIX,loli.net
DOMAIN-SUFFIX,longhair.hk
DOMAIN-SUFFIX,lookpic.com
DOMAIN-SUFFIX,loved.hk
DOMAIN-SUFFIX,lrip.org
DOMAIN-SUFFIX,lsd.org.hk
DOMAIN-SUFFIX,lsj1080.cc
DOMAIN-SUFFIX,lsj1080.net
DOMAIN-SUFFIX,lsj1080.tv
DOMAIN-SUFFIX,ltn.com.tw
DOMAIN-SUFFIX,lvv2.com
DOMAIN-SUFFIX,mail-archive.com
DOMAIN-SUFFIX,maiplus.com
DOMAIN-SUFFIX,malaymail.com
DOMAIN-SUFFIX,malaysiakini.com
DOMAIN-SUFFIX,matters.news
DOMAIN-SUFFIX,mattwilcox.net
DOMAIN-SUFFIX,medium.com
DOMAIN-SUFFIX,mefeedia.com
DOMAIN-SUFFIX,memehk.com
DOMAIN-SUFFIX,merit-times.com
DOMAIN-SUFFIX,merit-times.com.tw
DOMAIN-SUFFIX,merlinblog.xyz
DOMAIN-SUFFIX,metrolife.ca
DOMAIN-SUFFIX,metroradio.com.hk
DOMAIN-SUFFIX,minghui.org
DOMAIN-SUFFIX,mingjinglishi.com
DOMAIN-SUFFIX,mingjingnews.com
DOMAIN-SUFFIX,mingpaonews.com
DOMAIN-SUFFIX,mingshengbao.com
DOMAIN-SUFFIX,minus.com
DOMAIN-SUFFIX,minzhuzhongguo.org
DOMAIN-SUFFIX,mirrorbooks.com
DOMAIN-SUFFIX,mitbbs.com
DOMAIN-SUFFIX,mkini.net
DOMAIN-SUFFIX,mlxiaoshuo.com
DOMAIN-SUFFIX,mobile01.com
DOMAIN-SUFFIX,mobileways.de
DOMAIN-SUFFIX,mobypicture.com
DOMAIN-SUFFIX,moedict.tw
DOMAIN-SUFFIX,mojim.com
DOMAIN-SUFFIX,mokeedev.com
DOMAIN-SUFFIX,molihua.org
DOMAIN-SUFFIX,mono.ac
DOMAIN-SUFFIX,mono.sh
DOMAIN-SUFFIX,moonbbs.com
DOMAIN-SUFFIX,mozilla.net
DOMAIN-SUFFIX,mp3ye.eu
DOMAIN-SUFFIX,mpfinance.com
DOMAIN-SUFFIX,msguancha.com
DOMAIN-SUFFIX,mtlmp4.com
DOMAIN-SUFFIX,myca168.com
DOMAIN-SUFFIX,mychinanews.com
DOMAIN-SUFFIX,mycnnews.com
DOMAIN-SUFFIX,mycould.com
DOMAIN-SUFFIX,myfreecams.com
DOMAIN-SUFFIX,myfreshnet.com
DOMAIN-SUFFIX,myhd1080.tv
DOMAIN-SUFFIX,myradio.com.hk
DOMAIN-SUFFIX,myradio.hk
DOMAIN-SUFFIX,mysinablog.com
DOMAIN-SUFFIX,nanyang.com
DOMAIN-SUFFIX,nanyangpost.com
DOMAIN-SUFFIX,ncchinesenews.com
DOMAIN-SUFFIX,ndr.de
DOMAIN-SUFFIX,net1.hkbu.edu.hk
DOMAIN-SUFFIX,netgear.com
DOMAIN-SUFFIX,netme.cc
DOMAIN-SUFFIX,network54.com
DOMAIN-SUFFIX,networkedblogs.com
DOMAIN-SUFFIX,newcenturymc.com
DOMAIN-SUFFIX,newcenturynews.com
DOMAIN-SUFFIX,newhighlandvision.com
DOMAIN-SUFFIX,news.hk.msn.com
DOMAIN-SUFFIX,news.pts.org.tw
DOMAIN-SUFFIX,newsancai.com
DOMAIN-SUFFIX,newstapa.org
DOMAIN-SUFFIX,newtaiwan.com.tw
DOMAIN-SUFFIX,newtalk.tw
DOMAIN-SUFFIX,nextdigital.com.hk
DOMAIN-SUFFIX,nextmag.com.tw
DOMAIN-SUFFIX,nextmedia.com
DOMAIN-SUFFIX,ngensis.com
DOMAIN-SUFFIX,nicovideo.jp
DOMAIN-SUFFIX,nobel.se
DOMAIN-SUFFIX,nobelprize.org
DOMAIN-SUFFIX,notipage.com
DOMAIN-SUFFIX,nownews.com
DOMAIN-SUFFIX,nps.gov
DOMAIN-SUFFIX,nrk.no
DOMAIN-SUFFIX,ntd.tv
DOMAIN-SUFFIX,ntdtv.com
DOMAIN-SUFFIX,ntdtv-dc.com
DOMAIN-SUFFIX,nuzcom.com
DOMAIN-SUFFIX,nvquan.org
DOMAIN-SUFFIX,nyt.com
DOMAIN-SUFFIX,nytcn.me
DOMAIN-SUFFIX,nyti.ms
DOMAIN-SUFFIX,nytimes.com
DOMAIN-SUFFIX,nytimg.com
DOMAIN-SUFFIX,nytstyle.com
DOMAIN-SUFFIX,observechina.net
DOMAIN-SUFFIX,oclp.hk
DOMAIN-SUFFIX,ogaoga.org
DOMAIN-SUFFIX,oiktv.com
DOMAIN-SUFFIX,olx.com.br
DOMAIN-SUFFIX,on.cc
DOMAIN-SUFFIX,onedrive.live.com
DOMAIN-SUFFIX,onlinestuffs.com
DOMAIN-SUFFIX,open.com.hk
DOMAIN-SUFFIX,opendemocracy.net
DOMAIN-SUFFIX,orientaldaily.com.my
DOMAIN-SUFFIX,orientaldaily.on.cc
DOMAIN-SUFFIX,orzhd.com
DOMAIN-SUFFIX,oursogo.com
DOMAIN-SUFFIX,oursteps.com.au
DOMAIN-SUFFIX,outbrain.com
DOMAIN-SUFFIX,ow.ly
DOMAIN-SUFFIX,oyax.com
DOMAIN-SUFFIX,oyou.com.au
DOMAIN-SUFFIX,page2rss.com
DOMAIN-SUFFIX,pageflakes.com
DOMAIN-SUFFIX,panoramio.com
DOMAIN-SUFFIX,pao-pao.net
DOMAIN-SUFFIX,paper.li
DOMAIN-SUFFIX,passiontimes.hk
DOMAIN-SUFFIX,pbwiki.com
DOMAIN-SUFFIX,pbworks.com
DOMAIN-SUFFIX,pcdvd.com.tw
DOMAIN-SUFFIX,pchome.com.tw
DOMAIN-SUFFIX,pcij.org
DOMAIN-SUFFIX,peacehall.com
DOMAIN-SUFFIX,penchinese.org
DOMAIN-SUFFIX,peopo.org
DOMAIN-SUFFIX,perfspot.com
DOMAIN-SUFFIX,pfd.org.hk
DOMAIN-SUFFIX,picpar.com
DOMAIN-SUFFIX,picrar.com
DOMAIN-SUFFIX,piebridge.me
DOMAIN-SUFFIX,pimgs.com
DOMAIN-SUFFIX,pincong.rocks
DOMAIN-SUFFIX,ping.fm
DOMAIN-SUFFIX,pinimg.com
DOMAIN-SUFFIX,pinterest.com
DOMAIN-SUFFIX,piratescreen.com
DOMAIN-SUFFIX,piring.com
DOMAIN-SUFFIX,pixshock.net
DOMAIN-SUFFIX,playno1.com
DOMAIN-SUFFIX,playno1.com.tw
DOMAIN-SUFFIX,popvote.hk
DOMAIN-SUFFIX,popyard.com
DOMAIN-SUFFIX,popyard.org
DOMAIN-SUFFIX,porn.com
DOMAIN-SUFFIX,pornhub.com
DOMAIN-SUFFIX,post852.com
DOMAIN-SUFFIX,posterous.com
DOMAIN-SUFFIX,potatso.com
DOMAIN-SUFFIX,potatsocontent.com
DOMAIN-SUFFIX,powerlinks.com
DOMAIN-SUFFIX,premeforwindows.com
DOMAIN-SUFFIX,prestige-av.com
DOMAIN-SUFFIX,prettyvirgin.com
DOMAIN-SUFFIX,privoxy.org
DOMAIN-SUFFIX,pubu.com.tw
DOMAIN-SUFFIX,qidian.ca
DOMAIN-SUFFIX,qiwen.lu
DOMAIN-SUFFIX,quickpornsearch.com
DOMAIN-SUFFIX,quora.com
DOMAIN-SUFFIX,quoracdn.net
DOMAIN-SUFFIX,qxbbs.org
DOMAIN-SUFFIX,radioaustralia.net.au
DOMAIN-SUFFIX,ranyunfei.com
DOMAIN-SUFFIX,rapbull.net
DOMAIN-SUFFIX,rcinet.ca
DOMAIN-SUFFIX,readingtimes.com.tw
DOMAIN-SUFFIX,recovery.org.tw
DOMAIN-SUFFIX,redchinacn.org
DOMAIN-SUFFIX,reddit.com
DOMAIN-SUFFIX,redsquirrel87.com
DOMAIN-SUFFIX,redtube.com
DOMAIN-SUFFIX,reduik.com
DOMAIN-SUFFIX,referer.us
DOMAIN-SUFFIX,relink.us
DOMAIN-SUFFIX,rendsmap.com
DOMAIN-SUFFIX,renminbao.com
DOMAIN-SUFFIX,resilio.com
DOMAIN-SUFFIX,restorehk.com
DOMAIN-SUFFIX,reuters.com
DOMAIN-SUFFIX,reutersmedia.net
DOMAIN-SUFFIX,rfa.org
DOMAIN-SUFFIX,rferl.org
DOMAIN-SUFFIX,rfi.fr
DOMAIN-SUFFIX,rfi.my
DOMAIN-SUFFIX,rghost.net
DOMAIN-SUFFIX,riku.me
DOMAIN-SUFFIX,rmjdw.com
DOMAIN-SUFFIX,rnw.nl
DOMAIN-SUFFIX,rocmp.org
DOMAIN-SUFFIX,roodo.com
DOMAIN-SUFFIX,rsf.org
DOMAIN-SUFFIX,rsf-chinese.org
DOMAIN-SUFFIX,rthk.hk
DOMAIN-SUFFIX,rthk.org.hk
DOMAIN-SUFFIX,rti.org.tw
DOMAIN-SUFFIX,s3.amazonaws.com
DOMAIN-SUFFIX,sadpanda.us
DOMAIN-SUFFIX,sanmin.com.tw
DOMAIN-SUFFIX,sanminjiaoliu.net
DOMAIN-SUFFIX,savemedia.com
DOMAIN-SUFFIX,savetube.com
DOMAIN-SUFFIX,savevid.com
DOMAIN-SUFFIX,saveyoutube.com
DOMAIN-SUFFIX,scdn.co
DOMAIN-SUFFIX,scholarism.com
DOMAIN-SUFFIX,s-dragon.org
DOMAIN-SUFFIX,search.xxx
DOMAIN-SUFFIX,secretchina.com
DOMAIN-SUFFIX,securityinabox.org
DOMAIN-SUFFIX,securitykiss.com
DOMAIN-SUFFIX,sendspace.com
DOMAIN-SUFFIX,setn.com
DOMAIN-SUFFIX,sex.com
DOMAIN-SUFFIX,sexinsex.net
DOMAIN-SUFFIX,shadow.ma
DOMAIN-SUFFIX,shadowgov.tw
DOMAIN-SUFFIX,shadowsocks.org
DOMAIN-SUFFIX,sharenxs.com
DOMAIN-SUFFIX,sharpdaily.com
DOMAIN-SUFFIX,sharpdaily.tw
DOMAIN-SUFFIX,sherrychan.net
DOMAIN-SUFFIX,shizhao.org
DOMAIN-SUFFIX,shr.lc
DOMAIN-SUFFIX,shutterstock.com
DOMAIN-SUFFIX,sinaapp.co
DOMAIN-SUFFIX,singtao.com
DOMAIN-SUFFIX,sinomontreal.ca
DOMAIN-SUFFIX,sinoquebec.com
DOMAIN-SUFFIX,sis001.com
DOMAIN-SUFFIX,sitebro.tw
DOMAIN-SUFFIX,six-degrees.io
DOMAIN-SUFFIX,slideshare.net
DOMAIN-SUFFIX,smh.com.au
DOMAIN-SUFFIX,smhric.org
DOMAIN-SUFFIX,softether-download.com
DOMAIN-SUFFIX,sohcradio.com
DOMAIN-SUFFIX,sondelespoir.org
DOMAIN-SUFFIX,sonidodelaesperanza.org
DOMAIN-SUFFIX,sougouwiki.com
DOMAIN-SUFFIX,soundofhope.co.kr
DOMAIN-SUFFIX,soundofhope.kr
DOMAIN-SUFFIX,soundofhope.org
DOMAIN-SUFFIX,soup-dev.com
DOMAIN-SUFFIX,southnews.com.tw
DOMAIN-SUFFIX,spankwire.com
DOMAIN-SUFFIX,spotify.com
DOMAIN-SUFFIX,spring4u.info
DOMAIN-SUFFIX,ssr.tools
DOMAIN-SUFFIX,startpage.com
DOMAIN-SUFFIX,steemit.com
DOMAIN-SUFFIX,stgloballink.com
DOMAIN-SUFFIX,stickeraction.com
DOMAIN-SUFFIX,stimme-de.de
DOMAIN-SUFFIX,stooorage.com
DOMAIN-SUFFIX,storify.com
DOMAIN-SUFFIX,storm.mg
DOMAIN-SUFFIX,stormmediagroup.com
DOMAIN-SUFFIX,strongvpn.com
DOMAIN-SUFFIX,stumbleupon.com
DOMAIN-SUFFIX,stupidvideos.com
DOMAIN-SUFFIX,sucuri.net
DOMAIN-SUFFIX,sugarsync.com
DOMAIN-SUFFIX,sun1911.com
DOMAIN-SUFFIX,supersu.com
DOMAIN-SUFFIX,swagbucks.com
DOMAIN-SUFFIX,sydneytoday.com
DOMAIN-SUFFIX,t.co
DOMAIN-SUFFIX,t.me
DOMAIN-SUFFIX,t66y.com
DOMAIN-SUFFIX,taaze.tw
DOMAIN-SUFFIX,tahr.org.tw
DOMAIN-SUFFIX,taiwandaily.net
DOMAIN-SUFFIX,taiwanus.net
DOMAIN-SUFFIX,talkonly.net
DOMAIN-SUFFIX,tantannews.com
DOMAIN-SUFFIX,tavis.tw
DOMAIN-SUFFIX,tca.org.tw
DOMAIN-SUFFIX,tdesktop.com
DOMAIN-SUFFIX,techinasia.com
DOMAIN-SUFFIX,technorati.com
DOMAIN-SUFFIX,telegra.ph
DOMAIN-SUFFIX,telegram.me
DOMAIN-SUFFIX,telegram.org
DOMAIN-SUFFIX,telesco.pe
DOMAIN-SUFFIX,tenacy.com
DOMAIN-SUFFIX,tenacy-free.com
DOMAIN-SUFFIX,theblaze.com
DOMAIN-SUFFIX,thebobs.com
DOMAIN-SUFFIX,theepochtimes.com
DOMAIN-SUFFIX,thefrontier.hk
DOMAIN-SUFFIX,theglobalmail.org
DOMAIN-SUFFIX,theguardian.com
DOMAIN-SUFFIX,thehousenews.com
DOMAIN-SUFFIX,theinitium.com
DOMAIN-SUFFIX,thenewslens.com
DOMAIN-SUFFIX,the-sun.on.cc
DOMAIN-SUFFIX,thetibetpost.com
DOMAIN-SUFFIX,thetimenow.com
DOMAIN-SUFFIX,thinkingtaiwan.com
DOMAIN-SUFFIX,thisav.com
DOMAIN-SUFFIX,tiananmenduizhi.com
DOMAIN-SUFFIX,tiananmenmother.org
DOMAIN-SUFFIX,tiananmenuniv.com
DOMAIN-SUFFIX,tiananmenuniv.net
DOMAIN-SUFFIX,tibet.net
DOMAIN-SUFFIX,time.com
DOMAIN-SUFFIX,timer-tab.com
DOMAIN-SUFFIX,tiny.cc
DOMAIN-SUFFIX,tinychat.com
DOMAIN-SUFFIX,tmagazine.com
DOMAIN-SUFFIX,tmu.edu.tw
DOMAIN-SUFFIX,tokyocn.com
DOMAIN-SUFFIX,topcoo.com
DOMAIN-SUFFIX,topsy.com
DOMAIN-SUFFIX,torrentcrazy.com
DOMAIN-SUFFIX,torrentkitty.com
DOMAIN-SUFFIX,trackon.org
DOMAIN-SUFFIX,transformativeworks.org
DOMAIN-SUFFIX,transparency.org
DOMAIN-SUFFIX,trendsmap.com
DOMAIN-SUFFIX,trib.al
DOMAIN-SUFFIX,trouw.nl
DOMAIN-SUFFIX,trtc.com.tw
DOMAIN-SUFFIX,trueimages.ru
DOMAIN-SUFFIX,truveo.com
DOMAIN-SUFFIX,tsquare.tv
DOMAIN-SUFFIX,tsu.org.tw
DOMAIN-SUFFIX,tube8.com
DOMAIN-SUFFIX,tuiyun.net
DOMAIN-SUFFIX,tumblr.com
DOMAIN-SUFFIX,tv.com
DOMAIN-SUFFIX,tvboxnow.com
DOMAIN-SUFFIX,twbbs.org
DOMAIN-SUFFIX,twbbs.tw
DOMAIN-SUFFIX,tweetdeck.com
DOMAIN-SUFFIX,tweettunnel.com
DOMAIN-SUFFIX,tweez.net
DOMAIN-SUFFIX,twgreatdaily.com
DOMAIN-SUFFIX,twicsy.com
DOMAIN-SUFFIX,twilk.com
DOMAIN-SUFFIX,twimg.com
DOMAIN-SUFFIX,twipple.jp
DOMAIN-SUFFIX,twitchtv.com
DOMAIN-SUFFIX,twitiq.com
DOMAIN-SUFFIX,twitpic.com
DOMAIN-SUFFIX,twitter.com
DOMAIN-SUFFIX,twitterfeed.com
DOMAIN-SUFFIX,twittergadget.com
DOMAIN-SUFFIX,twitterknowhow.com
DOMAIN-SUFFIX,twitvid.com
DOMAIN-SUFFIX,twitvid.com.edgesuite.net
DOMAIN-SUFFIX,twiyia.com
DOMAIN-SUFFIX,twtrland.com
DOMAIN-SUFFIX,ucdc1998.org
DOMAIN-SUFFIX,udn.com
DOMAIN-SUFFIX,udn.com.tw
DOMAIN-SUFFIX,ugo.com
DOMAIN-SUFFIX,uhrp.org
DOMAIN-SUFFIX,uighurbiz.net
DOMAIN-SUFFIX,ulifestyle.com.hk
DOMAIN-SUFFIX,ultrareach.com
DOMAIN-SUFFIX,unblock.cn.com
DOMAIN-SUFFIX,uncyclopedia.tw
DOMAIN-SUFFIX,upmedia.mg
DOMAIN-SUFFIX,uproxy.org
DOMAIN-SUFFIX,ustream.tv
DOMAIN-SUFFIX,utorrent.com
DOMAIN-SUFFIX,uwants.com
DOMAIN-SUFFIX,uyghuramerican.org
DOMAIN-SUFFIX,uyghurpress.com
DOMAIN-SUFFIX,uyl.me
DOMAIN-SUFFIX,v2ex.com
DOMAIN-SUFFIX,van698.com
DOMAIN-SUFFIX,vaticanradio.org
DOMAIN-SUFFIX,vdonext.com
DOMAIN-SUFFIX,velkaepocha.sk
DOMAIN-SUFFIX,venchina.com
DOMAIN-SUFFIX,veoh.com
DOMAIN-SUFFIX,vevo.com
DOMAIN-SUFFIX,viber.com
DOMAIN-SUFFIX,video.pbs.org
DOMAIN-SUFFIX,vietdaikynguyen.com
DOMAIN-SUFFIX,vinmusic.com
DOMAIN-SUFFIX,visiontimes.ca
DOMAIN-SUFFIX,vjmedia.com.hk
DOMAIN-SUFFIX,vocus.cc
DOMAIN-SUFFIX,vot.org
DOMAIN-SUFFIX,vox-cdn.com
DOMAIN-SUFFIX,vpngate.jp
DOMAIN-SUFFIX,vpngate.net
DOMAIN-SUFFIX,vpnxunlu.com
DOMAIN-SUFFIX,wahas.com
DOMAIN-SUFFIX,wanglixiong.com
DOMAIN-SUFFIX,want-daily.com
DOMAIN-SUFFIX,watchzerg.com
DOMAIN-SUFFIX,watorrent.org
DOMAIN-SUFFIX,wattpad.com
DOMAIN-SUFFIX,wdf5.com
DOMAIN-SUFFIX,wearn.com
DOMAIN-SUFFIX,web.pts.org.tw
DOMAIN-SUFFIX,weblagu.com
DOMAIN-SUFFIX,websitepulse.com
DOMAIN-SUFFIX,webwarper.net
DOMAIN-SUFFIX,wegfw.com
DOMAIN-SUFFIX,weibosuite.com
DOMAIN-SUFFIX,weijingsheng.org
DOMAIN-SUFFIX,weiquanwang.org
DOMAIN-SUFFIX,wengewang.org
DOMAIN-SUFFIX,wenxuecity.com
DOMAIN-SUFFIX,westca.com
DOMAIN-SUFFIX,westkit.net
DOMAIN-SUFFIX,wetransfer.com
DOMAIN-SUFFIX,whattalking.com
DOMAIN-SUFFIX,whogovernstw.org
DOMAIN-SUFFIX,whotalking.com
DOMAIN-SUFFIX,wi-gadget.com
DOMAIN-SUFFIX,wikia.com
DOMAIN-SUFFIX,wikia.net
DOMAIN-SUFFIX,wikia.nocookie.net
DOMAIN-SUFFIX,wikia-beacon.com
DOMAIN-SUFFIX,wiztechnologies.jp
DOMAIN-SUFFIX,wn.com
DOMAIN-SUFFIX,worldcat.org
DOMAIN-SUFFIX,worldjournal.com
DOMAIN-SUFFIX,wrchina.org
DOMAIN-SUFFIX,wretch.cc
DOMAIN-SUFFIX,wuala.com
DOMAIN-SUFFIX,wuerkaixi.com
DOMAIN-SUFFIX,wujie.net
DOMAIN-SUFFIX,wujieliulan.com
DOMAIN-SUFFIX,wwitv.com
DOMAIN-SUFFIX,xanga.com
DOMAIN-SUFFIX,xbookcn.net
DOMAIN-SUFFIX,xhamster.com
DOMAIN-SUFFIX,xiaochuncnjp.com
DOMAIN-SUFFIX,xinmiao.com.hk
DOMAIN-SUFFIX,xinyubbs.net
DOMAIN-SUFFIX,xiti.com
DOMAIN-SUFFIX,xizang-zhiye.org
DOMAIN-SUFFIX,xjp.cc
DOMAIN-SUFFIX,xn--fiq681d48s.org
DOMAIN-SUFFIX,xpics.us
DOMAIN-SUFFIX,xtube.com
DOMAIN-SUFFIX,xuehua.us
DOMAIN-SUFFIX,xunluvpn.com
DOMAIN-SUFFIX,xvideosmatome.net
DOMAIN-SUFFIX,xys.org
DOMAIN-SUFFIX,yamedia.tw
DOMAIN-SUFFIX,yasni.co.uk
DOMAIN-SUFFIX,ycp.hk
DOMAIN-SUFFIX,yfrog.com
DOMAIN-SUFFIX,yhritw.org
DOMAIN-SUFFIX,yibaochina.com
DOMAIN-SUFFIX,yidio.com
DOMAIN-SUFFIX,yorkbbs.ca
DOMAIN-SUFFIX,you2go.me
DOMAIN-SUFFIX,youjizz.com
DOMAIN-SUFFIX,youmaker.com
DOMAIN-SUFFIX,youporn.com
DOMAIN-SUFFIX,youthwant.com.tw
DOMAIN-SUFFIX,youtu.be
DOMAIN-SUFFIX,youtube.com
DOMAIN-SUFFIX,youtubeinmp3.com
DOMAIN-SUFFIX,ytimg.com
DOMAIN-SUFFIX,yzzk.com
DOMAIN-SUFFIX,zhengjian.org
DOMAIN-SUFFIX,zhenlibu1984.com
DOMAIN-SUFFIX,zhongzilou.com
DOMAIN-SUFFIX,zhoushuguang.com
DOMAIN-SUFFIX,zinio.com
DOMAIN-SUFFIX,zlvc.net
DOMAIN-SUFFIX,zlvc.net.he2.aqb.so
DOMAIN-SUFFIX,zomobo.net
DOMAIN-SUFFIX,zorpia.com
DOMAIN-SUFFIX,zuo.la
DOMAIN-SUFFIX,zuobiao.me
DOMAIN-SUFFIX,zuola.com
DOMAIN-SUFFIX,zxing.org
DOMAIN-SUFFIX,zyzc.greatzhonghua.org


================================================
FILE: Enable_BoringSSL_OCSP.patch
================================================
From: CarterLi <carter.li@eoitek.com>
Date: Sat, 19 May 2018 22:08:47 +0800
Subject: [PATCH] Support OSCP stapling on BoringSSL
Link: https://github.com/kn007/patch/issues/4
Modified: kn007


diff --git a/src/event/ngx_event_openssl_stapling.c b/src/event/ngx_event_openssl_stapling.c
index 0bea5e7..334f1c2 100644
--- a/src/event/ngx_event_openssl_stapling.c
+++ b/src/event/ngx_event_openssl_stapling.c
@@ -1874,8 +1874,50 @@ ngx_int_t
 ngx_ssl_stapling(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file,
     ngx_str_t *responder, ngx_uint_t verify)
 {
+#ifdef BORINGSSL_MAKE_DELETER
+    ngx_log_error(NGX_LOG_NOTICE, ssl->log, 0,
+                  "using boringssl, currently only \"ssl_stapling_file\" is supported. use it as your own risk");
+
+    BIO            *bio;
+    int             len;
+    u_char          buf[2048];
+
+    if (ngx_conf_full_name(cf->cycle, file, 1) != NGX_OK) {
+        return NGX_ERROR;
+    }
+
+    bio = BIO_new_file((char *) file->data, "r");
+    if (bio == NULL) {
+        ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
+                      "BIO_new_file(\"%s\") failed", file->data);
+        return NGX_ERROR;
+    }
+
+    len = BIO_read(bio, buf, sizeof(buf) / sizeof(u_char));
+    BIO_free(bio);
+    bio = NULL;
+
+    if (len <= 0) {
+        ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
+                      "Read OCSP response file \"%s\" failed: %d", file->data, len);
+        return NGX_ERROR;
+    }
+
+    if (len >= 2000) {
+        ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
+                      "Unexpected OCSP response file length: %d", len);
+        return NGX_ERROR;
+    }
+
+    if (!SSL_CTX_set_ocsp_response(ssl->ctx, buf, len)) {
+        ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
+                      "SSL_CTX_set_ocsp_response(ssl->ctx, buf, %d) failed", len);
+        return NGX_ERROR;
+    }
+#else
     ngx_log_error(NGX_LOG_WARN, ssl->log, 0,
                   "\"ssl_stapling\" ignored, not supported");
+#endif
 
     return NGX_OK;
 }


================================================
FILE: LICENSE
================================================
MIT License

Copyright (c) 2021 Karl Chen

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.


================================================
FILE: README.md
================================================
# Patches

## Nginx

### use_openssl_md5_sha1.patch
* Use the OpenSSL library instead of the Nginx original function.
* Repack it because "patch unexpectedly ends in middle of line".
    - Thanks [@CarterLi](https://github.com/kn007/patch/issues/5)

Test pass: 1.29.2

### nginx_dynamic_tls_records.patch
* Add Dynamic TLS Record Support.

Require: Nginx 1.29.2

Test pass: 1.29.2

### Enable_BoringSSL_OCSP.patch
* For BoringSSL support OCSP stapling.
    - Using "ssl_stapling_file" to support.
    - Only "ssl_stapling_file" with single cert is supported.
    - Auto-rebuild OCSP stapling file with shell and atd(at cron), you can read this [article](https://kn007.net/topics/let-nginx-support-ocsp-stapling-when-using-boringssl/)(Maybe you need a translation tool).
    - Thanks [@CarterLi](https://github.com/kn007/patch/issues/4).

Test pass: 1.25.5

### nginx.patch (Discontinued)
* Add HTTP2 HPACK Encoding Support.
* Add Dynamic TLS Record Support.

Require: Nginx 1.25.0 (this version only)

Test pass: 1.25.0

Since `Nginx` 1.25.1, HPACK encoding will not support because the HTTP/2 server push support has been removed.

### nginx_with_quic.patch (Discontinued)
* Add HTTP3(QUIC) Support.
    - For OCSP stapling, maybe you need [this](https://github.com/kn007/patch#enable_boringssl_ocsppatch).
* Add HTTP2 HPACK Encoding Support.
* Add Dynamic TLS Record Support.

Require: Nginx 1.21.4 or later.

Test pass: 1.23.3 with [cloudflare/quiche@c9311a1](https://github.com/cloudflare/quiche/tree/c9311a18910c0277867c34c0acc4a9711b50b913)

<b>Check your modules when build failed.</b>

### nginx_for_1.23.4.patch (Deprecated)
* Add HTTP2 HPACK Encoding Support.
* Add Dynamic TLS Record Support.

Require: Nginx version below 1.25.0

Test pass: 1.23.4

### nginx_with_quic_for_1.19.7_full.patch (Deprecated)
* Add HTTP3(QUIC) Support.
    - For OCSP stapling, maybe you need [this](https://github.com/kn007/patch#enable_boringssl_ocsppatch).
* Add HTTP2 HPACK Encoding Support.
* Add Dynamic TLS Record Support.

Require: Nginx 1.19.7 or later(below 1.21.4).

Test pass: 1.21.3 with [cloudflare/quiche@af1bbc0](https://github.com/cloudflare/quiche/tree/af1bbc03e9992bae516d0b692a481de64bd4e8d9)

`nginx_with_quic_for_1.19.6.patch` is required to support Nginx versions lower than 1.19.7, cause `post_accept_timeout` had been removed by Nginx since 1.19.7.

### nginx_with_quic_for_1.19.6.patch (Deprecated)
* Revert `nginx_with_quic.patch` to support Nginx versions lower than 1.19.7.
* Patch `nginx_with_quic.patch` first, then patch this one.

Test pass: 1.19.6 with [nginx_with_quic.patch@ec8cac4](https://github.com/kn007/patch/blob/ec8cac4fc74b1718e9b005e7533201aec552aa40/nginx_with_quic.patch) & [cloudflare/quiche@fca5e9a](https://github.com/cloudflare/quiche/tree/fca5e9acdfdff9e80c7b9346214c64b393108328)

### nginx_with_spdy.patch (Deprecated)
* Add SPDY Support.
* Add HTTP2 HPACK Encoding Support.
* Add Dynamic TLS Record Support.

Test pass: 1.17.9

### nginx_with_spdy_quic.patch (Deprecated)
* Add SPDY Support.
* Add HTTP3(QUIC) Support.
* Add HTTP2 HPACK Encoding Support.
* Add Dynamic TLS Record Support.

Test pass: 1.17.9 with [cloudflare/quiche@9a8b3b](https://github.com/cloudflare/quiche/tree/9a8b3b12d007715cd4cc254362db51d5a01de9f2)

## Other

### openssl-1.1.1.patch
* Add TLS 1.3 Support.
* Add BoringSSL's Equal Preference Support.
* Add ChaCha20-Poly1305 Draft Version Support.

Test pass: 1.1.1w

### ffmpeg-let-rtmp-flv-support-hevc-h265-opus.patch
* FLV/RTMP Extensions For FFmpeg.
    - Add FLV Encode/Decode with H.265/HEVC & OPUS Codec Support.
    - Add RTMP Stream Push with H.265/HEVC & OPUS Codec Support.
    - Thanks [@xia-chu](https://github.com/xia-chu/ZLMediaKit/wiki/RTMP%E5%AF%B9H265%E5%92%8COPUS%E7%9A%84%E6%94%AF%E6%8C%81).

Test pass: 4.3.1

### dropbox_fs_fix.patch
* For Dropbox Linux users. This patch could let official python script auto-load `libdropbox_fs_fix.so` library before start dropboxd.
    - Using [Dropbox filesystem fix for Linux Repo](https://github.com/dark/dropbox-filesystem-fix) and make `libdropbox_fs_fix.so`.
    - After compiled, copy `libdropbox_fs_fix.so` to `$HOME/.dropbox-dist/libdropbox_fs_fix.so`.
    - Download Dropbox official python script, put it with patch file together.
    - Patch, enjoy.

Test pass: 2019.02.14 version

## Links
[聊聊Nginx 1.25和HTTP/3](https://kn007.net/topics/talk-about-nginx-1-25-and-http-3/)

[Nginx 1.19.4新特性推荐](https://kn007.net/topics/nginx-1-19-4-new-feature-recommendation/)

[让Nginx使用BoringSSL时支持OCSP Stapling](https://kn007.net/topics/let-nginx-support-ocsp-stapling-when-using-boringssl/)

[博客终止使用TLS 1.0和TLS 1.1协议](https://kn007.net/topics/deprecating-tls-1-0-and-tls-1-1-protocols/)

[小试HTTP3](https://kn007.net/topics/try-http3/)

[我的Nginx编译之旅](https://kn007.net/topics/my-nginx-compilation-tour/)

[解决Dropbox Linux客户端因文件系统导致无法同步问题](https://kn007.net/topics/fix-dropbox-filesystem-sync-problem-for-linux-client/)

[kn007的个人博客](https://kn007.net) 


================================================
FILE: blacklist.dgjy
================================================
dmad.info
pin.hamturer.com
sim.miniast.com
tongjii.us
slushpool.com
mlmy.3322.org
fget-career.com
3666777a.com
gp.like383.com
tj.gogo2021.xyz
webmine.cz
arthur.niria.biz
apple-pie.in
althawry.org
www.careerdesk.org
www.hiprofitnetworks.com
nvhaaa.top
ttzytp.com
xiusebf1.com
hpdwfd2.com
rfyqtv2.com
qbyyvg3.com
kqvkvc3.com
bfrmye5.com
fpvdxd5.com
mjrvkv5.com
nrxduw5.com
rzgvdm5.com
upffxs6.com
exwytd7.com
dfwskw7.com
pvhgws7.com
gezkdx7.com
qczuqw8.com
kupfkc9.com
rrtwda9.com
unpfqc9.com
ahmediye.net
park.realbig.online
a.51qingmiao.com.kaxi.net
wxy398.com
xred.mooo.com
gp.miaoxia123.com
dz.qd388.cn
tyszlga.wweczyc.com
lrepacks.net
img.yparse.com
amsamex.com
jsecoin.com
up.2nike.org
g2.arrowhitech.com
ampyazilim.com.tr
scriptcc.cc
beibeixixi.f3322.org
ok2.lovehy.com
tp1jcgl644jk.com
s6_down.listw.top
s6_req.listw.top
z100.vip
jxn0.51ginkgo.com
www.zigui.org
init.icloud-analysis.com
ftp.byethost7.com
ftp.byethost10.com
files.000webhost.com
000webhostapp.com
a7788.1apps.com
attach10132.1apps.com
bluemountain.1apps.com
filer1.1apps.com
s8877.1apps.com
ugig.ir
ceye.io
share.dmca.gripe
9bys.com
amsamex.com
jwhss.com
prothid.ny.us.gamesurge.net
gameservers.nj.us.gamesurge.net
api.ceye.io
ipfs.via0.com
themoviehometheather.com
gcdz.info
brontocdn.com
via0.com
765567.xyz
7521.com
go2cliks.net
electladyproductions.com
haifti.com
wtkbxx.com
tesyk.com
tesjj.com
tesiu.com
saxyit.com
xx-x.catdggga.com
catdggga.com
exitgames.com
avdog-l0597.vip
avdog.net
cdnupdateservice.com
9988948.com
mmo2350.top
gb.dyabgjaf.com
shunyi520.vicp.net
ji.kunkunonline.top
mycontrolpanel29.com
dasan.one
iluearv.net
ysuw.xyz
udxuke.net
dh.alyun.cn
uiwixv.net
iuayeu.net
dark-confusion.com
zerostdio.com
iachks.net
contabostorage.com
cacen.despacito5.com


================================================
FILE: bypass.list
================================================
[SwitchyOmega Conditions]
; Require: SwitchyOmega >= 2.3.2
; Date: 2026/3/28
; Usage: https://github.com/FelisCatus/SwitchyOmega/wiki/RuleListUsage

; https://raw.githubusercontent.com/kn007/patch/master/bypass.list

*.c.gle
*.wallhaven.cc
*.manhuagui.com
*.catbox.moe
*.mixtape.moe
*.maxroll.gg
*.simaware.ca
*.arcgisonline.com
*.rainviewer.com
subscriptionsmanagement-pa.googleapis.com
subscriptionsmobile-pa.googleapis.com
phosphor-pa.googleapis.com
growth-pa.googleapis.com
*.csb.app
*.codesandbox.io
*.cloud.cupronickel.goog
*.openai.com
*.twitch.tv
*.bose.com
*.worldofwarships.asia
*.worldofwarships.jp
*.wargaming.net
*.hikarifield.co.jp
*.postfix.org
*.ietf.org
*.schema.org
*.youtu.be
*.doubleclick.net
*.googleadservices.com
*.google.cn
*.googleapps.com
*.thinkwithgoogle.com
*.withgoogle.com
*.fbcdn.net
*.flickr.com
*.youtube-nocookie.com
*.youtube.com
*.googleusercontent.com
*.thepiratebay.se
*.gmail.com
*.google.com*
*.facebook.com
*.vimeo.com
*.twitter.com
*.staticflickr.com
*.sstatic.net
*.imgur.com
*.fastly.net
*.bit.ly
*.newrelic.com
*.paypal.com
*.paypalobjects.com
*.cloudfront.net
*.googlepages.com
*.twimg.com
*.t.co
*.ytimg.com
*.adzerk.net
*.xmages.net
*.fucklo.li
*.freeproxylists.net
*.archive.org
*.shadowsocks.org
*.dropbox.com
*.blogspot.com
*.rage4.com
*.brandonchecketts.com
*.googleratings.com
*.letscorp.net
*.googlevideo.com
*.gravatar.com
*.goods-pro.com
*.w.org
*.wp.com
*.deviantart.com
*.deviantart.net
*.archive.fo
*.blogger.com
*.wordpress.com
*.instagram.com
*.facebook.net
*.github.io
*.github.com
*.githubusercontent.com
*.ssl-images-amazon.com
*.associates-amazon.com
*.media-amazon.com
*.awsstatic.com
*.googlecode.com
*.live.com
*.onedriver.com
*.wikipedia.org
*.wikimedia.org
*.nodequery.com
*.androidfilehost.com
*.appspot.com
*.pastebin.com
*.dropboxstatic.com
*.disq.us
*.disquscdn.com
*.disqus.com
*.alexa.com
*.amazonaws.com
*.bbc.co.uk
*.travis-ci.org
*.*.google
*.goog
*.pki.goog
*.cdninstagram.com
*.wordpress.org
*.slideshare.net
*.textnow.com
*.gfx.ms
*.chromium.org
*.goo.gl
*.googleblog.com
*.wikileaks.org
*.google.co.*
*.ggpht.com
*.t.me
*.telegram.me
*.telegra.ph
*.telegram.org
*.tdesktop.com
*.cisco.com
*.oneplus.net
*.g.co
*.amazon.com
*.amazon.co.*
*.xda-developers.com
*.mysql.com
*.tiny.cc
*.speedyrails.net
*.androidfilehost.com
*.pinimg.com
*.flightradar24.com
*.dropboxusercontent.com
*.cloudconvert.com
*.steaminventoryhelper.com
*.steamcardexchange.net
*.steamcommunity.com
*.steampowered.com
*.steam-api.com
*.akamaihd.net
*.keycdn.com
*.pumpcloud.net
*.mega.nz
*.mega.co.nz
*.telesco.pe
*.discordapp.net
*.discordapp.com
*.discord.com
*.discord.gg
*.redd.it
*.reddit.com
*.redditstatic.com
*.redditmedia.com
*.rawgit.com
*.ampproject.net
*.windy.com
*.githubassets.com
*.bootstrapcdn.com
*.ubi.com
*.ubisoft.com
*.wonderpush.com
*.goo.gl
*.similarweb.com
*.similarcdn.com
*.intercom.io
*.intercomcdn.com
*.regex101.com
*.jsfiddle.net
*.jshell.net
*.tunemymusic.com
*.unsplash.com
*.ping.pe
*.spotify.com
*.scdn.co
*.3dmark.com
*.futuremark.com
*.ultravps.eu
*.providerdienste.de
*.virtualhosts.de
*.he.net
*.akamaized.net
*.typekit.net
*.akamaihd.net
*.jquery.com
*.ubi.li
*.github.blog
*.steamdb.info
*.algolia.net
*.steamstatic.com
*.pixiv.net
*.pximg.net
*.pixnet.net
*.pixfs.net
*.sharemods.com
*.notion.so
*.imgbox.com
*.geeks3d.com
*.nvidia.com
*.gamepadviewer.com
*.humansofnewyork.com
*.cloudflare.com
*.wagnardsoft.com
*.gitlab.com
*.gitlab-static.net
*.soundcloud.com
*.sndcdn.com
*.dl.sourceforge.net
*.javmost.com
*.javtrust.com
*.jable.tv
*.dmm.co.jp
*.tomyangsh.pw
*.rouman5.com
*.rou.video
*.htpt.cc
*.soulvoice.club
*.m-team.cc
*.m-team.io
*.hdcmct.org
*.springsunday.net
*.pterclub.com
*.totheglory.im
*.imgurl.org
*.flycrow.pro
*.groueta.cc
*.mantou.biz
*.ccache.org
*.seejav.bid
*.picturedata.org
*.javbee.net
*.bmp.ovh
*.open.cd
*.dmhy.org
*.keepfrds.com
*.jdbimgs.com
*.gifyu.com
*.dmmsee.fun
*.bitvise.com
*.chucklefish.org
*.steamgames.com
*.steamcontent.com
*.steamusercontent.com
*.fast.com
*.netflix.com
*.nflxvideo.net
*.nflxext.com
*.nflxso.net
*.onetrust.com
*.fosshub.com
*.autodesk.com.cn
*.autodesk.com
*.autodesk.net
*.openvpn.net
*.webflow.io
*.webflow.com
*.pstorage.space
*.netcdn.space
*.boost.org
*.tarolink.top
*.o--o.xyz
*.simgbb.com
*.imgbb.com
*.ibb.co
*.z4a.net
*.iili.io
*.weserv.nl
*.shoot.photo
*.ccp.ovh
*.imagebam.com
*.truenas.com
*.themoneyconverter.com
*.jpopsuki.eu
*.skyvector.com
*.postimgs.org
*.postlmg.cc
*.imagecurl.com
*.simbrief.com
*.flightsim.to
*.flybywiresim.com
*.chartfox.org
*.openstreetmap.org
*.vatsim.net
*.navigraph.com
*.gog-statics.com
*.gog.com
*.zendesk.com
*.zdassets.com
*.avsim.com
*.sda1.dev
*.sl.al
*.ccimg.xyz
*.admod.com
*.web.dev
*.jsdelivr.net
*.jsdelivr.com
*.evga.com
*.imageshack.com
*.adultempire.com
*.exoticaz.to
*.storages.cc
*.rockstargames.com
*.arkoselabs.com
*.arkoselabs.cn
*.javhdporn.net
*.i18n.pw
*.greasyfork.org
*.qbittorrent.org
*.seejav.bid
*.jdbstatic.com
*.021jf.com
*.pic599.net
*.98tuch.net
*.postto.me
*.aspnetcdn.com
*.netlify.app
*.netlify.com
*.beautifyconverter.com
*.healthchecks.io
*.mgstage.com
*.gvt2.com
*.gstatic.com
*.googleapis.com
*.gmodules.com
*.sesexiaozhan.com
*.biquge.tw
*.acgnx.se
*.combot.org
*.tenor.com
*.pixeldrain.com
*.gamer.com.tw
*.bahamut.com.tw
*.seiya-saiga.com
*.ptpimg.me
*.wiki.gg
HostRegex: ^.*\brmcdn\d+\.xyz$
HostRegex: ^.*\brn\d+\.xyz$
HostRegex: ^.*\broum\d+\.xyz$

; ==============================================================================
; ==============================================================================
; https://github.com/xinhugo/Free-List

HostRegex: ^(sp|www|actress|pics)\.dmm\.co\.jp$
www.dmm.com
www.r18.com

*.1024search.tk
*.1080.tw
*.1688.com.au
*.1dpw.com
*.1pondo.tv
*.2008xianzhang.info
*.24smile.org
*.4shared.com
*.5i01.com
*.5z5.com
*.64memo.com
*.64tianwang.com
*.64wiki.com
*.666kb.com
*.6do.news
*.6park.com
*.a1080hd.com
*.abc.xyz
*.ablwang.com
*.aboluowang.com
*.actimes.com.au
*.adblockplus.org
*.adobe.com
*.adsafeprotected.com
*.adsrvr.org
*.adultblogranking.com
*.aforcemorepowerful.org
*.ahd1080.com
*.aida64.com
*.aisex.com
*.aishangyou.tube
*.ait.org.tw
*.akamaihd.net
*.alabout.com
*.alicejapan.co.jp
*.aliengu.com
*.alliance.org.hk
*.allinfa.com
*.am730.com.hk
*.amazon.co.jp
*.amazonaws.com
*.amazonwebapps.com
*.amnesty.org
*.amnesty.tw
*.ananass.fr
*.android.com
*.androidfilehost.com
*.animecrazy.net
*.anti1984.com
*.anygoing.com
*.aomiwang.com
*.aoqinet.com
*.apkmirror.com
*.app2.hkatv.com
*.appledaily.hk
*.appspot.com
*.archive.org
*.asahichinese.com
*.asianews.it
*.aszw.com
*.atchinese.com
*.atdmt.com
*.atgfw.org
*.aurl.mobi
*.ausdaily.net.au
*.autoit-cdn.com
*.autoitscript.com
*.avbbs.tv
*.avcity.tv
*.avlang.com
*.av-scouter.info
*.avsp2p.com
*.backchina.com
*.backtotiananmen.com
*.badongo.com
*.baisex.me
*.bannedbook.org
*.bayfiles.net
*.bbcchinese.com
*.bbg.gov
*.bcchinese.net
*.beijingspring.com
*.bet365.com
*.betanews.com
*.beyondfirewall.com
*.bind9.net
*.binux.me
*.bit.ly
*.bitshare.com
*.bitsnoop.com
*.biz.tm
*.bjs.org
*.bjzc.org
*.blinkx.com
*.blockedinchina.net
*.blog.jp
*.blog.xuite.net
*.blog.yam.com
*.blogblog.com
*.blogcatalog.com
*.blogcity.me
*.blogimg.jp
*.bloglines.com
*.bloglovin.com
*.blogs.com
*.blogspot.in
*.blogspot.kr
*.bmvflorida.us
*.bod.asia
*.book.com.tw
*.books.com.tw
*.bootstrapcdn.com
*.botanwang.com
*.botanwang.org
*.bowenpress.com
*.boxun.com
*.boxun.us
*.break.com
*.brizzly.com
*.btdigg.org
*.btku.org
*.btn.weather.ca
*.bud.org.tw
*.buff.ly
*.bullog.org
*.bullogger.com
*.businessweek.com
*.bwp.im
*.bx.tl
*.c.bigcache.googleapis.com
*.c000.me
*.c080.me
*.c800.me
*.c9x.info
*.cahr.org.tw
*.campaign.tw-npo.org
*.cams.org.sg
*.canyu.org
*.caochangqing.com
*.cap.org.hk
*.cari.com.my
*.caribbeancom.com
*.catholic.org.hk
*.catholic.org.tw
*.catwizard.net
*.cbc.ca
*.ccdtr.org
*.ccim.org
*.ccw.org.tw
*.cdef.org
*.cdjp.org
*.cdnews.com.tw
*.cdns.com.tw
*.cecc.gov
*.cenews.eu
*.centralnation.com
*.cfhks.org.hk
*.cgdepot.org
*.chicagoncmtv.com
*.china.ucanews.com
*.chinaaid.net
*.chinabiz.org.tw
*.chinadigitaltimes.net
*.chinaelections.com
*.chinaelections.org
*.chinaeweekly.com
*.chinafile.com
*.chinagfw.org
*.chinainperspective.com
*.chinapress.com.my
*.chinarightsia.org
*.chinatcc.gov.cn
*.chinatimes.com
*.china-week.com
*.chinaworker.info
*.chinesedaily.com
*.chinesenewsnet.com
*.chinesepen.org
*.chinesetoday.com
*.chosun.com
*.christianstudy.com
*.christiantimes.org.hk
*.chrlawyers.hk
*.chrome.com
*.chromium.org
*.chubun.com
*.cincainews.com
*.citizenlab.org
*.citizensradio.org
*.city9x.com
*.civicparty.hk
*.civilhrfront.org
*.civilmedia.tw
*.ck101.com
*.ckcdn.com
*.clickme.net
*.cloudmonitor.ca.com
*.cna.com.tw
*.cnd.org
*.cnliberals.com
*.cnn.com
*.cnpolitics.org
*.cnyes.com
*.codeproject.com
*.comefromchina.com
*.competitionforce.hk
*.cool18.com
*.coolloud.org.tw
*.cotweet.com
*.cpuid.com
*.crazys.cc
*.creaders.net
*.creadersnet.com
*.crwdcntrl.net
*.crystalmark.info
*.c--spanarchives.-org
*.c-spanvideo.org
*.cts.com.tw
*.cw.com.tw
*.d100.net
*.d2pass.com
*.dadazim.com
*.dailymotion.com
*.dalailamaworld.com
*.danwei.org
*.daolan.net
*.dbanotes.net
*.del.icio.us
*.democraticchina.org
*.democrats.org
*.de-sci.org
*.dfs.kuaipan.cn
*.dfzdaili.com
*.dieneueepoche.com
*.digg.com
*.digitalocean.com
*.digitalvolcano.co.uk
*.diigo.com
*.dipity.com
*.discuss.com.hk
*.disp.cc
*.disqus.com
*.djjsq.com
*.djorz.com
*.dnscrypt.org
*.doit.im
*.dolc.de
*.dolf.org.hk
*.dongtaiwang.com
*.doub.io
*.doubibackup.com
*.download.aircrack-ng.org
*.dphk.org
*.dpp.org.tw
*.dropbox.com
*.dropboxusercontent.com
*.drsunacademy.com
*.dtiblog.com
*.duga.jp
*.duihua.org
*.duping.net
*.dupola.com
*.dw.com
*.dw.de
*.dw-world.com
*.dw-world.de
*.dxlive.com
*.e123.hk
*.ebookbrowse.com
*.ecfa.org.tw
*.echinanews.com.tw
*.edge.liveleak.com
*.edicypages.com
*.edoors.com
*.efcc.org.hk
*.eff.org
*.eic-av.com
*.e-info.org.tw
*.elpais.com
*.emilylau.org.hk
*.erabaru.net
*.erights.net
*.eroantenna.com
*.ero-video.net
*.es-visiontimes.com
*.etaiwannews.com
*.ettoday.net
*.evernote.com
*.extremetube.com
*.extremetube.phncdn.com
*.eyny.com
*.facebook.com
*.facebook.net
*.fangeming.com
*.fanqiang.network
*.fanqianghou.com
*.farxian.com
*.fastly.net
*.faststone.org
*.favstar.fm
*.faydao.com
*.fb.me
*.fbcdn.net
*.fc2.com
*.fdc89.jp
*.feedburner.com
*.feedjit.com
*.feedsportal.com
*.felixcat.net
*.ffx.io
*.filecroco.com
*.filesor.com
*.file-static.com
*.filestube.com
*.firebaseio.com
*.firepic.org
*.flyzy2005.com
*.fmnnow.com
*.foofind.is
*.fooooo.com
*.forum.kaiyuan.de
*.forum.tvb.com
*.fqrouter.com
*.free4u.com.ar
*.freebrowser.org
*.freedomhouse.org
*.freeproxyserver.net
*.freeshadow.info
*.freetufu.com
*.freewechat.com
*.freeweibo.com
*.friendfeed.com
*.fring.com
*.frontlinedefenders.org
*.ftchinese.com
*.fukugan.com
*.fuli.ba
*.fullyillustrated.com
*.fungchiwood.com
*.funp.com*
*.fw.cm
*.fw.com
*.g.co
*.gaeproxy.com
*.gamebase.com.tw
*.gameclub.tw
*.ganges.com
*.gcpnews.com
*.geocities.co.jp
*.getfoxyproxy.org
*.getgom.com
*.getsync.com
*.ggpht.com
*.ghd1080.com
*.gigacircle.com
*.gimp.org
*.git.io
*.github.com
*.github.io
*.githubusercontent.com
*.git-scm.com
*.gittigidiyor.com
*.globalvoices.org
*.globalvoicesonline.org
*.glorystar.me
*.gmail.com
*.gnews.org
*.goagent.biz
*.goo.gl
*.google
*.google.com
*.googlecode.com
*.googlesource.com
*.googletagmanager.com
*.googleusercontent.com
*.googlevideo.com
*.gopetition.com
*.gospelherald.com
*.gospelherald.com.hk
*.gov.tw
*.gpass1.com
*.gravatar.com
*.greatfire.org
*.greatfirewallofchina.org
*.greatzhonghua.org
*.greenparty.org.tw
*.gvm.com.tw
*.h528.com
*.haixiainfo.com.tw
*.hakkatv.org.tw
*.hav.tv
*.have8.com
*.h-china.org
*.hcocoa.com
*.hd1080.org
*.hdtransform.com
*.hechaji.com
*.helpzhuling.org
*.heqinglian.net
*.hetnieuwetijdperk.com
*.hexieshe.com
*.hikinggfw.org
*.hilive.tv
*.hioz.org
*.hitwister.com
*.hjav.org
*.hjclub.info
*.hk01.com
*.hkatvnews.com
*.hkchurch.org
*.hkci.org.hk
*.hkcnews.com
*.hkcrm.org.hk
*.hkdailynews.com.hk
*.hkdash.com
*.hkej.com
*.hket.com
*.hketgroup.com
*.hkgolden.com
*.hkgoldenmobile.com
*.hkhkhk.com
*.hkhrm.org.hk
*.hkja.org.hk
*.hkjc.com
*.hkjp.org
*.hkptu.org
*.hk-pub.com
*.hkreporter.com
*.hksilicon.com
*.hkumall.com
*.hkupop.hku.hk
*.hkusu.org
*.hkwcc.org.hk
*.hongkongfp.com
*.hongkongtibetfilmfestival2015.com
*.hotchyx.com
*.hotspotshield.com
*.hrichina.org
*.hrw.org
*.huanghuagang.org
*.huaren.us
*.huaxia-news.com
*.huping.net
*.hutong9.net
*.hwinfo.com
*.hxmmdd.com
*.hyperrate.com
*.hzy.pw
*.i1.hk
*.i2ocr.com
*.i2p2.de
*.iask.ca
*.iceimg.com
*.icij.org
*.idol-mile.com
*.idv.tw
*.ifanqiang.com
*.ift.tt
*.igfw.???
*.igfw.tk
*.igossip.com
*.ihao.org
*.ihd1080.org
*.ihktv.com
*.imagebam.com
*.imageshack.us
*.imagestorming.com
*.imageurlhost.com
*.imagevenue.com
*.imagezilla.net
*.img.ly
*.imgburn.com
*.imgchili.com
*.imgchili.net
*.imgdino.com
*.imgkeep.com
*.imgly.net
*.imgtiger.com
*.imgur.com
*.immoral.jp
*.i-mobile.co.jp
*.inmediahk.net
*.inote.tw
*.inside.com.tw
*.instagram.com
*.insynchq.com
*.intermargins.net
*.internet.org
*.internetfreedom.org
*.inxian.com
*.ipcf.org.tw
*.ipicture.ru
*.ipkmedia.com
*.isohunt.com
*.isunaffairs.com
*.isuntv.com
*.ithelp.ithome.com.tw
*.ixxx.com
*.iyouport.com
*.iyouport.org
*.j.mp
*.jasonsavard.com
*.jav008.com
*.javblog.biz
*.javfree.me
*.javideo.info
*.javsharing.com
*.jayxon.com
*.jbtalks.cc
*.jinbushe.org
*.jingfeng.info
*.jingpin.org
*.jiruan.net
*.jjgirls.com
*.jkforum.net
*.jpavgod.com
*.justin.tv
*.just-ping.com
*.kan.center
*.kankan.today
*.keakon.net
*.keephkshining.com
*.kenengba.com
*.kexueshangwang.info
*.kinghost.com
*.kingstone.com.tw
*.kir.jp
*.kwongwah.com.my
*.la-forum.org
*.lagranepoca.com
*.lailaibt.com
*.laqingdan.net
*.latteye.com
*.lcx.cc
*.lefora.com
*.left21.hk
*.lemonde.fr
*.lesoir.be
*.letscorp.net
*.libertytimes.com.tw
*.libreoffice.org
*.life.com.tw
*.limbopro.xyz
*.lineageosrom.com
*.line-scdn.net
*.linkbucks.com
*.listhub.net
*.liuxiaobo.net
*.liveleak.com
*.livestation.com
*.livestream.com
*.localpresshk.com
*.lockerz.com
*.lolbin.net
*.loli.net
*.longhair.hk
*.lookpic.com
*.loved.hk
*.lrip.org
*.lsd.org.hk
*.lsj1080.cc
*.lsj1080.net
*.lsj1080.tv
*.ltn.com.tw
*.lvv2.com
*.mail-archive.com
*.maiplus.com
*.malaymail.com
*.malaysiakini.com
*.matters.news
*.mattwilcox.net
*.medium.com
*.mefeedia.com
*.memehk.com
*.merit-times.com
*.merit-times.com.tw
*.merlinblog.xyz
*.metrolife.ca
*.metroradio.com.hk
*.microad.jp
*.minghui.org
*.mingjinglishi.com
*.mingjingnews.com
*.mingpaonews.com
*.mingshengbao.com
*.minnano-av.com
*.minus.com
*.minzhuzhongguo.org
*.mirrorbooks.com
*.mitbbs.com
*.mkini.net
*.mlxiaoshuo.com
*.mobile01.com
*.mobileways.de
*.mobypicture.com
*.moedict.tw
*.mojim.com
*.mokeedev.com
*.molihua.org
*.mono.ac
*.mono.sh
*.moonbbs.com
*.mozilla.net
*.mp3ye.eu
*.mpfinance.com
*.msguancha.com
*.mtlmp4.com
*.myca168.com
*.mychinanews.com
*.mycnnews.com
*.mycould.com
*.myfreecams.com
*.myfreshnet.com
*.myhd1080.tv
*.myradio.com.hk
*.myradio.hk
*.mysinablog.com
*.nanyang.com
*.nanyangpost.com
*.ncchinesenews.com
*.ndr.de
*.net1.hkbu.edu.hk
*.netgear.com
*.netme.cc
*.network54.com
*.networkedblogs.com
*.newcenturymc.com
*.newcenturynews.com
*.newhighlandvision.com
*.news.hk.msn.com
*.news.pts.org.tw
*.newsancai.com
*.newstapa.org
*.newtaiwan.com.tw
*.newtalk.tw
*.nextdigital.com.hk
*.nextmag.com.tw
*.nextmedia.com
*.ngensis.com
*.nicovideo.jp
*.nobel.se
*.nobelprize.org
*.notepad-plus-plus.org
*.notipage.com
*.nownews.com
*.nps.gov
*.nrk.no
*.ntd.tv
*.ntdtv.com
*.ntdtv-dc.com
*.nuzcom.com
*.nvquan.org
*.nyt.com
*.nytcn.me
*.nyti.ms
*.nytimes.com
*.nytimg.com
*.nytstyle.com
*.observechina.net
*.oclp.hk
*.ogaoga.org
*.oiktv.com
*.olx.com.br
*.on.cc
*.onedrive.live.com
*.onlinestuffs.com
*.open.com.hk
*.opendemocracy.net
*.openstreetmap.org
*.orientaldaily.com.my
*.orientaldaily.on.cc
*.orzhd.com
*.oursogo.com
*.oursteps.com.au
*.outbrain.com
*.ow.ly
*.oyax.com
*.oyou.com.au
*.page2rss.com
*.pageflakes.com
*.panoramio.com
*.pao-pao.net
*.paper.li
*.passiontimes.hk
*.pbwiki.com
*.pbworks.com
*.pcdvd.com.tw
*.pchome.com.tw
*.pcij.org
*.peacehall.com
*.penchinese.org
*.peopo.org
*.perfspot.com
*.pfd.org.hk
*.picpar.com
*.picrar.com
*.piebridge.me
*.pimgs.com
*.pincong.rocks
*.ping.fm
*.pinimg.com
*.pinterest.com
*.piratescreen.com
*.piring.com
*.pixshock.net
*.playno1.com
*.playno1.com.tw
*.popvote.hk
*.popyard.com
*.popyard.org
*.porn.com
*.pornhub.com
*.post852.com
*.posterous.com
*.potatso.com
*.potatsocontent.com
*.powerlinks.com
*.premeforwindows.com
*.prestige-av.com
*.prettyvirgin.com
*.privoxy.org
*.pubu.com.tw
*.qidian.ca
*.qiwen.lu
*.quickpornsearch.com
*.quora.com
*.quoracdn.net
*.qxbbs.org
*.radioaustralia.net.au
*.ranyunfei.com
*.rapbull.net
*.rarbg.to
*.rcinet.ca
*.readingtimes.com.tw
*.rebecca-web.com
*.recovery.org.tw
*.redchinacn.org
*.reddit.com
*.redsquirrel87.com
*.redtube.com
*.reduik.com
*.referer.us
*.relink.us
*.rendsmap.com
*.renminbao.com
*.resilio.com
*.restorehk.com
*.reuters.com
*.reutersmedia.net
*.rfa.org
*.rferl.org
*.rfi.fr
*.rfi.my
*.rghost.net
*.riku.me
*.rmjdw.com
*.rnw.nl
*.rocmp.org
*.roodo.com
*.rsf.org
*.rsf-chinese.org
*.rthk.hk
*.rthk.org.hk
*.rti.org.tw
*.s3.amazonaws.com
*.sadpanda.us
*.sanmin.com.tw
*.sanminjiaoliu.net
*.savemedia.com
*.savetube.com
*.savevid.com
*.saveyoutube.com
*.scdn.co
*.scholarism.com
*.s-dragon.org
*.search.xxx
*.secretchina.com
*.securityinabox.org
*.securitykiss.com
*.sendspace.com
*.setn.com
*.sex.com
*.sexinsex.net
*.shadow.ma
*.shadowgov.tw
*.shadowsocks.org
*.sharenxs.com
*.sharpdaily.com
*.sharpdaily.tw
*.sherrychan.net
*.shizhao.org
*.shr.lc
*.shutterstock.com
*.sinaapp.co
*.singtao.com
*.sinomontreal.ca
*.sinoquebec.com
*.sis001.com
*.sitebro.tw
*.six-degrees.io
*.slideshare.net
*.smh.com.au
*.smhric.org
*.soduso.com
*.softether-download.com
*.sohcradio.com
*.sondelespoir.org
*.sonidodelaesperanza.org
*.sougouwiki.com
*.soundofhope.co.kr
*.soundofhope.kr
*.soundofhope.org
*.soup-dev.com
*.sourceforge.net
*.southnews.com.tw
*.spankwire.com
*.spotify.com
*.spring4u.info
*.ssr.tools
*.startpage.com
*.static-file.com
*.steemit.com
*.stgloballink.com
*.stickeraction.com
*.stimme-de.de
*.stooorage.com
*.storify.com
*.storm.mg
*.stormmediagroup.com
*.strongvpn.com
*.stumbleupon.com
*.stupidvideos.com
*.sucuri.net
*.sugarsync.com
*.sun1911.com
*.supersu.com
*.swagbucks.com
*.sydneytoday.com
*.t.co
*.t.me
*.t66y.com
*.taaze.tw
*.tahr.org.tw
*.taiwandaily.net
*.taiwanus.net
*.talkonly.net
*.tampermonkey.net
*.tantannews.com
*.tavis.tw
*.tca.org.tw
*.tdesktop.com
*.techinasia.com
*.technorati.com
*.telegra.ph
*.telegram.me
*.telegram.org
*.telesco.pe
*.tenacy.com
*.tenacy-free.com
*.theblaze.com
*.thebobs.com
*.theepochtimes.com
*.thefrontier.hk
*.theglobalmail.org
*.theguardian.com
*.thehousenews.com
*.theinitium.com
*.thenewslens.com
*.the-sun.on.cc
*.thetibetpost.com
*.thetimenow.com
*.thinkingtaiwan.com
*.thisav.com
*.tiananmenduizhi.com
*.tiananmenmother.org
*.tiananmenuniv.com
*.tiananmenuniv.net
*.tibet.net
*.time.com
*.timer-tab.com
*.tiny.cc
*.tinychat.com
*.tmagazine.com
*.tmu.edu.tw
*.tokyocn.com
*.topcoo.com
*.topsy.com
*.torrentcrazy.com
*.torrentkitty.com
*.trackon.org
*.transformativeworks.org
*.transparency.org
*.trendsmap.com
*.trib.al
*.trouw.nl
*.trtc.com.tw
*.trueimages.ru
*.truveo.com
*.tsquare.tv
*.tsu.org.tw
*.tube8.com
*.tuiyun.net
*.tumblr.com
*.tv.com
*.tvboxnow.com
*.twbbs.org
*.twbbs.tw
*.tweetdeck.com
*.tweettunnel.com
*.tweez.net
*.twgreatdaily.com
*.twicsy.com
*.twilk.com
*.twimg.com
*.twipple.jp
*.twitchtv.com
*.twitiq.com
*.twitpic.com
*.twitter.com
*.twitterfeed.com
*.twittergadget.com
*.twitterknowhow.com
*.twitvid.com
*.twitvid.com.edgesuite.net
*.twiyia.com
*.twtrland.com
*.ucdc1998.org
*.udn.com
*.udn.com.tw
*.ugo.com
*.uhrp.org
*.uighurbiz.net
*.ulifestyle.com.hk
*.ultrareach.com
*.unblock.cn.com
*.uncyclopedia.tw
*.upmedia.mg
*.uproxy.org
*.ustream.tv
*.utorrent.com
*.uwants.com
*.uyghuramerican.org
*.uyghurpress.com
*.uyl.me
*.v2ex.com
*.van698.com
*.vaticanradio.org
*.vdonext.com
*.velkaepocha.sk
*.venchina.com
*.veoh.com
*.vevo.com
*.viber.com
*.video.pbs.org
*.vietdaikynguyen.com
*.vinmusic.com
*.visiontimes.ca
*.vjmedia.com.hk
*.vocus.cc
*.vot.org
*.vox-cdn.com
*.vpngate.jp
*.vpngate.net
*.vpnxunlu.com
*.wahas.com
*.wanglixiong.com
*.want-daily.com
*.watchzerg.com
*.watorrent.org
*.wattpad.com
*.wdf5.com
*.wearn.com
*.web.pts.org.tw
*.weblagu.com
*.websitepulse.com
*.webwarper.net
*.wegfw.com
*.weibosuite.com
*.weijingsheng.org
*.weiquanwang.org
*.wengewang.org
*.wenxuecity.com
*.westca.com
*.westkit.net
*.wetransfer.com
*.whattalking.com
*.whogovernstw.org
*.whotalking.com
*.wi-gadget.com
*.wikia.com
*.wikia.net
*.wikia.nocookie.net
*.wikia-beacon.com
*.wikileaks.org
*.wikilivres.ca
*.wiztechnologies.jp
*.wn.com
*.woolyss.com
*.worldcat.org
*.worldjournal.com
*.wp.com
*.wp.me
*.wrchina.org
*.wretch.cc
*.wuala.com
*.wuerkaixi.com
*.wujie.net
*.wujieliulan.com
*.wwitv.com
*.xanga.com
*.xbookcn.net
*.xhamster.com
*.xiaochuncnjp.com
*.xinmiao.com.hk
*.xinyubbs.net
*.xiti.com
*.xizang-zhiye.org
*.xjp.cc
*.xn--fiq681d48s.org
*.xpics.us
*.xtube.com
*.xuehua.us
*.xunluvpn.com
*.xvideos.com
*.xvideos-field5.com
*.xvideosmatome.net
*.xys.org
*.yamedia.tw
*.yasni.co.uk
*.ycp.hk
*.yfrog.com
*.yhritw.org
*.yibaochina.com
*.yidio.com
*.yorkbbs.ca
*.you2go.me
*.youjizz.com
*.youmaker.com
*.youporn.com
*.youthwant.com.tw
*.youtu.be
*.youtube.com
*.youtubeinmp3.com
*.yowindow.com
*.ytimg.com
*.yzzk.com
*.zhengjian.org
*.zhenlibu1984.com
*.zhongzilou.com
*.zhoushuguang.com
*.zinio.com
*.zlvc.net
*.zlvc.net.he2.aqb.so
*.zomobo.net
*.zorpia.com
*.zuo.la
*.zuobiao.me
*.zuola.com
*.zxing.org
*.zyzc.greatzhonghua.org
.cdninstagram.com
.myhd1080.com
\bhttp://(.[^/])*\.*\bdelicious\.com/
^http://search\.aol\.com/
184.154.128.246
75.119.209.87
ad.dmm.com
addons-amo.cdn.mozilla.net
bbs.51.ca
bufferapp.com
c.statcounter.com
cdn.media.abc.com
cdn.rawgit.com
cdn.viafoura.net
cdns.gigya.com
chinese.engadget.com
community.emc.com
dl.xda-developers.com
download.documentfoundation.org
download.lineageos.org
download.tuxfamily.org
downloadap1.teamviewer.com
download-cdn.resilio.com
forum.gamer.com.tw
forum.games.hinet.net
fpdownload.macromedia.com
ftp.mozilla.org
hcd-1.imgbox.com
hk03dl.com
HostRegex: ^((.+\.c\.doc-0-0-sj\.|)sj|ci\d{1,2}|oauth|webcache|\d-ps|uds|producer|lh\d|s\d|.+-opensocial|clients\d|translate|mail-attachment|.+-docs)\.googleusercontent\.com$
HostRegex: ^((id|scholar|news|accounts|adwords|books|images|khms\d|www|blogsearch|cse|encrypted|m|translate)\.|)google\.(^|com\.af|com\.ag|com\.ai|co\.ao|com\.ar|com\.au|com\.bd|com\.bh|com\.bn|com\.bo|com\.br|co\.bw|com\.bz|co\.ck|com\.co|co\.cr|com\.cu|com\.cy|com\.do|com\.ec|com\.eg|com\.et|com\.fj|com\.gh|com\.gi|com\.gt|com\.hk|co\.id|co\.il|co\.in|com\.jm|co\.jp|co\.ke|com\.kh|co\.kr|com\.kw|com\.lb|co\.ls|com\.ly|co\.ma|com\.mm|com\.mt|com\.mx|com\.my|co\.mz|com\.na|com\.nf|com\.ng|com\.ni|com\.np|co\.nz|com\.om|com\.pa|com\.pe|com\.pg|com\.ph|com\.pk|com\.pr|com\.py|com\.qa|com\.sa|com\.sb|com\.sg|com\.sl|com\.sv|co\.th|com\.tj|com\.tr|com\.tw|co\.tz|com\.ua|co\.ug|co\.uk|com\.uy|co\.uz|com\.vc|co\.ve|co\.vi|com\.vn|co\.za|co\.zm|co\.zw|cat|ad|ae|al|am|as|at|az|ba|be|bf|bg|bi|bj|bs|bt|by|ca|cd|cf|cg|ch|ci|cl|cm|com|cv|cz|de|dj|dk|dm|dz|ee|es|fi|fm|fr|ga|ge|gg|gl|gm|gp|gr|gy|hn|hr|ht|hu|ie|im|iq|is|it|je|jo|kg|ki|kz|la|li|lk|lt|lu|lv|md|me|mg|mk|ml|mn|ms|mu|mv|mw|ne|nl|no|nr|nu|pl|pn|ps|pt|ro|rs|ru|rw|sc|se|sh|si|sk|sm|sn|so|sr|st|td|tg|tk|tl|tm|tn|to|tt|vg|vu|ws|jp|tw|hk)$
HostRegex: ^((uploads\.|)code(|\.l)|.*\bdocs|doc|.*\bdrive|play|plus|plus\.url|buzz|profiles|mail|apis|support|wallet|checkout|talkgadget|appengine|store|security|myaccount|chrome|contacts|safebrowsing(|-cache|\.clients)|calendar|clients\d|mt(|s)\d|picasa\w*|sites|fusion|reader|feed\w*|input|research|inbox|mw\d|gg|peering|events|fit|tools|music|on|photo(|s))\.google\.com$
HostRegex: ^(daily|)news\.sina\.com(\.(hk|tw)|)$
HostRegex: ^(feedproxy|feedburner|hangouts|keep)\.google\.com$
HostRegex: ^(maps|www|translate|plus|ajax|mts\d|commondatastorage|chart|storage|fonts)\.googleapis\.com$
HostRegex: ^(skins|www(|\.ig))\.gmodules\.com$
HostRegex: ^(space|bbs)\.qoos\.com$
HostRegex: ^.*\b(blogger|blogspot)\.(^|com\.af|com\.ag|com\.ai|co\.ao|com\.ar|com\.au|com\.bd|com\.bh|com\.bn|com\.bo|com\.br|co\.bw|com\.bz|co\.ck|com\.co|co\.cr|com\.cu|com\.cy|com\.do|com\.ec|com\.eg|com\.et|com\.fj|com\.gh|com\.gi|com\.gt|com\.hk|co\.id|co\.il|co\.in|com\.jm|co\.jp|co\.ke|com\.kh|co\.kr|com\.kw|com\.lb|co\.ls|com\.ly|co\.ma|com\.mm|com\.mt|com\.mx|com\.my|co\.mz|com\.na|com\.nf|com\.ng|com\.ni|com\.np|co\.nz|com\.om|com\.pa|com\.pe|com\.pg|com\.ph|com\.pk|com\.pr|com\.py|com\.qa|com\.sa|com\.sb|com\.sg|com\.sl|com\.sv|co\.th|com\.tj|com\.tr|com\.tw|co\.tz|com\.ua|co\.ug|co\.uk|com\.uy|co\.uz|com\.vc|co\.ve|co\.vi|com\.vn|co\.za|co\.zm|co\.zw|cat|ad|ae|al|am|as|at|az|ba|be|bf|bg|bi|bj|bs|bt|by|ca|cd|cf|cg|ch|ci|cl|cm|com|cv|cz|de|dj|dk|dm|dz|ee|es|fi|fm|fr|ga|ge|gg|gl|gm|gp|gr|gy|hn|hr|ht|hu|ie|im|iq|is|it|je|jo|kg|ki|kz|la|li|lk|lt|lu|lv|md|me|mg|mk|ml|mn|ms|mu|mv|mw|ne|nl|no|nr|nu|pl|pn|ps|pt|ro|rs|ru|rw|sc|se|sh|si|sk|sm|sn|so|sr|st|td|tg|tk|tl|tm|tn|to|tt|vg|vu|ws|jp|tw|hk|sg)$
HostRegex: ^.*\b(scmp(chinese|)|nanzao)\.com$
HostRegex: ^.*\balanleong\.(net|com)$
HostRegex: ^.*\bappledaily\.com(|\.(tw|hk))$
HostRegex: ^.*\bavlang\d+\.com$
HostRegex: ^.*\bbbc(i|)\.co\.uk$
HostRegex: ^.*\bbbc\.(com|in)$
HostRegex: ^.*\bbeacons(|\d)\.gvt2\.com$
HostRegex: ^.*\bbloomberg\.(com|(i|c)n)$
HostRegex: ^.*\bcdp(|2006|wu|site|1998)\.org$
HostRegex: ^.*\bdwnews\.(com|net(:\d+|))$
HostRegex: ^.*\bepoch(times(-romania|tr|-bg)|tw|hk)\.com$
HostRegex: ^.*\bepochtimes\.(com\.(tw|hk|ua)|com|fr|de|co\.(il|kr)|jp|ru|it|se)$
HostRegex: ^.*\bg(nci|cc)\.org\.hk$
HostRegex: ^.*\bgardennetworks\.(org|com)$
HostRegex: ^.*\bgreatroc\.(tw|org)$
HostRegex: ^.*\bkagoya\.(net|jp)$
HostRegex: ^.*\bkanzhongguo\.(com(\.au|)|eu)$
HostRegex: ^.*\bmingpao(|ny|tor|van|canada|news|monthly)\.com$
HostRegex: ^.*\bnext(tv|vod)\.com\.tw$
HostRegex: ^.*\bntdtv(|-dc)\.com$
HostRegex: ^.*\bthepiratebay\.(s(e|x)|org)$
HostRegex: ^.*\bthywords\.com(|\.tw)$
HostRegex: ^.*\bvoa(fanti|chinese|cantonese|tibetan(|english))\.com$
HostRegex: ^.*\bvoanews\.(com|eu)$
HostRegex: ^.*\bwsj\.(com|net)$
HostRegex: ^.*\byoutube\.(^|com\.af|com\.ag|com\.ai|co\.ao|com\.ar|com\.au|com\.bd|com\.bh|com\.bn|com\.bo|com\.br|co\.bw|com\.bz|co\.ck|com\.co|co\.cr|com\.cu|com\.cy|com\.do|com\.ec|com\.eg|com\.et|com\.fj|com\.gh|com\.gi|com\.gt|com\.hk|co\.id|co\.il|co\.in|com\.jm|co\.jp|co\.ke|com\.kh|co\.kr|com\.kw|com\.lb|co\.ls|com\.ly|co\.ma|com\.mm|com\.mt|com\.mx|com\.my|co\.mz|com\.na|com\.nf|com\.ng|com\.ni|com\.np|co\.nz|com\.om|com\.pa|com\.pe|com\.pg|com\.ph|com\.pk|com\.pr|com\.py|com\.qa|com\.sa|com\.sb|com\.sg|com\.sl|com\.sv|co\.th|com\.tj|com\.tr|com\.tw|co\.tz|com\.ua|co\.ug|co\.uk|com\.uy|co\.uz|com\.vc|co\.ve|co\.vi|com\.vn|co\.za|co\.zm|co\.zw|cat|ad|ae|al|am|as|at|az|ba|be|bf|bg|bi|bj|bs|bt|by|ca|cd|cf|cg|ch|ci|cl|cm|cn|com|cv|cz|de|dj|dk|dm|dz|ee|es|fi|fm|fr|ga|ge|gg|gl|gm|gp|gr|gy|hn|hr|ht|hu|ie|im|iq|is|it|je|jo|kg|ki|kz|la|li|lk|lt|lu|lv|md|me|mg|mk|ml|mn|ms|mu|mv|mw|ne|nl|no|nr|nu|pl|pn|ps|pt|ro|rs|ru|rw|sc|se|sh|si|sk|sm|sn|so|sr|st|td|tg|tk|tl|tm|tn|to|tt|vg|vu|ws|jp|tw|hk)$
HostRegex: ^38\.103\.161\.\d{1,3}$
images.secdns.com
international.sueddeutsche.de
irs0.4sqi.net
libs.pixfs.net
mirrorbits.lineageos.org
pds.nasa.gov
pics.dmm.co.jp
plaza.jp.rakuten-static.com
s1.pir.fm
sendtokindle.amazon.cn
support.mozilla.org
times.hinet.net
torrent.ubuntu.com
tweets.seraph.me
twimg.edgesuite.net
UrlRegex: ^http(|s)://(.[^/])*\.*\bak\.live\.cntv\.cn/z/
UrlRegex: ^http(|s)://\d+\.client-channel\.google\.com/client-channel/js/
UrlRegex: ^http(|s)://windows\.microsoft\.com/.*/windows/themes
UrlRegex: ^http://(.[^/])*\.*\b(home|forum)\.gamer\.com\.tw
UrlRegex: ^http://(.[^/])*\.*\b(news|blog)\.cnyes\.com/
UrlRegex: ^http://(.[^/])*\.*\b(news|popblog)\.tvbs\.com\.tw/
UrlRegex: ^http://(.[^/])*\.*\b(showbiz|forum|news|cling)\.omy\.sg/
UrlRegex: ^http://(.[^/])*\.*\b(trans|blog)wenweipo\.com/
UrlRegex: ^http://(.[^/])*\.*\b2o7\.net/
UrlRegex: ^http://(.[^/])*\.*\b881903\.com/Page/ZH-TW/index
UrlRegex: ^http://(.[^/])*\.*\ba164\.edgecastcdn\.net/
UrlRegex: ^http://(.[^/])*\.*\badsbro\.com/
UrlRegex: ^http://(.[^/])*\.*\baolnews\.com/
UrlRegex: ^http://(.[^/])*\.*\bapi\.i\.pixnet\.cc/
UrlRegex: ^http://(.[^/])*\.*\barchive\.is/
UrlRegex: ^http://(.[^/])*\.*\barchive\.org/
UrlRegex: ^http://(.[^/])*\.*\bavast\.com/
UrlRegex: ^http://(.[^/])*\.*\bbitly\.com/
UrlRegex: ^http://(.[^/])*\.*\bbitsnoop\.com/
UrlRegex: ^http://(.[^/])*\.*\bblog\.livedoor\.jp/
UrlRegex: ^http://(.[^/])*\.*\bblogsys\.jp/
UrlRegex: ^http://(.[^/])*\.*\bbluekai.com/
UrlRegex: ^http://(.[^/])*\.*\bbtdigg.org/
UrlRegex: ^http://(.[^/])*\.*\bbuzzhand\.com/
UrlRegex: ^http://(.[^/])*\.*\bcable(v|news)\.i-cable\.com/
UrlRegex: ^http://(.[^/])*\.*\bchange\.org/
UrlRegex: ^http://(.[^/])*\.*\bchapm25\.com/
UrlRegex: ^http://(.[^/])*\.*\bchartbeat\.net/
UrlRegex: ^http://(.[^/])*\.*\bcloudflare\.com/
UrlRegex: ^http://(.[^/])*\.*\bcloudfront\.net/
UrlRegex: ^http://(.[^/])*\.*\bclustrmaps.com/
UrlRegex: ^http://(.[^/])*\.*\bcrwdcntrl\.net/
UrlRegex: ^http://(.[^/])*\.*\bcxense.com/
UrlRegex: ^http://(.[^/])*\.*\bdisqus\.com/
UrlRegex: ^http://(.[^/])*\.*\bdowjoneson.com/
UrlRegex: ^http://(.[^/])*\.*\bdropbox\.com/
UrlRegex: ^http://(.[^/])*\.*\bdropboxusercontent\.com/
UrlRegex: ^http://(.[^/])*\.*\bduckduckgo\.com/
UrlRegex: ^http://(.[^/])*\.*\bdxtl\.net/
UrlRegex: ^http://(.[^/])*\.*\bdynamicyield\.com/
UrlRegex: ^http://(.[^/])*\.*\bensighten\.com/
UrlRegex: ^http://(.[^/])*\.*\beslite\.com/product
UrlRegex: ^http://(.[^/])*\.*\bfeedly\.com/
UrlRegex: ^http://(.[^/])*\.*\bflip\.it/
UrlRegex: ^http://(.[^/])*\.*\bfout.jp/
UrlRegex: ^http://(.[^/])*\.*\bgetemoji\.com/cdn-cgi/pe/
UrlRegex: ^http://(.[^/])*\.*\bgetpocket\.com/
UrlRegex: ^http://(.[^/])*\.*\bgooglesyndication\.com/
UrlRegex: ^http://(.[^/])*\.*\bhaxx\.se/
UrlRegex: ^http://(.[^/])*\.*\bhkxforce\.net/wordpress/
UrlRegex: ^http://(.[^/])*\.*\bhootsuite\.com/
UrlRegex: ^http://(.[^/])*\.*\bimage\.blozoo\.info/
UrlRegex: ^http://(.[^/])*\.*\bimgur\.com/
UrlRegex: ^http://(.[^/])*\.*\bimrworldwide.com/
UrlRegex: ^http://(.[^/])*\.*\binstagram\.com/
UrlRegex: ^http://(.[^/])*\.*\bkakao\.com/
UrlRegex: ^http://(.[^/])*\.*\bkrxd\.net/
UrlRegex: ^http://(.[^/])*\.*\bksnews\.com\.tw/
UrlRegex: ^http://(.[^/])*\.*\blijit\.com/
UrlRegex: ^http://(.[^/])*\.*\bline\.me/
UrlRegex: ^http://(.[^/])*\.*\blongurl\.org/
UrlRegex: ^http://(.[^/])*\.*\bmassrelevance\.com/
UrlRegex: ^http://(.[^/])*\.*\bmediafire\.com/
UrlRegex: ^http://(.[^/])*\.*\bmediawiki\.org/
UrlRegex: ^http://(.[^/])*\.*\bmetrohk\.com\.hk/\?cmd=detail&categoryID=2
UrlRegex: ^http://(.[^/])*\.*\bmoby\.to/
UrlRegex: ^http://(.[^/])*\.*\bmoneydj\.com/(KMDJ|kmdj)
UrlRegex: ^http://(.[^/])*\.*\bmyhd1080\.com/
UrlRegex: ^http://(.[^/])*\.*\bnetsh\.org/
UrlRegex: ^http://(.[^/])*\.*\bnews\.singtao\.ca/
UrlRegex: ^http://(.[^/])*\.*\bnews\.tvb\.com/(local|list/world)
UrlRegex: ^http://(.[^/])*\.*\bnyaa\.se/
UrlRegex: ^http://(.[^/])*\.*\bomtrdc\.net/
UrlRegex: ^http://(.[^/])*\.*\boo-software\.com/
UrlRegex: ^http://(.[^/])*\.*\bopendns\.com/
UrlRegex: ^http://(.[^/])*\.*\bopenx\.net/
UrlRegex: ^http://(.[^/])*\.*\boutbrain\.com/
UrlRegex: ^http://(.[^/])*\.*\bparsely\.com/
UrlRegex: ^http://(.[^/])*\.*\bpastebin\.com/
UrlRegex: ^http://(.[^/])*\.*\bpastie\.org/
UrlRegex: ^http://(.[^/])*\.*\bpixnet\.net/
UrlRegex: ^http://(.[^/])*\.*\bpo\.st/
UrlRegex: ^http://(.[^/])*\.*\bprisacom\.com/
UrlRegex: ^http://(.[^/])*\.*\bpsiphon\.ca/
UrlRegex: ^http://(.[^/])*\.*\bpsiphon3\.com/
UrlRegex: ^http://(.[^/])*\.*\bptt\.cc/
UrlRegex: ^http://(.[^/])*\.*\bpuffstore\.com/
UrlRegex: ^http://(.[^/])*\.*\bquantserve\.com/
UrlRegex: ^http://(.[^/])*\.*\breferer\.pixplug\.in/
UrlRegex: ^http://(.[^/])*\.*\brevsci\.net/
UrlRegex: ^http://(.[^/])*\.*\bscribd\.com/
UrlRegex: ^http://(.[^/])*\.*\bsharethis\.com/
UrlRegex: ^http://(.[^/])*\.*\bsinchew(|-i)\.com(|\.my)/node
UrlRegex: ^http://(.[^/])*\.*\bsitemeter\.com/
UrlRegex: ^http://(.[^/])*\.*\bsmarturl\.it/
UrlRegex: ^http://(.[^/])*\.*\bstarboard-pro\.com/
UrlRegex: ^http://(.[^/])*\.*\bstatic-file\.com/shared/upload/video/.*0604
UrlRegex: ^http://(.[^/])*\.*\btalkboxapp.com/
UrlRegex: ^http://(.[^/])*\.*\btenmax\.io/
UrlRegex: ^http://(.[^/])*\.*\bthestandnews\.com
UrlRegex: ^http://(.[^/])*\.*\btokyo-hot\.com/
UrlRegex: ^http://(.[^/])*\.*\btorproject\.org/
UrlRegex: ^http://(.[^/])*\.*\btorrentproject.se/
UrlRegex: ^http://(.[^/])*\.*\btorrentz\.eu/
UrlRegex: ^http://(.[^/])*\.*\btraffic\.alexa\.com/
UrlRegex: ^http://(.[^/])*\.*\btumblr\.com
UrlRegex: ^http://(.[^/])*\.*\btumutanzi\.com/
UrlRegex: ^http://(.[^/])*\.*\btynt.com/
UrlRegex: ^http://(.[^/])*\.*\budnbkk\.com/(article|bbs)
UrlRegex: ^http://(.[^/])*\.*\bus\d+\.gigya\.com/
UrlRegex: ^http://(.[^/])*\.*\bvideo\.ap\.org/
UrlRegex: ^http://(.[^/])*\.*\bvimeo\.com/
UrlRegex: ^http://(.[^/])*\.*\bviss\.me/
UrlRegex: ^http://(.[^/])*\.*\bvisualrevenue\.com/
UrlRegex: ^http://(.[^/])*\.*\bwebtrendslive\.com/
UrlRegex: ^http://(.[^/])*\.*\bwhoer\.net/check\?host=
UrlRegex: ^http://(.[^/])*\.*\bwiki(source|quote|books|news|voyage|versity|data|media|pedia)\.org/
UrlRegex: ^http://(.[^/])*\.*\bwikimediafoundation\.org/
UrlRegex: ^http://(.[^/])*\.*\bwiktionary\.org/
UrlRegex: ^http://(.[^/])*\.*\bwoopra\.com/
UrlRegex: ^http://(.[^/])*\.*\bwordpress\.com/
UrlRegex: ^http://(.[^/])*\.*\bwzyboy\.im/
UrlRegex: ^http://(.[^/])*\.*\bxing\.com/
UrlRegex: ^http://(.[^/])*\.*\byahoo\.(com|com\.(hk|tw)|co\.jp)/
UrlRegex: ^http://(.[^/])*\.*\byandex\.ru/
UrlRegex: ^http://(.[^/])*\.*\byoutu\.be/
UrlRegex: ^http://(.[^/])*\.*\bzedo\.com/asw/
UrlRegex: ^http://(library|mjlsh)\.usc\.cuhk\.edu\.hk/
UrlRegex: ^http://66\.147\.244\.112/~hchinaor/
UrlRegex: ^http://67\.220\.92\.\d+/
UrlRegex: ^http://ad\.tagtoo\.co/
UrlRegex: ^http://adadvisor\.net/
UrlRegex: ^http://ads\.contextweb\.com/TagPublish/
UrlRegex: ^http://adsense\.scupio\.com/ADPInline/
UrlRegex: ^http://api\.microsofttranslator\.com/
UrlRegex: ^http://api-public\.addthis\.com/url/
UrlRegex: ^http://b\.scorecardresearch\.com/
UrlRegex: ^http://bbs\.cantonese\.asia/
UrlRegex: ^http://bdaz\.adsfactor\.net/
UrlRegex: ^http://bgp\.he\.net/
UrlRegex: ^http://bs\.serving-sys\.com/BurstingPipe/
UrlRegex: ^http://ca\.pcrookie\.net/blog_images/
UrlRegex: ^http://cdn\.unwire\.hk/wp-content/uploads/.*(WordPress|www\.youtube\.com)
UrlRegex: ^http://chinese\.irib\.ir/index\.php/2010-07-25-10-42-26/
UrlRegex: ^http://citytalk\.tw/event
UrlRegex: ^http://cn\.last\.fm/facebook/
UrlRegex: ^http://cpms\.now\.com/cpms/
UrlRegex: ^http://data\.inskinmedia\.com/trackports/rep/base/
UrlRegex: ^http://dmp\.doublemax\.net/
UrlRegex: ^http://edigitalsurvey\.com/
UrlRegex: ^http://e-zone\.com\.hk/discuz
UrlRegex: ^http://fileserve\.com/file
UrlRegex: ^http://findbook\.tw/book
UrlRegex: ^http://forum\.xinbao\.de/forum
UrlRegex: ^http://hkupop\.hku\.hk/chinese/
UrlRegex: ^http://humanities\.uchicago\.edu/faculty/ywang/history
UrlRegex: ^http://img\.readitlater\.com/i/
UrlRegex: ^http://news\.now\.com/home
UrlRegex: ^http://news\.tagtoo\.co/site_media/plugin/nownews_tagtoo_plugin\.js
UrlRegex: ^http://p\.typekit\.net/
UrlRegex: ^http://r\.skimresources\.com/api/
UrlRegex: ^http://rapidgator\.net/file/
UrlRegex: ^http://seehua\.com/node/
UrlRegex: ^http://servedby\.flashtalking\.com/
UrlRegex: ^http://tas-hk\.toboads\.com/js/
UrlRegex: ^http://track\.tagtoo\.co/
UrlRegex: ^http://u\.scupio\.com/
UrlRegex: ^http://v?\.moatads\.com/
UrlRegex: ^http://wiki\.moegirl\.org/
UrlRegex: ^http://www\.blog(cdn|smithmedia)\.com/chinese\.engadget\.com/
UrlRegex: ^http://www\.chinasmile\.net/csnews/
UrlRegex: ^http://www\.greenpeace\.org/
UrlRegex: ^http://www\.kwcg\.ca/forum
UrlRegex: ^http://www\.linkedin\.com/countserv/count/
UrlRegex: ^http://www\.manictime\.com/setup/
UrlRegex: ^http://www\.marxists\.org/chinese
UrlRegex: ^https://(.[^/])*\.*\baddthis\.com/
UrlRegex: ^https://(.[^/])*\.*\barchive\.is/
UrlRegex: ^https://(.[^/])*\.*\barchive\.org/
UrlRegex: ^https://(.[^/])*\.*\bbtdigg\.org/
UrlRegex: ^https://(.[^/])*\.*\bchange\.org/
UrlRegex: ^https://(.[^/])*\.*\bcloudflare\.com/
UrlRegex: ^https://(.[^/])*\.*\bcloudfront\.net/
UrlRegex: ^https://(.[^/])*\.*\bdropbox\.com/
UrlRegex: ^https://(.[^/])*\.*\bduckduckgo\.com/
UrlRegex: ^https://(.[^/])*\.*\bfeedly\.com/
UrlRegex: ^https://(.[^/])*\.*\bgetpocket\.com/
UrlRegex: ^https://(.[^/])*\.*\bhootsuite\.com/
UrlRegex: ^https://(.[^/])*\.*\binstagram.com/
UrlRegex: ^https://(.[^/])*\.*\bmassrelevance\.com/
UrlRegex: ^https://(.[^/])*\.*\bmediawiki\.org/
UrlRegex: ^https://(.[^/])*\.*\bonebitbug\.me/
UrlRegex: ^https://(.[^/])*\.*\bopendns\.com/
UrlRegex: ^https://(.[^/])*\.*\bpastebin\.com/
UrlRegex: ^https://(.[^/])*\.*\bpsiphon\.ca/
UrlRegex: ^https://(.[^/])*\.*\bpsiphon3\.com/
UrlRegex: ^https://(.[^/])*\.*\bptt\.cc/
UrlRegex: ^https://(.[^/])*\.*\bscribd\.com/
UrlRegex: ^https://(.[^/])*\.*\bsharethis\.com/
UrlRegex: ^https://(.[^/])*\.*\bsitemeter\.com/
UrlRegex: ^https://(.[^/])*\.*\bthestandnews\.com/
UrlRegex: ^https://(.[^/])*\.*\btorproject\.org/
UrlRegex: ^https://(.[^/])*\.*\btorrentz\.eu/
UrlRegex: ^https://(.[^/])*\.*\bvimeo\.com/
UrlRegex: ^https://(.[^/])*\.*\bwiki(source|quote|books|news|voyage|versity|data|media|pedia)\.org/
UrlRegex: ^https://(.[^/])*\.*\bwikimediafoundation\.org/
UrlRegex: ^https://(.[^/])*\.*\bwiktionary\.org/
UrlRegex: ^https://(.[^/])*\.*\bwordpress\.com/
UrlRegex: ^https://(.[^/])*\.*\bxing\.com/
UrlRegex: ^https://(.[^/])*\.*\byahoo\.(com|com\.(hk|tw)|co\.jp)/
UrlRegex: ^https://www\.gstatic\.cn/onebox/weather/
UrlRegex: ^https://www\.wireshark\.org/
vlog.xuite.net
wenda.google.com.hk
wikipedia.org
woeser.middle-way.net
www.asus.com
www.blockedinchina.net
www.hbogo.com
www.melauto.it
www.resilio.com
www.savetube.com
www.teamviewer.com
yuming.flnet.org
*.kkbox.com
*.c555.me
*.abc.net.au
www.moneymanagerex.org
*.c700.me
*.tunemymusic.com
*.pixnet.net
*.showmore.com
*.socpk.com
*.imgur.com
*.applealmond.com
*.c996.me
*.x996.me
*.navismithapis-cdn.com
*.hxmmdd.com
*.uc555.me
*.x000.me
*.careerengine.us
*.z-lib.org
*.zlibcdn.com
*.zlibcdn2.com
*.jp1lib.org
*.luckydesigner.space
*.ifixit.com
*.ujjainyoga.com
*.uc555.me
*.x666x.me
*.duolingo.com
*.im.ge
*.weiming.info
*.ctext.org
*.zhangsn.me
*.gamemale.com
*.gstatic.com
*.doubleclick.net
*.ahhhhfs.com
*.gstatic.com
*.x888x.me
*.bing.com
*.mirror.xyz
*.ikoolcore.com
*.x222x.me
*.fengzg.net
*.commonhealth.com.tw
*.pdf24.org
*.dmm-extension.com
*.p-smith.com
*.dmm.co.jp
*.dmm.com
*.360yield.com
sslwidget.criteo.com
*.x555x.me
*.qnap.com
*.m1080.com
*.hostloc.com
*.x333x.me
*.daum.net
*.githubassets.com
*.free.com.tw
*.yimg.com
*.wikihow.com
*.x567x.me
*.dropboxstatic.com
*.uukanshu.com
*.crifan.com
*.ipsw.me
*.pacom.mil
*.ai1080.art
*.ab8080.vip
*.cc12345.vip
*.apkpure.com
*apkmonk.com
*.uscardforum.com
*.kmuh.org.tw
*.aaag.me
*.extrabux.com
*.docker.com
*.webpkgcache.com
cdn.cookielaw.org
image.winudf.com
familyclic.hk
*.hklii.hk
*.vercel.app
www.onenote.com
*.ccgga.me
*.ibbb.me
*.caaba.me
*.r3sub.com
*.oaistatic.com
*.4sqi.net
*.ghgo.xyz
*.fanmingming.com
*.csp.withgoogle.com
*.redd.it
*.redditspace.com
*.redditmedia.com
*.xn--sss604efuw.top
*.javrate.com
*.fontawesome.com
*.eroimg.net
*.eroterest.net
*.missav.com
*.googletagmanager.com
*.kakao.com
*.kakaocorp.com
*.bluesky-soft.com
*.b-cdn.net
copilot.microsoft.com
*.z-lib.io
*.z-lib.id
*.jnn-pa.googleapis.com
*.firebaseinstallations.googleapis.com
*.firebase.googleapis.com
*.hxmmdd.com
*.heqrmudv.site
*.translate.goog
*.bahamut.com.tw
*.speedtest.net
assets.msn.cn
*.hjwzw.com
*.bg3.co
*.x.com
*.xhd.tw
*.softonic.cn
*.exifedit.com
*.imgfor80.me
*.chatgpt.com
*.openai.com


================================================
FILE: dns.routes
================================================
223.5.5.5/32
223.6.6.6/32
2400:3200::1/128
2400:3200:baba::1/128
119.29.29.29/32
119.28.28.28/32
1.12.12.12/32
120.53.53.53/32
2402:4e00::/128
2402:4e00:1::/128
180.76.76.76/32
2400:da00::6666/128
114.114.114.114/32
114.114.115.115/32
180.184.1.1/32
180.184.2.2/32
101.226.4.6/32
218.30.118.6/32
123.125.81.6/32
140.207.198.6/32
domain:dns.alidns.com
domain:doh.pub
domain:dot.pub
domain:doh.360.cn
domain:dot.360.cn


================================================
FILE: dropbox_fs_fix.patch
================================================
--- /pre_fix/dropbox.py 2019-06-19 03:02:17.000000000 +0800
+++ /after/dropbox.py   2019-07-10 01:31:14.000000000 +0800
@@ -748,6 +748,11 @@
     return newmeth

 def start_dropbox():
+    lib_path = os.path.join(DROPBOX_DIST_PATH, "libdropbox_fs_fix.so")
+    if os.path.exists(lib_path):
+        console_print(u"\ndropbox: load filesystem fix library")
+        os.environ["LD_PRELOAD"] = lib_path
+
     if os.access(DROPBOXD_PATH, os.X_OK):
         f = open("/dev/null", "w")
         # we don't reap the child because we're gonna die anyway, let init do it


================================================
FILE: fcm.hosts
================================================
127.0.0.1           localhost
::1                 localhost


108.177.125.188     mtalk.google.com
64.233.188.188      alt1-mtalk.google.com
74.125.24.188       alt2-mtalk.google.com
74.125.200.188      alt3-mtalk.google.com
173.194.174.188     alt4-mtalk.google.com
172.217.194.188     alt5-mtalk.google.com
142.250.4.188       alt6-mtalk.google.com
142.251.175.188     alt7-mtalk.google.com
108.177.97.188      alt8-mtalk.google.com


2404:6800:4008:c1b::bc  mtalk.google.com
2404:6800:4008:c01::bc  alt1-mtalk.google.com
2404:6800:4008:c02::bc  alt2-mtalk.google.com
2404:6800:4008:c03::bc  alt3-mtalk.google.com
2404:6800:4003:c00::bc  alt4-mtalk.google.com
2404:6800:4008:c07::bc  alt5-mtalk.google.com
2404:6800:4003:c11::bc  alt6-mtalk.google.com
2404:6800:4008:c13::bc  alt7-mtalk.google.com
2404:6800:4008:c19::bc  alt8-mtalk.google.com


================================================
FILE: ffmpeg-let-rtmp-flv-support-hevc-h265-opus.patch
================================================
RTMP Protocol & FLV Encode/Decode Support H.265/HEVC & OPUS

diff --color -uNr a/libavformat/flvdec.c b/libavformat/flvdec.c
--- a/libavformat/flvdec.c	2020-07-11 18:39:30.000000000 +0800
+++ b/libavformat/flvdec.c	2020-12-29 19:24:42.400006406 +0800
@@ -36,6 +36,7 @@
 #include "internal.h"
 #include "avio_internal.h"
 #include "flv.h"
+#include "hevc.h"
 
 #define VALIDATE_INDEX_TS_THRESH 2500
 
@@ -233,6 +234,11 @@
     case FLV_CODECID_PCM_ALAW:
         return apar->sample_rate == 8000 &&
                apar->codec_id    == AV_CODEC_ID_PCM_ALAW;
+    case FLV_CODECID_OPUS:
+        return apar->sample_rate == 48000 &&
+               apar->channels    == 2 &&
+               apar->bits_per_coded_sample == 16 &&
+               apar->codec_id    == AV_CODEC_ID_OPUS;
     default:
         return apar->codec_tag == (flv_codecid >> FLV_AUDIO_CODECID_OFFSET);
     }
@@ -291,6 +297,12 @@
         apar->sample_rate = 8000;
         apar->codec_id    = AV_CODEC_ID_PCM_ALAW;
         break;
+    case FLV_CODECID_OPUS:
+        apar->sample_rate = 48000;
+        apar->channels    = 2;
+        apar->bits_per_coded_sample = 16;
+        apar->codec_id    = AV_CODEC_ID_OPUS;
+        break;
     default:
         avpriv_request_sample(s, "Audio codec (%x)",
                flv_codecid >> FLV_AUDIO_CODECID_OFFSET);
@@ -318,6 +330,8 @@
         return vpar->codec_id == AV_CODEC_ID_VP6A;
     case FLV_CODECID_H264:
         return vpar->codec_id == AV_CODEC_ID_H264;
+    case FLV_CODECID_HEVC:
+        return vpar->codec_id == AV_CODEC_ID_HEVC;
     default:
         return vpar->codec_tag == flv_codecid;
     }
@@ -367,6 +381,11 @@
         par->codec_id = AV_CODEC_ID_MPEG4;
         ret = 3;
         break;
+    case FLV_CODECID_HEVC:
+        par->codec_id = AV_CODEC_ID_HEVC;
+        vstream->need_parsing = AVSTREAM_PARSE_NONE;
+        ret = 3;
+        break;
     default:
         avpriv_request_sample(s, "Video codec (%x)", flv_codecid);
         par->codec_tag = flv_codecid;
@@ -1222,7 +1241,8 @@
 
     if (st->codecpar->codec_id == AV_CODEC_ID_AAC ||
         st->codecpar->codec_id == AV_CODEC_ID_H264 ||
-        st->codecpar->codec_id == AV_CODEC_ID_MPEG4) {
+        st->codecpar->codec_id == AV_CODEC_ID_MPEG4 ||
+        st->codecpar->codec_id == AV_CODEC_ID_HEVC ) {
         int type = avio_r8(s->pb);
         size--;
 
@@ -1231,7 +1251,7 @@
             goto leave;
         }
 
-        if (st->codecpar->codec_id == AV_CODEC_ID_H264 || st->codecpar->codec_id == AV_CODEC_ID_MPEG4) {
+        if (st->codecpar->codec_id == AV_CODEC_ID_H264 || st->codecpar->codec_id == AV_CODEC_ID_MPEG4 || st->codecpar->codec_id == AV_CODEC_ID_HEVC) {
             // sign extension
             int32_t cts = (avio_rb24(s->pb) + 0xff800000) ^ 0xff800000;
             pts = dts + cts;
@@ -1247,7 +1267,7 @@
             }
         }
         if (type == 0 && (!st->codecpar->extradata || st->codecpar->codec_id == AV_CODEC_ID_AAC ||
-            st->codecpar->codec_id == AV_CODEC_ID_H264)) {
+            st->codecpar->codec_id == AV_CODEC_ID_H264 || st->codecpar->codec_id == AV_CODEC_ID_HEVC)) {
             AVDictionaryEntry *t;
 
             if (st->codecpar->extradata) {
diff --color -uNr a/libavformat/flvenc.c b/libavformat/flvenc.c
--- a/libavformat/flvenc.c	2020-07-11 18:39:30.000000000 +0800
+++ b/libavformat/flvenc.c	2020-12-29 19:36:34.543776338 +0800
@@ -34,7 +34,7 @@
 #include "libavutil/opt.h"
 #include "libavcodec/put_bits.h"
 #include "libavcodec/aacenctab.h"
-
+#include "hevc.h"
 
 static const AVCodecTag flv_video_codec_ids[] = {
     { AV_CODEC_ID_FLV1,     FLV_CODECID_H263 },
@@ -46,6 +46,7 @@
     { AV_CODEC_ID_VP6,      FLV_CODECID_VP6 },
     { AV_CODEC_ID_VP6A,     FLV_CODECID_VP6A },
     { AV_CODEC_ID_H264,     FLV_CODECID_H264 },
+    { AV_CODEC_ID_HEVC,     FLV_CODECID_HEVC },
     { AV_CODEC_ID_NONE,     0 }
 };
 
@@ -60,6 +61,7 @@
     { AV_CODEC_ID_PCM_MULAW,  FLV_CODECID_PCM_MULAW  >> FLV_AUDIO_CODECID_OFFSET },
     { AV_CODEC_ID_PCM_ALAW,   FLV_CODECID_PCM_ALAW   >> FLV_AUDIO_CODECID_OFFSET },
     { AV_CODEC_ID_SPEEX,      FLV_CODECID_SPEEX      >> FLV_AUDIO_CODECID_OFFSET },
+    { AV_CODEC_ID_OPUS,       FLV_CODECID_OPUS       >> FLV_AUDIO_CODECID_OFFSET },
     { AV_CODEC_ID_NONE,       0 }
 };
 
@@ -132,6 +134,9 @@
     if (par->codec_id == AV_CODEC_ID_AAC) // specs force these parameters
         return FLV_CODECID_AAC | FLV_SAMPLERATE_44100HZ |
                FLV_SAMPLESSIZE_16BIT | FLV_STEREO;
+    else if (par->codec_id == AV_CODEC_ID_OPUS) // specs force these parameters
+        return FLV_CODECID_OPUS | FLV_SAMPLERATE_44100HZ |
+               FLV_SAMPLESSIZE_16BIT | FLV_STEREO;
     else if (par->codec_id == AV_CODEC_ID_SPEEX) {
         if (par->sample_rate != 16000) {
             av_log(s, AV_LOG_ERROR,
@@ -491,7 +496,7 @@
     FLVContext *flv = s->priv_data;
 
     if (par->codec_id == AV_CODEC_ID_AAC || par->codec_id == AV_CODEC_ID_H264
-            || par->codec_id == AV_CODEC_ID_MPEG4) {
+            || par->codec_id == AV_CODEC_ID_MPEG4 || par->codec_id == AV_CODEC_ID_HEVC) {
         int64_t pos;
         avio_w8(pb,
                 par->codec_type == AVMEDIA_TYPE_VIDEO ?
@@ -537,7 +542,11 @@
             avio_w8(pb, par->codec_tag | FLV_FRAME_KEY); // flags
             avio_w8(pb, 0); // AVC sequence header
             avio_wb24(pb, 0); // composition time
-            ff_isom_write_avcc(pb, par->extradata, par->extradata_size);
+            if (par->codec_id == AV_CODEC_ID_HEVC) {
+                ff_isom_write_hvcc(pb, par->extradata, par->extradata_size, 0);
+            } else {
+                ff_isom_write_avcc(pb, par->extradata, par->extradata_size);
+            }
         }
         data_size = avio_tell(pb) - pos;
         avio_seek(pb, -data_size - 10, SEEK_CUR);
@@ -844,7 +853,7 @@
             AVCodecParameters *par = s->streams[i]->codecpar;
             FLVStreamContext *sc = s->streams[i]->priv_data;
             if (par->codec_type == AVMEDIA_TYPE_VIDEO &&
-                    (par->codec_id == AV_CODEC_ID_H264 || par->codec_id == AV_CODEC_ID_MPEG4))
+                    (par->codec_id == AV_CODEC_ID_H264 || par->codec_id == AV_CODEC_ID_MPEG4 || par->codec_id == AV_CODEC_ID_HEVC))
                 put_avc_eos_tag(pb, sc->last_ts);
         }
     }
@@ -895,13 +904,13 @@
     if (par->codec_id == AV_CODEC_ID_VP6F || par->codec_id == AV_CODEC_ID_VP6A ||
         par->codec_id == AV_CODEC_ID_VP6  || par->codec_id == AV_CODEC_ID_AAC)
         flags_size = 2;
-    else if (par->codec_id == AV_CODEC_ID_H264 || par->codec_id == AV_CODEC_ID_MPEG4)
+    else if (par->codec_id == AV_CODEC_ID_H264 || par->codec_id == AV_CODEC_ID_MPEG4 || par->codec_id == AV_CODEC_ID_HEVC)
         flags_size = 5;
     else
         flags_size = 1;
 
     if (par->codec_id == AV_CODEC_ID_AAC || par->codec_id == AV_CODEC_ID_H264
-            || par->codec_id == AV_CODEC_ID_MPEG4) {
+            || par->codec_id == AV_CODEC_ID_MPEG4 || par->codec_id == AV_CODEC_ID_HEVC) {
         int side_size = 0;
         uint8_t *side = av_packet_get_side_data(pkt, AV_PKT_DATA_NEW_EXTRADATA, &side_size);
         if (side && side_size > 0 && (side_size != par->extradata_size || memcmp(side, par->extradata, side_size))) {
@@ -966,6 +975,10 @@
         if (par->extradata_size > 0 && *(uint8_t*)par->extradata != 1)
             if ((ret = ff_avc_parse_nal_units_buf(pkt->data, &data, &size)) < 0)
                 return ret;
+    } else if (par->codec_id == AV_CODEC_ID_HEVC) {
+        if (par->extradata_size > 0 && *(uint8_t*)par->extradata != 1)
+            if ((ret = ff_hevc_annexb2mp4_buf(pkt->data, &data, &size, 0, NULL)) < 0)
+                return ret;
     } else if (par->codec_id == AV_CODEC_ID_AAC && pkt->size > 2 &&
                (AV_RB16(pkt->data) & 0xfff0) == 0xfff0) {
         if (!s->streams[pkt->stream_index]->nb_frames) {
@@ -1036,9 +1049,9 @@
             else
                 avio_w8(pb, ((FFALIGN(par->width,  16) - par->width) << 4) |
                              (FFALIGN(par->height, 16) - par->height));
-        } else if (par->codec_id == AV_CODEC_ID_AAC)
+        } else if (par->codec_id == AV_CODEC_ID_AAC) {
             avio_w8(pb, 1); // AAC raw
-        else if (par->codec_id == AV_CODEC_ID_H264 || par->codec_id == AV_CODEC_ID_MPEG4) {
+        } else if (par->codec_id == AV_CODEC_ID_H264 || par->codec_id == AV_CODEC_ID_MPEG4 || par->codec_id == AV_CODEC_ID_HEVC) {
             avio_w8(pb, 1); // AVC NALU
             avio_wb24(pb, pkt->pts - pkt->dts);
         }
diff --color -uNr a/libavformat/flv.h b/libavformat/flv.h
--- a/libavformat/flv.h	2020-07-09 17:17:46.000000000 +0800
+++ b/libavformat/flv.h	2020-12-29 19:10:08.444114140 +0800
@@ -99,6 +99,7 @@
     FLV_CODECID_PCM_MULAW            = 8 << FLV_AUDIO_CODECID_OFFSET,
     FLV_CODECID_AAC                  = 10<< FLV_AUDIO_CODECID_OFFSET,
     FLV_CODECID_SPEEX                = 11<< FLV_AUDIO_CODECID_OFFSET,
+    FLV_CODECID_OPUS                 = 13<< FLV_AUDIO_CODECID_OFFSET,
 };
 
 enum {
@@ -110,6 +111,7 @@
     FLV_CODECID_H264    = 7,
     FLV_CODECID_REALH263= 8,
     FLV_CODECID_MPEG4   = 9,
+    FLV_CODECID_HEVC    = 12,
 };
 
 enum {


================================================
FILE: gl_mt1300_led_daemon.patch
================================================
--- a   2022-05-20 07:38:48.486091422 +0800
+++ b   2022-05-20 07:38:58.000336930 +0800
@@ -1,15 +1,14 @@
 #!/bin/sh

+cycle=30
+tally=0
 status="0"
-count=`uci get mwan3.wan.count 2>/dev/null`
-timeout=`uci get mwan3.wan.timeout 2>/dev/null`
-track_ip=`uci get mwan3.wan.track_ip 2>/dev/null`
-[ -z "$count" ] && count="1"
-[ -z "$timeout" ] && timeout="2"
-[ -z "$track_ip" ] && track_ip="8.8.4.4 8.8.8.8 208.67.222.222 208.67.220.220"
+count="1"
+timeout="2"
+track_ip="223.5.5.5 180.76.76.76 119.29.29.29 114.114.114.114 1.1.1.1 8.8.8.8 4.2.2.1 208.67.222.222"

 mt1300_led off
-mt1300_led blue_breath daemon
+mt1300_led blue_flash

 for ip in $track_ip;
 do
@@ -25,8 +24,19 @@
 do
         if [ "$status" = "0" ];then
                 mt1300_led blue_breath daemon
+                tally=0
         else
-                mt1300_led white daemon
+                if [ -d /sys/class/net/tun* ]; then
+                        tally=0
+                        mt1300_led both daemon
+                else
+                        let tally+=1
+                        if [ $tally -lt $cycle ];then
+                                mt1300_led white daemon
+                        else
+                                mt1300_led off
+                        fi
+                fi
         fi

         sleep 5


================================================
FILE: keys.dict
================================================
00085e2ca32c
010203040506
06a95de06dd5
0aa5f10bd6d5
0ca3eec5db81
123456789abc
123456abcdef
1a2b3c4d5e6f
1a982c7e459a
228e01723e31
2299b5aaf7da
22bfbb0908d5
4364d798e9b4
454445ad9115
474249434351
475fcdff567f
4b1c77a4d2c1
4d3a99c351dd
4e762c24ad1c
533cb6c723f6
587ee5f9350f
5f5bfd7d4e5b
5f7beff15e5b
634d53dd81e3
64d14ed565f9
68de227c8b11
6b3c56d6c903
6cd44c605402
6eaa4eac3d2a
714c5c886e97
76ea4eaf6b62
782568615503
7861609b0d88
836dd5d2498a
882551c9d880
899261486a28
8fd0a4f256e9
a0478cc39091
a0a1a2a3a4a5
a5a412d418ec
aabbccddeeff
abcdef123456
af88173051f5
b03646f7ef1c
b0b1b2b3b4b5
b9884110200d
be0e3297d1c4
c0c1c2c3c4c5
d0141ce2327e
d0d1d2d3d4d5
d3f7d3f7d3f7
db8876f2cb27
dde63639976e
e1019b602902
e1ea7b8ee45e
e9e31129119e
effeece2a3de
f7f73a8f7d82
fb7f2a19522b
fe7bff776eff
feffcfff7f5b
ffdfcf7ff6df


================================================
FILE: nginx.patch
================================================
Add HTTP2 HPACK Encoding Support.
Add Dynamic TLS Record Support.

Using: patch -p1 < nginx.patch

diff --color -uNr a/auto/modules b/auto/modules
--- a/auto/modules	2023-05-23 23:08:20.000000000 +0800
+++ b/auto/modules	2023-05-24 00:52:16.901966472 +0800
@@ -466,6 +466,10 @@
         . auto/module
     fi
 
+    if [ $HTTP_V2_HPACK_ENC = YES ]; then
+        have=NGX_HTTP_V2_HPACK_ENC . auto/have
+    fi
+
     if :; then
         ngx_module_name=ngx_http_static_module
         ngx_module_incs=
diff --color -uNr a/auto/options b/auto/options
--- a/auto/options	2023-05-23 23:08:20.000000000 +0800
+++ b/auto/options	2023-05-24 00:54:34.532597378 +0800
@@ -61,6 +61,7 @@
 HTTP_GZIP=YES
 HTTP_SSL=NO
 HTTP_V2=NO
+HTTP_V2_HPACK_ENC=NO
 HTTP_V3=NO
 HTTP_SSI=YES
 HTTP_REALIP=NO
@@ -236,6 +237,7 @@
 
         --with-http_ssl_module)          HTTP_SSL=YES               ;;
         --with-http_v2_module)           HTTP_V2=YES                ;;
+        --with-http_v2_hpack_enc)        HTTP_V2_HPACK_ENC=YES      ;;
         --with-http_v3_module)           HTTP_V3=YES                ;;
         --with-http_realip_module)       HTTP_REALIP=YES            ;;
         --with-http_addition_module)     HTTP_ADDITION=YES          ;;
@@ -456,6 +458,7 @@
 
   --with-http_ssl_module             enable ngx_http_ssl_module
   --with-http_v2_module              enable ngx_http_v2_module
+  --with-http_v2_hpack_enc           enable ngx_http_v2_hpack_enc
   --with-http_v3_module              enable ngx_http_v3_module
   --with-http_realip_module          enable ngx_http_realip_module
   --with-http_addition_module        enable ngx_http_addition_module
diff --color -uNr a/src/core/ngx_murmurhash.c b/src/core/ngx_murmurhash.c
--- a/src/core/ngx_murmurhash.c	2023-05-23 23:08:20.000000000 +0800
+++ b/src/core/ngx_murmurhash.c	2023-05-24 00:52:16.902966499 +0800
@@ -50,3 +50,63 @@
 
     return h;
 }
+
+
+uint64_t
+ngx_murmur_hash2_64(u_char *data, size_t len, uint64_t seed)
+{
+    uint64_t  h, k;
+
+    h = seed ^ len;
+
+    while (len >= 8) {
+        k  = data[0];
+        k |= data[1] << 8;
+        k |= data[2] << 16;
+        k |= data[3] << 24;
+        k |= (uint64_t)data[4] << 32;
+        k |= (uint64_t)data[5] << 40;
+        k |= (uint64_t)data[6] << 48;
+        k |= (uint64_t)data[7] << 56;
+
+        k *= 0xc6a4a7935bd1e995ull;
+        k ^= k >> 47;
+        k *= 0xc6a4a7935bd1e995ull;
+
+        h ^= k;
+        h *= 0xc6a4a7935bd1e995ull;
+
+        data += 8;
+        len -= 8;
+    }
+
+    switch (len) {
+    case 7:
+        h ^= (uint64_t)data[6] << 48;
+        /* fall through */
+    case 6:
+        h ^= (uint64_t)data[5] << 40;
+        /* fall through */
+    case 5:
+        h ^= (uint64_t)data[4] << 32;
+        /* fall through */
+    case 4:
+        h ^= data[3] << 24;
+        /* fall through */
+    case 3:
+        h ^= data[2] << 16;
+        /* fall through */
+    case 2:
+        h ^= data[1] << 8;
+        /* fall through */
+    case 1:
+        h ^= data[0];
+        h *= 0xc6a4a7935bd1e995ull;
+    }
+
+    h ^= h >> 47;
+    h *= 0xc6a4a7935bd1e995ull;
+    h ^= h >> 47;
+
+    return h;
+}
diff --color -uNr a/src/core/ngx_murmurhash.h b/src/core/ngx_murmurhash.h
--- a/src/core/ngx_murmurhash.h	2023-05-23 23:08:20.000000000 +0800
+++ b/src/core/ngx_murmurhash.h	2023-05-24 00:52:16.903966525 +0800
@@ -15,5 +15,7 @@
 
 uint32_t ngx_murmur_hash2(u_char *data, size_t len);
 
+uint64_t ngx_murmur_hash2_64(u_char *data, size_t len, uint64_t seed);
+
 
 #endif /* _NGX_MURMURHASH_H_INCLUDED_ */
diff --color -uNr a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c	2023-05-23 23:08:20.000000000 +0800
+++ b/src/event/ngx_event_openssl.c	2023-05-24 00:52:16.905966578 +0800
@@ -1674,6 +1674,7 @@
 
     sc->buffer = ((flags & NGX_SSL_BUFFER) != 0);
     sc->buffer_size = ssl->buffer_size;
+    sc->dyn_rec = ssl->dyn_rec;
 
     sc->session_ctx = ssl->ctx;
 
@@ -2645,6 +2646,41 @@
 
     for ( ;; ) {
 
+        /* Dynamic record resizing:
+           We want the initial records to fit into one TCP segment
+           so we don't get TCP HoL blocking due to TCP Slow Start.
+           A connection always starts with small records, but after
+           a given amount of records sent, we make the records larger
+           to reduce header overhead.
+           After a connection has idled for a given timeout, begin
+           the process from the start. The actual parameters are
+           configurable. If dyn_rec_timeout is 0, we assume dyn_rec is off. */
+
+        if (c->ssl->dyn_rec.timeout > 0 ) {
+
+            if (ngx_current_msec - c->ssl->dyn_rec_last_write >
+                c->ssl->dyn_rec.timeout)
+            {
+                buf->end = buf->start + c->ssl->dyn_rec.size_lo;
+                c->ssl->dyn_rec_records_sent = 0;
+
+            } else {
+                if (c->ssl->dyn_rec_records_sent >
+                    c->ssl->dyn_rec.threshold * 2)
+                {
+                    buf->end = buf->start + c->ssl->buffer_size;
+
+                } else if (c->ssl->dyn_rec_records_sent >
+                           c->ssl->dyn_rec.threshold)
+                {
+                    buf->end = buf->start + c->ssl->dyn_rec.size_hi;
+
+                } else {
+                    buf->end = buf->start + c->ssl->dyn_rec.size_lo;
+                }
+            }
+        }
+
         while (in && buf->last < buf->end && send < limit) {
             if (in->buf->last_buf || in->buf->flush) {
                 flush = 1;
@@ -2784,6 +2820,9 @@
 
     if (n > 0) {
 
+        c->ssl->dyn_rec_records_sent++;
+        c->ssl->dyn_rec_last_write = ngx_current_msec;
+
         if (c->ssl->saved_read_handler) {
 
             c->read->handler = c->ssl->saved_read_handler;
diff --color -uNr a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
--- a/src/event/ngx_event_openssl.h	2023-05-23 23:08:20.000000000 +0800
+++ b/src/event/ngx_event_openssl.h	2023-05-24 00:52:16.906966604 +0800
@@ -86,10 +86,19 @@
 typedef struct ngx_ssl_ocsp_s  ngx_ssl_ocsp_t;
 
 
+typedef struct {
+    ngx_msec_t                  timeout;
+    ngx_uint_t                  threshold;
+    size_t                      size_lo;
+    size_t                      size_hi;
+} ngx_ssl_dyn_rec_t;
+
+
 struct ngx_ssl_s {
     SSL_CTX                    *ctx;
     ngx_log_t                  *log;
     size_t                      buffer_size;
+    ngx_ssl_dyn_rec_t           dyn_rec;
 };
 
 
@@ -128,6 +137,10 @@
     unsigned                    in_ocsp:1;
     unsigned                    early_preread:1;
     unsigned                    write_blocked:1;
+
+    ngx_ssl_dyn_rec_t           dyn_rec;
+    ngx_msec_t                  dyn_rec_last_write;
+    ngx_uint_t                  dyn_rec_records_sent;
 };
 
 
@@ -137,7 +150,7 @@
 #define NGX_SSL_DFLT_BUILTIN_SCACHE  -5
 
 
-#define NGX_SSL_MAX_SESSION_SIZE  4096
+#define NGX_SSL_MAX_SESSION_SIZE  16384
 
 typedef struct ngx_ssl_sess_id_s  ngx_ssl_sess_id_t;
 
diff --color -uNr a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
--- a/src/http/modules/ngx_http_ssl_module.c	2023-05-23 23:08:20.000000000 +0800
+++ b/src/http/modules/ngx_http_ssl_module.c	2023-05-24 00:52:16.906966604 +0800
@@ -304,6 +304,41 @@
       offsetof(ngx_http_ssl_srv_conf_t, reject_handshake),
       NULL },
 
+    { ngx_string("ssl_dyn_rec_enable"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_flag_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_enable),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_timeout"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_msec_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_timeout),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_size_lo"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_size_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_size_lo),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_size_hi"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_size_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_size_hi),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_threshold"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_num_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_threshold),
+      NULL },
+
       ngx_null_command
 };
 
@@ -636,6 +671,11 @@
     sscf->ocsp_cache_zone = NGX_CONF_UNSET_PTR;
     sscf->stapling = NGX_CONF_UNSET;
     sscf->stapling_verify = NGX_CONF_UNSET;
+    sscf->dyn_rec_enable = NGX_CONF_UNSET;
+    sscf->dyn_rec_timeout = NGX_CONF_UNSET_MSEC;
+    sscf->dyn_rec_size_lo = NGX_CONF_UNSET_SIZE;
+    sscf->dyn_rec_size_hi = NGX_CONF_UNSET_SIZE;
+    sscf->dyn_rec_threshold = NGX_CONF_UNSET_UINT;
 
     return sscf;
 }
@@ -712,6 +752,20 @@
     ngx_conf_merge_str_value(conf->stapling_responder,
                          prev->stapling_responder, "");
 
+    ngx_conf_merge_value(conf->dyn_rec_enable, prev->dyn_rec_enable, 0);
+    ngx_conf_merge_msec_value(conf->dyn_rec_timeout, prev->dyn_rec_timeout,
+                             1000);
+    /* Default sizes for the dynamic record sizes are defined to fit maximal
+       TLS + IPv6 overhead in a single TCP segment for lo and 3 segments for hi:
+       1369 = 1500 - 40 (IP) - 20 (TCP) - 10 (Time) - 61 (Max TLS overhead) */
+    ngx_conf_merge_size_value(conf->dyn_rec_size_lo, prev->dyn_rec_size_lo,
+                             1369);
+    /* 4229 = (1500 - 40 - 20 - 10) * 3  - 61 */
+    ngx_conf_merge_size_value(conf->dyn_rec_size_hi, prev->dyn_rec_size_hi,
+                             4229);
+    ngx_conf_merge_uint_value(conf->dyn_rec_threshold, prev->dyn_rec_threshold,
+                             40);
+
     conf->ssl.log = cf->log;
 
     if (conf->enable) {
@@ -938,6 +992,28 @@
         return NGX_CONF_ERROR;
     }
 
+    if (conf->dyn_rec_enable) {
+        conf->ssl.dyn_rec.timeout = conf->dyn_rec_timeout;
+        conf->ssl.dyn_rec.threshold = conf->dyn_rec_threshold;
+
+        if (conf->buffer_size > conf->dyn_rec_size_lo) {
+            conf->ssl.dyn_rec.size_lo = conf->dyn_rec_size_lo;
+
+        } else {
+            conf->ssl.dyn_rec.size_lo = conf->buffer_size;
+        }
+
+        if (conf->buffer_size > conf->dyn_rec_size_hi) {
+            conf->ssl.dyn_rec.size_hi = conf->dyn_rec_size_hi;
+
+        } else {
+            conf->ssl.dyn_rec.size_hi = conf->buffer_size;
+        }
+
+    } else {
+        conf->ssl.dyn_rec.timeout = 0;
+    }
+
     return NGX_CONF_OK;
 }
 
diff --color -uNr a/src/http/modules/ngx_http_ssl_module.h b/src/http/modules/ngx_http_ssl_module.h
--- a/src/http/modules/ngx_http_ssl_module.h	2023-05-23 23:08:20.000000000 +0800
+++ b/src/http/modules/ngx_http_ssl_module.h	2023-05-24 00:52:16.907966630 +0800
@@ -67,6 +67,12 @@
 
     u_char                         *file;
     ngx_uint_t                      line;
+
+    ngx_flag_t                      dyn_rec_enable;
+    ngx_msec_t                      dyn_rec_timeout;
+    size_t                          dyn_rec_size_lo;
+    size_t                          dyn_rec_size_hi;
+    ngx_uint_t                      dyn_rec_threshold;
 } ngx_http_ssl_srv_conf_t;
 
 
diff --color -uNr a/src/http/v2/ngx_http_v2.c b/src/http/v2/ngx_http_v2.c
--- a/src/http/v2/ngx_http_v2.c	2023-05-23 23:08:20.000000000 +0800
+++ b/src/http/v2/ngx_http_v2.c	2023-05-24 00:52:16.909966683 +0800
@@ -274,6 +274,8 @@
 
     h2c->frame_size = NGX_HTTP_V2_DEFAULT_FRAME_SIZE;
 
+    h2c->max_hpack_table_size = NGX_HTTP_V2_DEFAULT_HPACK_TABLE_SIZE;
+
     h2scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v2_module);
 
     h2c->concurrent_pushes = h2scf->concurrent_pushes;
@@ -2280,6 +2282,14 @@
         case NGX_HTTP_V2_HEADER_TABLE_SIZE_SETTING:
 
             h2c->table_update = 1;
+
+            if (value > NGX_HTTP_V2_MAX_HPACK_TABLE_SIZE) {
+                h2c->max_hpack_table_size = NGX_HTTP_V2_MAX_HPACK_TABLE_SIZE;
+            } else {
+                h2c->max_hpack_table_size = value;
+            }
+
+            h2c->indicate_resize = 1;
             break;
 
         default:
diff --color -uNr a/src/http/v2/ngx_http_v2_encode.c b/src/http/v2/ngx_http_v2_encode.c
--- a/src/http/v2/ngx_http_v2_encode.c	2023-05-23 23:08:20.000000000 +0800
+++ b/src/http/v2/ngx_http_v2_encode.c	2023-05-24 00:52:16.909966683 +0800
@@ -10,7 +10,7 @@
 #include <ngx_http.h>
 
 
-static u_char *ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix,
+u_char *ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix,
     ngx_uint_t value);
 
 
@@ -40,7 +40,7 @@
 }
 
 
-static u_char *
+u_char *
 ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix, ngx_uint_t value)
 {
     if (value < prefix) {
diff --color -uNr a/src/http/v2/ngx_http_v2_filter_module.c b/src/http/v2/ngx_http_v2_filter_module.c
--- a/src/http/v2/ngx_http_v2_filter_module.c	2023-05-23 23:08:20.000000000 +0800
+++ b/src/http/v2/ngx_http_v2_filter_module.c	2023-05-24 00:52:16.910966710 +0800
@@ -23,10 +23,53 @@
 #define ngx_http_v2_literal_size(h)                                           \
     (ngx_http_v2_integer_octets(sizeof(h) - 1) + sizeof(h) - 1)
 
+#define ngx_http_v2_indexed(i)      (128 + (i))
+#define ngx_http_v2_inc_indexed(i)  (64 + (i))
+
+#define NGX_HTTP_V2_ENCODE_RAW            0
+#define NGX_HTTP_V2_ENCODE_HUFF           0x80
+
+#define NGX_HTTP_V2_AUTHORITY_INDEX       1
+#define NGX_HTTP_V2_METHOD_GET_INDEX      2
+#define NGX_HTTP_V2_PATH_INDEX            4
+
+#define NGX_HTTP_V2_SCHEME_HTTP_INDEX     6
+#define NGX_HTTP_V2_SCHEME_HTTPS_INDEX    7
+
+#define NGX_HTTP_V2_STATUS_INDEX          8
+#define NGX_HTTP_V2_STATUS_200_INDEX      8
+#define NGX_HTTP_V2_STATUS_204_INDEX      9
+#define NGX_HTTP_V2_STATUS_206_INDEX      10
+#define NGX_HTTP_V2_STATUS_304_INDEX      11
+#define NGX_HTTP_V2_STATUS_400_INDEX      12
+#define NGX_HTTP_V2_STATUS_404_INDEX      13
+#define NGX_HTTP_V2_STATUS_500_INDEX      14
+
+#define NGX_HTTP_V2_ACCEPT_ENCODING_INDEX 16
+#define NGX_HTTP_V2_ACCEPT_LANGUAGE_INDEX 17
+#define NGX_HTTP_V2_CONTENT_LENGTH_INDEX  28
+#define NGX_HTTP_V2_CONTENT_TYPE_INDEX    31
+#define NGX_HTTP_V2_DATE_INDEX            33
+#define NGX_HTTP_V2_LAST_MODIFIED_INDEX   44
+#define NGX_HTTP_V2_LOCATION_INDEX        46
+#define NGX_HTTP_V2_SERVER_INDEX          54
+#define NGX_HTTP_V2_USER_AGENT_INDEX      58
+#define NGX_HTTP_V2_VARY_INDEX            59
 
 #define NGX_HTTP_V2_NO_TRAILERS           (ngx_http_v2_out_frame_t *) -1
 
 
+static const struct {
+    u_char        *name;
+    u_char const   len;
+} push_header[] = {
+    { (u_char*)":authority"      , 10 },
+    { (u_char*)"accept-encoding" , 15 },
+    { (u_char*)"accept-language" , 15 },
+    { (u_char*)"user-agent"      , 10 }
+};
+
+
 typedef struct {
     ngx_str_t      name;
     u_char         index;
@@ -155,11 +198,9 @@
 #endif
 
     static size_t nginx_ver_len = ngx_http_v2_literal_size(NGINX_VER);
-    static u_char nginx_ver[ngx_http_v2_literal_size(NGINX_VER)];
 
     static size_t nginx_ver_build_len =
                                   ngx_http_v2_literal_size(NGINX_VER_BUILD);
-    static u_char nginx_ver_build[ngx_http_v2_literal_size(NGINX_VER_BUILD)];
 
     stream = r->stream;
 
@@ -435,7 +476,7 @@
     }
 
     tmp = ngx_palloc(r->pool, tmp_len);
-    pos = ngx_pnalloc(r->pool, len);
+    pos = ngx_pnalloc(r->pool, len + 15 + 1);
 
     if (pos == NULL || tmp == NULL) {
         return NGX_ERROR;
@@ -443,11 +484,16 @@
 
     start = pos;
 
-    if (h2c->table_update) {
-        ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 table size update: 0");
-        *pos++ = (1 << 5) | 0;
-        h2c->table_update = 0;
+    h2c = r->stream->connection;
+
+    if (h2c->indicate_resize) {
+        *pos = 32;
+        pos = ngx_http_v2_write_int(pos, ngx_http_v2_prefix(5),
+                                    h2c->max_hpack_table_size);
+        h2c->indicate_resize = 0;
+#if (NGX_HTTP_V2_HPACK_ENC)
+        ngx_http_v2_table_resize(h2c);
+#endif
     }
 
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
@@ -458,67 +504,28 @@
         *pos++ = status;
 
     } else {
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_STATUS_INDEX);
-        *pos++ = NGX_HTTP_V2_ENCODE_RAW | 3;
-        pos = ngx_sprintf(pos, "%03ui", r->headers_out.status);
+        ngx_sprintf(pos + 8, "%O3ui", r->headers_out.status);
+        pos = ngx_http_v2_write_header(h2c, pos, (u_char *)":status",
+                                       sizeof(":status") - 1, pos + 8, 3, tmp);
     }
 
     if (r->headers_out.server == NULL) {
-
         if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_ON) {
-            ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                           "http2 output header: \"server: %s\"",
-                           NGINX_VER);
-
-        } else if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_BUILD) {
-            ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                           "http2 output header: \"server: %s\"",
-                           NGINX_VER_BUILD);
-
-        } else {
-            ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                           "http2 output header: \"server: nginx\"");
-        }
-
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_SERVER_INDEX);
-
-        if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_ON) {
-            if (nginx_ver[0] == '\0') {
-                p = ngx_http_v2_write_value(nginx_ver, (u_char *) NGINX_VER,
-                                            sizeof(NGINX_VER) - 1, tmp);
-                nginx_ver_len = p - nginx_ver;
-            }
-
-            pos = ngx_cpymem(pos, nginx_ver, nginx_ver_len);
+            pos = ngx_http_v2_write_header_str("server", NGINX_VER);
 
         } else if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_BUILD) {
-            if (nginx_ver_build[0] == '\0') {
-                p = ngx_http_v2_write_value(nginx_ver_build,
-                                            (u_char *) NGINX_VER_BUILD,
-                                            sizeof(NGINX_VER_BUILD) - 1, tmp);
-                nginx_ver_build_len = p - nginx_ver_build;
-            }
-
-            pos = ngx_cpymem(pos, nginx_ver_build, nginx_ver_build_len);
+            pos = ngx_http_v2_write_header_str("server", NGINX_VER_BUILD);
 
         } else {
-            pos = ngx_cpymem(pos, nginx, sizeof(nginx));
+            pos = ngx_http_v2_write_header_str("server", "nginx");
         }
     }
 
     if (r->headers_out.date == NULL) {
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"date: %V\"",
-                       &ngx_cached_http_time);
-
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_DATE_INDEX);
-        pos = ngx_http_v2_write_value(pos, ngx_cached_http_time.data,
-                                      ngx_cached_http_time.len, tmp);
+        pos = ngx_http_v2_write_header_tbl("date", ngx_cached_http_time);
     }
 
     if (r->headers_out.content_type.len) {
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_CONTENT_TYPE_INDEX);
-
         if (r->headers_out.content_type_len == r->headers_out.content_type.len
             && r->headers_out.charset.len)
         {
@@ -544,64 +551,36 @@
             r->headers_out.content_type.data = p - len;
         }
 
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"content-type: %V\"",
-                       &r->headers_out.content_type);
-
-        pos = ngx_http_v2_write_value(pos, r->headers_out.content_type.data,
-                                      r->headers_out.content_type.len, tmp);
+        pos = ngx_http_v2_write_header_tbl("content-type",
+                                           r->headers_out.content_type);
     }
 
     if (r->headers_out.content_length == NULL
         && r->headers_out.content_length_n >= 0)
     {
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"content-length: %O\"",
-                       r->headers_out.content_length_n);
-
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_CONTENT_LENGTH_INDEX);
-
-        p = pos;
-        pos = ngx_sprintf(pos + 1, "%O", r->headers_out.content_length_n);
-        *p = NGX_HTTP_V2_ENCODE_RAW | (u_char) (pos - p - 1);
+        p = ngx_sprintf(pos + 15, "%O", r->headers_out.content_length_n);
+        pos = ngx_http_v2_write_header(h2c, pos, (u_char *)"content-length",
+                                       sizeof("content-length") - 1, pos + 15,
+                                       p - (pos + 15), tmp);
     }
 
     if (r->headers_out.last_modified == NULL
         && r->headers_out.last_modified_time != -1)
     {
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_LAST_MODIFIED_INDEX);
-
-        ngx_http_time(pos, r->headers_out.last_modified_time);
+        ngx_http_time(pos + 14, r->headers_out.last_modified_time);
         len = sizeof("Wed, 31 Dec 1986 18:00:00 GMT") - 1;
-
-        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"last-modified: %*s\"",
-                       len, pos);
-
-        /*
-         * Date will always be encoded using huffman in the temporary buffer,
-         * so it's safe here to use src and dst pointing to the same address.
-         */
-        pos = ngx_http_v2_write_value(pos, pos, len, tmp);
+        pos = ngx_http_v2_write_header(h2c, pos, (u_char *)"last-modified",
+                                       sizeof("last-modified") - 1, pos + 14,
+                                       len, tmp);
     }
 
     if (r->headers_out.location && r->headers_out.location->value.len) {
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"location: %V\"",
-                       &r->headers_out.location->value);
-
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_LOCATION_INDEX);
-        pos = ngx_http_v2_write_value(pos, r->headers_out.location->value.data,
-                                      r->headers_out.location->value.len, tmp);
+        pos = ngx_http_v2_write_header_tbl("location", r->headers_out.location->value);
     }
 
 #if (NGX_HTTP_GZIP)
     if (r->gzip_vary) {
-        ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"vary: Accept-Encoding\"");
-
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_VARY_INDEX);
-        pos = ngx_cpymem(pos, accept_encoding, sizeof(accept_encoding));
+        pos = ngx_http_v2_write_header_str("vary", "Accept-Encoding");
     }
 #endif
 
@@ -624,23 +603,10 @@
             continue;
         }
 
-#if (NGX_DEBUG)
-        if (fc->log->log_level & NGX_LOG_DEBUG_HTTP) {
-            ngx_strlow(tmp, header[i].key.data, header[i].key.len);
-
-            ngx_log_debug3(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                           "http2 output header: \"%*s: %V\"",
-                           header[i].key.len, tmp, &header[i].value);
-        }
-#endif
-
-        *pos++ = 0;
-
-        pos = ngx_http_v2_write_name(pos, header[i].key.data,
-                                     header[i].key.len, tmp);
+        pos = ngx_http_v2_write_header(h2c, pos, header[i].key.data,
+                                       header[i].key.len, header[i].value.data,
+                                       header[i].value.len, tmp);
 
-        pos = ngx_http_v2_write_value(pos, header[i].value.data,
-                                      header[i].value.len, tmp);
     }
 
     fin = r->header_only
@@ -997,6 +963,7 @@
 
     for (i = 0; i < NGX_HTTP_V2_PUSH_HEADERS; i++) {
         len += binary[i].len;
+        len += push_header[i].len + 1;
     }
 
     pos = ngx_pnalloc(r->pool, len);
@@ -1006,12 +973,17 @@
 
     start = pos;
 
-    if (h2c->table_update) {
-        ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 table size update: 0");
-        *pos++ = (1 << 5) | 0;
-        h2c->table_update = 0;
-    }
+    h2c = r->stream->connection;
+
+    if (h2c->indicate_resize) {
+        *pos = 32;
+        pos = ngx_http_v2_write_int(pos, ngx_http_v2_prefix(5),
+                                    h2c->max_hpack_table_size);
+        h2c->indicate_resize = 0;
+#if (NGX_HTTP_V2_HPACK_ENC)
+        ngx_http_v2_table_resize(h2c);
+#endif
+     }
 
     ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
                    "http2 push header: \":method: GET\"");
@@ -1021,8 +993,7 @@
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
                    "http2 push header: \":path: %V\"", path);
 
-    *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX);
-    pos = ngx_http_v2_write_value(pos, path->data, path->len, tmp);
+    pos = ngx_http_v2_write_header_pot(":path", path);
 
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
                    "http2 push header: \":scheme: %V\"", &r->schema);
@@ -1047,11 +1018,15 @@
             continue;
         }
 
+        value = &(*h)->value;
+
         ngx_log_debug2(NGX_LOG_DEBUG_HTTP, fc->log, 0,
                        "http2 push header: \"%V: %V\"",
                        &ph[i].name, &(*h)->value);
 
-        pos = ngx_cpymem(pos, binary[i].data, binary[i].len);
+        pos = ngx_http_v2_write_header(h2c, pos,
+                  push_header[i].name, push_header[i].len, value->data, value->len,
+                  tmp);
     }
 
     frame = ngx_http_v2_create_push_frame(r, start, pos);
diff --color -uNr a/src/http/v2/ngx_http_v2.h b/src/http/v2/ngx_http_v2.h
--- a/src/http/v2/ngx_http_v2.h	2023-05-23 23:08:20.000000000 +0800
+++ b/src/http/v2/ngx_http_v2.h	2023-05-24 00:52:16.911966736 +0800
@@ -51,6 +51,14 @@
 #define NGX_HTTP_V2_MAX_WINDOW           ((1U << 31) - 1)
 #define NGX_HTTP_V2_DEFAULT_WINDOW       65535
 
+#define HPACK_ENC_HTABLE_SZ              128 /* better to keep a PoT < 64k */
+#define HPACK_ENC_HTABLE_ENTRIES         ((HPACK_ENC_HTABLE_SZ * 100) / 128)
+#define HPACK_ENC_DYNAMIC_KEY_TBL_SZ     10  /* 10 is sufficient for most */
+#define HPACK_ENC_MAX_ENTRY              512 /* longest header size to match */
+
+#define NGX_HTTP_V2_DEFAULT_HPACK_TABLE_SIZE     4096
+#define NGX_HTTP_V2_MAX_HPACK_TABLE_SIZE         16384 /* < 64k */
+
 #define NGX_HTTP_V2_DEFAULT_WEIGHT       16
 
 
@@ -114,6 +122,46 @@
 } ngx_http_v2_hpack_t;
 
 
+#if (NGX_HTTP_V2_HPACK_ENC)
+typedef struct {
+    uint64_t                         hash_val;
+    uint32_t                         index;
+    uint16_t                         pos;
+    uint16_t                         klen, vlen;
+    uint16_t                         size;
+    uint16_t                         next;
+} ngx_http_v2_hpack_enc_entry_t;
+
+
+typedef struct {
+    uint64_t                         hash_val;
+    uint32_t                         index;
+    uint16_t                         pos;
+    uint16_t                         klen;
+} ngx_http_v2_hpack_name_entry_t;
+
+
+typedef struct {
+    size_t                           size;    /* size as defined in RFC 7541 */
+    uint32_t                         top;     /* the last entry */
+    uint32_t                         pos;
+    uint16_t                         n_elems; /* number of elements */
+    uint16_t                         base;    /* index of the oldest entry */
+    uint16_t                         last;    /* index of the newest entry */
+
+    /* hash table for dynamic entries, instead using a generic hash table,
+       which would be too slow to process a significant amount of headers,
+       this table is not determenistic, and might ocasionally fail to insert
+       a value, at the cost of slightly worse compression, but significantly
+       faster performance */
+    ngx_http_v2_hpack_enc_entry_t    htable[HPACK_ENC_HTABLE_SZ];
+    ngx_http_v2_hpack_name_entry_t   heads[HPACK_ENC_DYNAMIC_KEY_TBL_SZ];
+    u_char                           storage[NGX_HTTP_V2_MAX_HPACK_TABLE_SIZE +
+                                             HPACK_ENC_MAX_ENTRY];
+} ngx_http_v2_hpack_enc_t;
+#endif
+
+
 struct ngx_http_v2_connection_s {
     ngx_connection_t                *connection;
     ngx_http_connection_t           *http_connection;
@@ -135,6 +183,8 @@
 
     size_t                           frame_size;
 
+    size_t                           max_hpack_table_size;
+
     ngx_queue_t                      waiting;
 
     ngx_http_v2_state_t              state;
@@ -164,6 +214,11 @@
     unsigned                         blocked:1;
     unsigned                         goaway:1;
     unsigned                         push_disabled:1;
+    unsigned                         indicate_resize:1;
+
+#if (NGX_HTTP_V2_HPACK_ENC)
+    ngx_http_v2_hpack_enc_t          hpack_enc;
+#endif
 };
 
 
@@ -207,6 +262,8 @@
 
     ngx_array_t                     *cookies;
 
+    size_t                           header_limit;
+
     ngx_pool_t                      *pool;
 
     unsigned                         waiting:1;
@@ -413,4 +470,35 @@
     u_char *tmp, ngx_uint_t lower);
 
 
+u_char *ngx_http_v2_string_encode(u_char *dst, u_char *src, size_t len,
+    u_char *tmp, ngx_uint_t lower);
+
+u_char *
+ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix, ngx_uint_t value);
+
+#define ngx_http_v2_write_name(dst, src, len, tmp)                            \
+    ngx_http_v2_string_encode(dst, src, len, tmp, 1)
+#define ngx_http_v2_write_value(dst, src, len, tmp)                           \
+    ngx_http_v2_string_encode(dst, src, len, tmp, 0)
+
+u_char *
+ngx_http_v2_write_header(ngx_http_v2_connection_t *h2c, u_char *pos,
+    u_char *key, size_t key_len, u_char *value, size_t value_len,
+    u_char *tmp);
+
+void
+ngx_http_v2_table_resize(ngx_http_v2_connection_t *h2c);
+
+#define ngx_http_v2_write_header_str(key, value)                        \
+    ngx_http_v2_write_header(h2c, pos, (u_char *) key, sizeof(key) - 1, \
+    (u_char *) value, sizeof(value) - 1, tmp);
+
+#define ngx_http_v2_write_header_tbl(key, val)                          \
+    ngx_http_v2_write_header(h2c, pos, (u_char *) key, sizeof(key) - 1, \
+    val.data, val.len, tmp);
+
+#define ngx_http_v2_write_header_pot(key, val)                          \
+    ngx_http_v2_write_header(h2c, pos, (u_char *) key, sizeof(key) - 1, \
+    val->data, val->len, tmp);
+
 #endif /* _NGX_HTTP_V2_H_INCLUDED_ */
diff --color -uNr a/src/http/v2/ngx_http_v2_table.c b/src/http/v2/ngx_http_v2_table.c
--- a/src/http/v2/ngx_http_v2_table.c	2023-05-23 23:08:20.000000000 +0800
+++ b/src/http/v2/ngx_http_v2_table.c	2023-05-24 00:52:16.912966762 +0800
@@ -361,3 +361,434 @@
 
     return NGX_OK;
 }
+
+
+#if (NGX_HTTP_V2_HPACK_ENC)
+
+static ngx_int_t
+hpack_get_static_index(ngx_http_v2_connection_t *h2c, u_char *val, size_t len);
+
+static ngx_int_t
+hpack_get_dynamic_index(ngx_http_v2_connection_t *h2c, uint64_t key_hash,
+                        uint8_t *key, size_t key_len);
+
+
+void
+ngx_http_v2_table_resize(ngx_http_v2_connection_t *h2c)
+{
+    ngx_http_v2_hpack_enc_entry_t  *table;
+    uint64_t                        idx;
+
+    table = h2c->hpack_enc.htable;
+
+    while (h2c->hpack_enc.size > h2c->max_hpack_table_size) {
+        idx = h2c->hpack_enc.base;
+        h2c->hpack_enc.base = table[idx].next;
+        h2c->hpack_enc.size -= table[idx].size;
+        table[idx].hash_val = 0;
+        h2c->hpack_enc.n_elems--;
+    }
+}
+
+
+/* checks if a header is in the hpack table - if so returns the table entry,
+   otherwise encodes and inserts into the table and returns 0,
+   if failed to insert into table, returns -1 */
+static ngx_int_t
+ngx_http_v2_table_encode_strings(ngx_http_v2_connection_t *h2c,
+    size_t key_len, size_t val_len, uint8_t *key, uint8_t *val,
+    ngx_int_t *header_idx)
+{
+    uint64_t  hash_val, key_hash, idx, lru;
+    int       i;
+    size_t    size = key_len + val_len + 32;
+    uint8_t  *storage = h2c->hpack_enc.storage;
+
+    ngx_http_v2_hpack_enc_entry_t   *table;
+    ngx_http_v2_hpack_name_entry_t  *name;
+
+    *header_idx = NGX_ERROR;
+    /* step 1: compute the hash value of header */
+    if (size > HPACK_ENC_MAX_ENTRY || size > h2c->max_hpack_table_size) {
+        return NGX_ERROR;
+    }
+
+    key_hash = ngx_murmur_hash2_64(key, key_len, 0x01234);
+    hash_val = ngx_murmur_hash2_64(val, val_len, key_hash);
+
+    if (hash_val == 0) {
+        return NGX_ERROR;
+    }
+
+    /* step 2: check if full header in the table */
+    idx = hash_val;
+    i = -1;
+    while (idx) {
+         /* at most 8 locations are checked, but most will be done in 1 or 2 */
+        table = &h2c->hpack_enc.htable[idx % HPACK_ENC_HTABLE_SZ];
+        if (table->hash_val == hash_val
+            && table->klen == key_len
+            && table->vlen == val_len
+            && ngx_memcmp(key, storage + table->pos, key_len) == 0
+            && ngx_memcmp(val, storage + table->pos + key_len, val_len) == 0)
+        {
+            return (h2c->hpack_enc.top - table->index) + 61;
+        }
+
+        if (table->hash_val == 0 && i == -1) {
+            i = idx % HPACK_ENC_HTABLE_SZ;
+            break;
+        }
+
+        idx >>= 8;
+    }
+
+    /* step 3: check if key is in one of the tables */
+    *header_idx = hpack_get_static_index(h2c, key, key_len);
+
+    if (i == -1) {
+        return NGX_ERROR;
+    }
+
+    if (*header_idx == NGX_ERROR) {
+        *header_idx = hpack_get_dynamic_index(h2c, key_hash, key, key_len);
+    }
+
+    /* step 4: store the new entry */
+    table =  h2c->hpack_enc.htable;
+
+    if (h2c->hpack_enc.top == 0xffffffff) {
+        /* just to be on the safe side, avoid overflow */
+        ngx_memset(&h2c->hpack_enc, 0, sizeof(ngx_http_v2_hpack_enc_t));
+    }
+
+    while ((h2c->hpack_enc.size + size > h2c->max_hpack_table_size)
+           || h2c->hpack_enc.n_elems == HPACK_ENC_HTABLE_ENTRIES) {
+        /* make space for the new entry first */
+        idx = h2c->hpack_enc.base;
+        h2c->hpack_enc.base = table[idx].next;
+        h2c->hpack_enc.size -= table[idx].size;
+        table[idx].hash_val = 0;
+        h2c->hpack_enc.n_elems--;
+    }
+
+    table[i] = (ngx_http_v2_hpack_enc_entry_t){.hash_val = hash_val,
+                                               .index = h2c->hpack_enc.top,
+                                               .pos = h2c->hpack_enc.pos,
+                                               .klen = key_len,
+                                               .vlen = val_len,
+                                               .size = size,
+                                               .next = 0};
+
+    table[h2c->hpack_enc.last].next = i;
+    if (h2c->hpack_enc.n_elems == 0) {
+        h2c->hpack_enc.base = i;
+    }
+
+    h2c->hpack_enc.last = i;
+    h2c->hpack_enc.top++;
+    h2c->hpack_enc.size += size;
+    h2c->hpack_enc.n_elems++;
+
+    /* update header name lookup */
+    if (*header_idx == NGX_ERROR ) {
+        lru = h2c->hpack_enc.top;
+
+        for (i=0; i<HPACK_ENC_DYNAMIC_KEY_TBL_SZ; i++) {
+
+            name = &h2c->hpack_enc.heads[i];
+
+            if ( name->hash_val == 0 || (name->hash_val == key_hash
+                && ngx_memcmp(storage + name->pos, key, key_len) == 0) )
+            {
+                name->hash_val = key_hash;
+                name->pos = h2c->hpack_enc.pos;
+                name->index = h2c->hpack_enc.top - 1;
+                break;
+            }
+
+            if (lru > name->index) {
+                lru = name->index;
+                idx = i;
+            }
+        }
+
+        if (i == HPACK_ENC_DYNAMIC_KEY_TBL_SZ) {
+            name = &h2c->hpack_enc.heads[idx];
+            name->hash_val = hash_val;
+            name->pos = h2c->hpack_enc.pos;
+            name->index = h2c->hpack_enc.top - 1;
+        }
+    }
+
+    ngx_memcpy(storage + h2c->hpack_enc.pos, key, key_len);
+    ngx_memcpy(storage + h2c->hpack_enc.pos + key_len, val, val_len);
+
+    h2c->hpack_enc.pos += size;
+    if (h2c->hpack_enc.pos > NGX_HTTP_V2_MAX_HPACK_TABLE_SIZE) {
+        h2c->hpack_enc.pos = 0;
+    }
+
+    return NGX_OK;
+}
+
+
+u_char *
+ngx_http_v2_write_header(ngx_http_v2_connection_t *h2c, u_char *pos,
+                         u_char *key, size_t key_len,
+                         u_char *value, size_t value_len,
+                         u_char *tmp)
+{
+    ngx_int_t idx, header_idx;
+
+    ngx_log_debug4(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                   "http2 output header: %*s: %*s", key_len, key, value_len,
+                   value);
+
+    /* attempt to find the value in the dynamic table */
+    idx = ngx_http_v2_table_encode_strings(h2c, key_len, value_len, key, value,
+                                           &header_idx);
+
+    if (idx > 0) {
+        /* positive index indicates success */
+        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                       "http2 hpack encode: Indexed Header Field: %ud", idx);
+
+        *pos = 128;
+        pos = ngx_http_v2_write_int(pos, ngx_http_v2_prefix(7), idx);
+
+    } else {
+
+        if (header_idx == NGX_ERROR) { /* if key is not present */
+
+            if (idx == NGX_ERROR) {    /* if header was not added */
+                *pos++ = 0;
+
+                ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                              "http2 hpack encode: Literal Header Field without"
+                              " Indexing — New Name");
+            } else {                   /* if header was added */
+                *pos++ = 64;
+
+                ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                              "http2 hpack encode: Literal Header Field with "
+                              "Incremental Indexing — New Name");
+            }
+
+            pos = ngx_http_v2_write_name(pos, key, key_len, tmp);
+
+        } else {                       /* if key is present */
+
+            if (idx == NGX_ERROR) {
+                *pos = 0;
+                pos = ngx_http_v2_write_int(pos, ngx_http_v2_prefix(4), header_idx);
+
+                ngx_log_debug1(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                              "http2 hpack encode: Literal Header Field without"
+                              " Indexing — Indexed Name: %ud", header_idx);
+            } else {
+                *pos = 64;
+                pos = ngx_http_v2_write_int(pos, ngx_http_v2_prefix(6), header_idx);
+
+                ngx_log_debug1(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                              "http2 hpack encode: Literal Header Field with "
+                              "Incremental Indexing — Indexed Name: %ud", header_idx);
+            }
+        }
+
+        pos = ngx_http_v2_write_value(pos, value, value_len, tmp);
+    }
+
+    return pos;
+}
+
+
+static ngx_int_t
+hpack_get_dynamic_index(ngx_http_v2_connection_t *h2c, uint64_t key_hash,
+                        uint8_t *key, size_t key_len)
+{
+    ngx_http_v2_hpack_name_entry_t  *name;
+    int                              i;
+
+    for (i=0; i<HPACK_ENC_DYNAMIC_KEY_TBL_SZ; i++) {
+        name = &h2c->hpack_enc.heads[i];
+
+        if (name->hash_val == key_hash
+            && ngx_memcmp(h2c->hpack_enc.storage + name->pos, key, key_len) == 0)
+        {
+            if (name->index >= h2c->hpack_enc.top - h2c->hpack_enc.n_elems) {
+                return (h2c->hpack_enc.top - name->index) + 61;
+            }
+            break;
+        }
+    }
+
+    return NGX_ERROR;
+}
+
+
+/* decide if a given header is present in the static dictionary, this could be
+   done in several ways, but it seems the fastest one is "exhaustive" search */
+static ngx_int_t
+hpack_get_static_index(ngx_http_v2_connection_t *h2c, u_char *val, size_t len)
+{
+    /* the static dictionary of response only headers,
+       although response headers can be put by origin,
+       that would be rare */
+    static const struct {
+        u_char         len;
+        const u_char   val[28];
+        u_char         idx;
+    } server_headers[] = {
+        { 3, "age",                         21},//0
+        { 3, "via",                         60},
+        { 4, "date",                        33},//2
+        { 4, "etag",                        34},
+        { 4, "link",                        45},
+        { 4, "vary",                        59},
+        { 5, "allow",                       22},//6
+        { 6, "server",                      54},//7
+        { 7, "expires",                     36},//8
+        { 7, "refresh",                     52},
+        { 8, "location",                    46},//10
+        {10, "set-cookie",                  55},//11
+        {11, "retry-after",                 53},//12
+        {12, "content-type",                31},//13
+        {13, "content-range",               30},//14
+        {13, "accept-ranges",               18},
+        {13, "cache-control",               24},
+        {13, "last-modified",               44},
+        {14, "content-length",              28},//18
+        {16, "content-encoding",            26},//19
+        {16, "content-language",            27},
+        {16, "content-location",            29},
+        {16, "www-authenticate",            61},
+        {17, "transfer-encoding",           57},//23
+        {18, "proxy-authenticate",          48},//24
+        {19, "content-disposition",         25},//25
+        {25, "strict-transport-security",   56},//26
+        {27, "access-control-allow-origin", 20},//27
+        {99, "",                            99},
+    }, *header;
+
+    /* for a given length, where to start the search
+       since minimal length is 3, the table has a -3
+       offset */
+    static const int8_t start_at[] = {
+        [3-3]  = 0,
+        [4-3]  = 2,
+        [5-3]  = 6,
+        [6-3]  = 7,
+        [7-3]  = 8,
+        [8-3]  = 10,
+        [9-3]  = -1,
+        [10-3] = 11,
+        [11-3] = 12,
+        [12-3] = 13,
+        [13-3] = 14,
+        [14-3] = 18,
+        [15-3] = -1,
+        [16-3] = 19,
+        [17-3] = 23,
+        [18-3] = 24,
+        [19-3] = 25,
+        [20-3] = -1,
+        [21-3] = -1,
+        [22-3] = -1,
+        [23-3] = -1,
+        [24-3] = -1,
+        [25-3] = 26,
+        [26-3] = -1,
+        [27-3] = 27,
+    };
+
+    uint64_t pref;
+    size_t   save_len = len, i;
+    int8_t   start;
+
+    /* early exit for out of bounds lengths */
+    if (len < 3 || len > 27) {
+        return NGX_ERROR;
+    }
+
+    start = start_at[len - 3];
+    if (start == -1) {
+        /* exit for non existent lengths */
+        return NGX_ERROR;
+    }
+
+    header = &server_headers[start_at[len - 3]];
+
+    /* load first 8 bytes of key, for fast comparison */
+    if (len < 8) {
+        pref = 0;
+        if (len >= 4) {
+            pref = *(uint32_t *)(val + len - 4) | 0x20202020;
+            len -= 4;
+        }
+        while (len > 0) { /* 3 iterations at most */
+            pref = (pref << 8) ^ (val[len - 1] | 0x20);
+            len--;
+        }
+    } else {
+        pref = *(uint64_t *)val | 0x2020202020202020;
+        len -= 8;
+    }
+
+    /* iterate over headers with the right length */
+    while (header->len == save_len) {
+        /* quickly compare the first 8 bytes, most tests will end here */
+        if (pref != *(uint64_t *) header->val) {
+            header++;
+            continue;
+        }
+
+        if (len == 0) {
+            /* len == 0, indicates prefix held the entire key */
+            return header->idx;
+        }
+        /* for longer keys compare the rest */
+        i = 1 + (save_len + 7) % 8; /* align so we can compare in quadwords */
+
+        while (i + 8 <= save_len) { /* 3 iterations at most */
+            if ( *(uint64_t *)&header->val[i]
+                 != (*(uint64_t *) &val[i]| 0x2020202020202020) )
+            {
+                header++;
+                i = 0;
+                break;
+            }
+            i += 8;
+        }
+
+        if (i == 0) {
+            continue;
+        }
+
+        /* found the corresponding entry in the static dictionary */
+        return header->idx;
+    }
+
+    return NGX_ERROR;
+}
+
+#else
+
+u_char *
+ngx_http_v2_write_header(ngx_http_v2_connection_t *h2c, u_char *pos,
+                         u_char *key, size_t key_len,
+                         u_char *value, size_t value_len,
+                         u_char *tmp)
+{
+    ngx_log_debug4(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                   "http2 output header: %*s: %*s", key_len, key, value_len,
+                   value);
+
+    *pos++ = 64;
+    pos = ngx_http_v2_write_name(pos, key, key_len, tmp);
+    pos = ngx_http_v2_write_value(pos, value, value_len, tmp);
+
+    return pos;
+}
+
+#endif


================================================
FILE: nginx_dynamic_tls_records.patch
================================================
What we do now:
We use a static record size of 4K. This gives a good balance of latency and
throughput.

Optimize latency:
By initialy sending small (1 TCP segment) sized records, we are able to avoid
HoL blocking of the first byte. This means TTFB is sometime lower by a whole
RTT.

Optimizing throughput:
By sending increasingly larger records later in the connection, when HoL is not
a problem, we reduce the overhead of TLS record (29 bytes per record with
GCM/CHACHA-POLY).

Logic:
Start each connection with small records (1369 byte default, change with
ssl_dyn_rec_size_lo). After a given number of records (40, change with
ssl_dyn_rec_threshold) start sending larger records (4229, ssl_dyn_rec_size_hi).
Eventually after the same number of records, start sending the largest records
(ssl_buffer_size).
In case the connection idles for a given amount of time (1s,
ssl_dyn_rec_timeout), the process repeats itself (i.e. begin sending small
records again).


diff --color -uNr a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c	2025-04-16 20:01:11.000000000 +0800
+++ b/src/event/ngx_event_openssl.c	2025-04-17 02:43:15.616511714 +0800
@@ -1620,6 +1620,7 @@
 
     sc->buffer = ((flags & NGX_SSL_BUFFER) != 0);
     sc->buffer_size = ssl->buffer_size;
+    sc->dyn_rec = ssl->dyn_rec;
 
     sc->session_ctx = ssl->ctx;
 
@@ -2591,6 +2592,41 @@
 
     for ( ;; ) {
 
+        /* Dynamic record resizing:
+           We want the initial records to fit into one TCP segment
+           so we don't get TCP HoL blocking due to TCP Slow Start.
+           A connection always starts with small records, but after
+           a given amount of records sent, we make the records larger
+           to reduce header overhead.
+           After a connection has idled for a given timeout, begin
+           the process from the start. The actual parameters are
+           configurable. If dyn_rec_timeout is 0, we assume dyn_rec is off. */
+
+        if (c->ssl->dyn_rec.timeout > 0 ) {
+
+            if (ngx_current_msec - c->ssl->dyn_rec_last_write >
+                c->ssl->dyn_rec.timeout)
+            {
+                buf->end = buf->start + c->ssl->dyn_rec.size_lo;
+                c->ssl->dyn_rec_records_sent = 0;
+
+            } else {
+                if (c->ssl->dyn_rec_records_sent >
+                    c->ssl->dyn_rec.threshold * 2)
+                {
+                    buf->end = buf->start + c->ssl->buffer_size;
+
+                } else if (c->ssl->dyn_rec_records_sent >
+                           c->ssl->dyn_rec.threshold)
+                {
+                    buf->end = buf->start + c->ssl->dyn_rec.size_hi;
+
+                } else {
+                    buf->end = buf->start + c->ssl->dyn_rec.size_lo;
+                }
+            }
+        }
+
         while (in && buf->last < buf->end && send < limit) {
             if (in->buf->last_buf || in->buf->flush) {
                 flush = 1;
@@ -2730,6 +2766,9 @@
 
     if (n > 0) {
 
+        c->ssl->dyn_rec_records_sent++;
+        c->ssl->dyn_rec_last_write = ngx_current_msec;
+
         if (c->ssl->saved_read_handler) {
 
             c->read->handler = c->ssl->saved_read_handler;
diff --color -uNr a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
--- a/src/event/ngx_event_openssl.h	2025-04-16 20:01:11.000000000 +0800
+++ b/src/event/ngx_event_openssl.h	2025-04-17 02:44:10.578945187 +0800
@@ -86,6 +86,14 @@
 typedef struct ngx_ssl_ocsp_s   ngx_ssl_ocsp_t;
 
 
+typedef struct {
+    ngx_msec_t                  timeout;
+    ngx_uint_t                  threshold;
+    size_t                      size_lo;
+    size_t                      size_hi;
+} ngx_ssl_dyn_rec_t;
+
+
 struct ngx_ssl_s {
     SSL_CTX                    *ctx;
     ngx_log_t                  *log;
@@ -95,6 +103,8 @@
 
     ngx_rbtree_t                staple_rbtree;
     ngx_rbtree_node_t           staple_sentinel;
+
+    ngx_ssl_dyn_rec_t           dyn_rec;
 };
 
 
@@ -133,6 +143,10 @@
     unsigned                    early_preread:1;
     unsigned                    write_blocked:1;
     unsigned                    sni_accepted:1;
+
+    ngx_ssl_dyn_rec_t           dyn_rec;
+    ngx_msec_t                  dyn_rec_last_write;
+    ngx_uint_t                  dyn_rec_records_sent;
 };
 
 
@@ -142,7 +156,7 @@
 #define NGX_SSL_DFLT_BUILTIN_SCACHE  -5
 
 
-#define NGX_SSL_MAX_SESSION_SIZE  8192
+#define NGX_SSL_MAX_SESSION_SIZE  16384
 
 typedef struct ngx_ssl_sess_id_s  ngx_ssl_sess_id_t;
 
diff --color -uNr a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
--- a/src/http/modules/ngx_http_ssl_module.c	2025-04-16 20:01:11.000000000 +0800
+++ b/src/http/modules/ngx_http_ssl_module.c	2025-04-17 02:43:15.618511766 +0800
@@ -299,6 +299,41 @@
       offsetof(ngx_http_ssl_srv_conf_t, reject_handshake),
       NULL },
 
+    { ngx_string("ssl_dyn_rec_enable"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_flag_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_enable),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_timeout"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_msec_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_timeout),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_size_lo"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_size_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_size_lo),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_size_hi"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_size_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_size_hi),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_threshold"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_num_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_threshold),
+      NULL },
+
       ngx_null_command
 };
 
@@ -639,6 +674,11 @@
     sscf->ocsp_cache_zone = NGX_CONF_UNSET_PTR;
     sscf->stapling = NGX_CONF_UNSET;
     sscf->stapling_verify = NGX_CONF_UNSET;
+    sscf->dyn_rec_enable = NGX_CONF_UNSET;
+    sscf->dyn_rec_timeout = NGX_CONF_UNSET_MSEC;
+    sscf->dyn_rec_size_lo = NGX_CONF_UNSET_SIZE;
+    sscf->dyn_rec_size_hi = NGX_CONF_UNSET_SIZE;
+    sscf->dyn_rec_threshold = NGX_CONF_UNSET_UINT;
 
     return sscf;
 }
@@ -705,6 +745,20 @@
     ngx_conf_merge_str_value(conf->stapling_responder,
                          prev->stapling_responder, "");
 
+    ngx_conf_merge_value(conf->dyn_rec_enable, prev->dyn_rec_enable, 0);
+    ngx_conf_merge_msec_value(conf->dyn_rec_timeout, prev->dyn_rec_timeout,
+                             1000);
+    /* Default sizes for the dynamic record sizes are defined to fit maximal
+       TLS + IPv6 overhead in a single TCP segment for lo and 3 segments for hi:
+       1369 = 1500 - 40 (IP) - 20 (TCP) - 10 (Time) - 61 (Max TLS overhead) */
+    ngx_conf_merge_size_value(conf->dyn_rec_size_lo, prev->dyn_rec_size_lo,
+                             1369);
+    /* 4229 = (1500 - 40 - 20 - 10) * 3  - 61 */
+    ngx_conf_merge_size_value(conf->dyn_rec_size_hi, prev->dyn_rec_size_hi,
+                             4229);
+    ngx_conf_merge_uint_value(conf->dyn_rec_threshold, prev->dyn_rec_threshold,
+                             40);
+
     conf->ssl.log = cf->log;
 
     if (conf->certificates) {
@@ -905,6 +959,28 @@
         return NGX_CONF_ERROR;
     }
 
+    if (conf->dyn_rec_enable) {
+        conf->ssl.dyn_rec.timeout = conf->dyn_rec_timeout;
+        conf->ssl.dyn_rec.threshold = conf->dyn_rec_threshold;
+
+        if (conf->buffer_size > conf->dyn_rec_size_lo) {
+            conf->ssl.dyn_rec.size_lo = conf->dyn_rec_size_lo;
+
+        } else {
+            conf->ssl.dyn_rec.size_lo = conf->buffer_size;
+        }
+
+        if (conf->buffer_size > conf->dyn_rec_size_hi) {
+            conf->ssl.dyn_rec.size_hi = conf->dyn_rec_size_hi;
+
+        } else {
+            conf->ssl.dyn_rec.size_hi = conf->buffer_size;
+        }
+
+    } else {
+        conf->ssl.dyn_rec.timeout = 0;
+    }
+
     return NGX_CONF_OK;
 }
 
diff --color -uNr a/src/http/modules/ngx_http_ssl_module.h b/src/http/modules/ngx_http_ssl_module.h
--- a/src/http/modules/ngx_http_ssl_module.h	2025-04-16 20:01:11.000000000 +0800
+++ b/src/http/modules/ngx_http_ssl_module.h	2025-04-17 02:43:15.618511766 +0800
@@ -64,6 +64,12 @@
     ngx_flag_t                      stapling_verify;
     ngx_str_t                       stapling_file;
     ngx_str_t                       stapling_responder;
+
+    ngx_flag_t                      dyn_rec_enable;
+    ngx_msec_t                      dyn_rec_timeout;
+    size_t                          dyn_rec_size_lo;
+    size_t                          dyn_rec_size_hi;
+    ngx_uint_t                      dyn_rec_threshold;
 } ngx_http_ssl_srv_conf_t;
 


================================================
FILE: nginx_for_1.23.4.patch
================================================
Add HTTP2 HPACK Encoding Support.
Add Dynamic TLS Record Support.

Using: patch -p1 < nginx_for_1.23.4.patch

diff --color -uNr a/auto/modules b/auto/modules
--- a/auto/modules	2021-11-02 22:49:22.000000000 +0800
+++ b/auto/modules	2021-11-04 19:41:20.976743998 +0800
@@ -423,6 +423,10 @@
         . auto/module
     fi
 
+    if [ $HTTP_V2_HPACK_ENC = YES ]; then
+        have=NGX_HTTP_V2_HPACK_ENC . auto/have
+    fi
+
     if :; then
         ngx_module_name=ngx_http_static_module
         ngx_module_incs=
diff --color -uNr a/auto/options b/auto/options
--- a/auto/options	2021-11-02 22:49:22.000000000 +0800
+++ b/auto/options	2021-11-04 19:41:20.977744024 +0800
@@ -59,6 +59,7 @@
 HTTP_GZIP=YES
 HTTP_SSL=NO
 HTTP_V2=NO
+HTTP_V2_HPACK_ENC=NO
 HTTP_SSI=YES
 HTTP_REALIP=NO
 HTTP_XSLT=NO
@@ -227,6 +228,7 @@
 
         --with-http_ssl_module)          HTTP_SSL=YES               ;;
         --with-http_v2_module)           HTTP_V2=YES                ;;
+        --with-http_v2_hpack_enc)        HTTP_V2_HPACK_ENC=YES      ;;
         --with-http_realip_module)       HTTP_REALIP=YES            ;;
         --with-http_addition_module)     HTTP_ADDITION=YES          ;;
         --with-http_xslt_module)         HTTP_XSLT=YES              ;;
@@ -443,6 +445,7 @@
 
   --with-http_ssl_module             enable ngx_http_ssl_module
   --with-http_v2_module              enable ngx_http_v2_module
+  --with-http_v2_hpack_enc           enable ngx_http_v2_hpack_enc
   --with-http_realip_module          enable ngx_http_realip_module
   --with-http_addition_module        enable ngx_http_addition_module
   --with-http_xslt_module            enable ngx_http_xslt_module
diff --color -uNr a/src/core/ngx_murmurhash.c b/src/core/ngx_murmurhash.c
--- a/src/core/ngx_murmurhash.c	2021-11-02 22:49:22.000000000 +0800
+++ b/src/core/ngx_murmurhash.c	2021-11-04 19:41:20.977744024 +0800
@@ -50,3 +50,63 @@
 
     return h;
 }
+
+
+uint64_t
+ngx_murmur_hash2_64(u_char *data, size_t len, uint64_t seed)
+{
+    uint64_t  h, k;
+
+    h = seed ^ len;
+
+    while (len >= 8) {
+        k  = data[0];
+        k |= data[1] << 8;
+        k |= data[2] << 16;
+        k |= data[3] << 24;
+        k |= (uint64_t)data[4] << 32;
+        k |= (uint64_t)data[5] << 40;
+        k |= (uint64_t)data[6] << 48;
+        k |= (uint64_t)data[7] << 56;
+
+        k *= 0xc6a4a7935bd1e995ull;
+        k ^= k >> 47;
+        k *= 0xc6a4a7935bd1e995ull;
+
+        h ^= k;
+        h *= 0xc6a4a7935bd1e995ull;
+
+        data += 8;
+        len -= 8;
+    }
+
+    switch (len) {
+    case 7:
+        h ^= (uint64_t)data[6] << 48;
+        /* fall through */
+    case 6:
+        h ^= (uint64_t)data[5] << 40;
+        /* fall through */
+    case 5:
+        h ^= (uint64_t)data[4] << 32;
+        /* fall through */
+    case 4:
+        h ^= data[3] << 24;
+        /* fall through */
+    case 3:
+        h ^= data[2] << 16;
+        /* fall through */
+    case 2:
+        h ^= data[1] << 8;
+        /* fall through */
+    case 1:
+        h ^= data[0];
+        h *= 0xc6a4a7935bd1e995ull;
+    }
+
+    h ^= h >> 47;
+    h *= 0xc6a4a7935bd1e995ull;
+    h ^= h >> 47;
+
+    return h;
+}
diff --color -uNr a/src/core/ngx_murmurhash.h b/src/core/ngx_murmurhash.h
--- a/src/core/ngx_murmurhash.h	2021-11-02 22:49:22.000000000 +0800
+++ b/src/core/ngx_murmurhash.h	2021-11-04 19:41:20.977744024 +0800
@@ -15,5 +15,7 @@
 
 uint32_t ngx_murmur_hash2(u_char *data, size_t len);
 
+uint64_t ngx_murmur_hash2_64(u_char *data, size_t len, uint64_t seed);
+
 
 #endif /* _NGX_MURMURHASH_H_INCLUDED_ */
diff --color -uNr a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c	2021-11-02 22:49:22.000000000 +0800
+++ b/src/event/ngx_event_openssl.c	2021-11-04 19:41:20.979744075 +0800
@@ -1626,6 +1626,7 @@
 
     sc->buffer = ((flags & NGX_SSL_BUFFER) != 0);
     sc->buffer_size = ssl->buffer_size;
+    sc->dyn_rec = ssl->dyn_rec;
 
     sc->session_ctx = ssl->ctx;
 
@@ -2592,6 +2593,41 @@
 
     for ( ;; ) {
 
+        /* Dynamic record resizing:
+           We want the initial records to fit into one TCP segment
+           so we don't get TCP HoL blocking due to TCP Slow Start.
+           A connection always starts with small records, but after
+           a given amount of records sent, we make the records larger
+           to reduce header overhead.
+           After a connection has idled for a given timeout, begin
+           the process from the start. The actual parameters are
+           configurable. If dyn_rec_timeout is 0, we assume dyn_rec is off. */
+
+        if (c->ssl->dyn_rec.timeout > 0 ) {
+
+            if (ngx_current_msec - c->ssl->dyn_rec_last_write >
+                c->ssl->dyn_rec.timeout)
+            {
+                buf->end = buf->start + c->ssl->dyn_rec.size_lo;
+                c->ssl->dyn_rec_records_sent = 0;
+
+            } else {
+                if (c->ssl->dyn_rec_records_sent >
+                    c->ssl->dyn_rec.threshold * 2)
+                {
+                    buf->end = buf->start + c->ssl->buffer_size;
+
+                } else if (c->ssl->dyn_rec_records_sent >
+                           c->ssl->dyn_rec.threshold)
+                {
+                    buf->end = buf->start + c->ssl->dyn_rec.size_hi;
+
+                } else {
+                    buf->end = buf->start + c->ssl->dyn_rec.size_lo;
+                }
+            }
+        }
+
         while (in && buf->last < buf->end && send < limit) {
             if (in->buf->last_buf || in->buf->flush) {
                 flush = 1;
@@ -2731,6 +2767,9 @@
 
     if (n > 0) {
 
+        c->ssl->dyn_rec_records_sent++;
+        c->ssl->dyn_rec_last_write = ngx_current_msec;
+
         if (c->ssl->saved_read_handler) {
 
             c->read->handler = c->ssl->saved_read_handler;
diff --color -uNr a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
--- a/src/event/ngx_event_openssl.h	2021-11-02 22:49:22.000000000 +0800
+++ b/src/event/ngx_event_openssl.h	2021-11-04 19:41:20.979744075 +0800
@@ -78,10 +78,19 @@
 typedef struct ngx_ssl_ocsp_s  ngx_ssl_ocsp_t;
 
 
+typedef struct {
+    ngx_msec_t                  timeout;
+    ngx_uint_t                  threshold;
+    size_t                      size_lo;
+    size_t                      size_hi;
+} ngx_ssl_dyn_rec_t;
+
+
 struct ngx_ssl_s {
     SSL_CTX                    *ctx;
     ngx_log_t                  *log;
     size_t                      buffer_size;
+    ngx_ssl_dyn_rec_t           dyn_rec;
 };
 
 
@@ -119,6 +128,10 @@
     unsigned                    in_ocsp:1;
     unsigned                    early_preread:1;
     unsigned                    write_blocked:1;
+
+    ngx_ssl_dyn_rec_t           dyn_rec;
+    ngx_msec_t                  dyn_rec_last_write;
+    ngx_uint_t                  dyn_rec_records_sent;
 };
 
 
@@ -128,7 +141,7 @@
 #define NGX_SSL_DFLT_BUILTIN_SCACHE  -5
 
 
-#define NGX_SSL_MAX_SESSION_SIZE  4096
+#define NGX_SSL_MAX_SESSION_SIZE  16384
 
 typedef struct ngx_ssl_sess_id_s  ngx_ssl_sess_id_t;
 
diff --color -uNr a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
--- a/src/http/modules/ngx_http_ssl_module.c	2021-11-02 22:49:22.000000000 +0800
+++ b/src/http/modules/ngx_http_ssl_module.c	2021-11-04 19:41:20.980744101 +0800
@@ -296,6 +296,41 @@
       offsetof(ngx_http_ssl_srv_conf_t, reject_handshake),
       NULL },
 
+    { ngx_string("ssl_dyn_rec_enable"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_flag_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_enable),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_timeout"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_msec_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_timeout),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_size_lo"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_size_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_size_lo),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_size_hi"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_size_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_size_hi),
+      NULL },
+
+    { ngx_string("ssl_dyn_rec_threshold"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      ngx_conf_set_num_slot,
+      NGX_HTTP_SRV_CONF_OFFSET,
+      offsetof(ngx_http_ssl_srv_conf_t, dyn_rec_threshold),
+      NULL },
+
       ngx_null_command
 };
 
@@ -595,6 +630,11 @@
     sscf->ocsp_cache_zone = NGX_CONF_UNSET_PTR;
     sscf->stapling = NGX_CONF_UNSET;
     sscf->stapling_verify = NGX_CONF_UNSET;
+    sscf->dyn_rec_enable = NGX_CONF_UNSET;
+    sscf->dyn_rec_timeout = NGX_CONF_UNSET_MSEC;
+    sscf->dyn_rec_size_lo = NGX_CONF_UNSET_SIZE;
+    sscf->dyn_rec_size_hi = NGX_CONF_UNSET_SIZE;
+    sscf->dyn_rec_threshold = NGX_CONF_UNSET_UINT;
 
     return sscf;
 }
@@ -670,6 +710,20 @@
     ngx_conf_merge_str_value(conf->stapling_responder,
                          prev->stapling_responder, "");
 
+    ngx_conf_merge_value(conf->dyn_rec_enable, prev->dyn_rec_enable, 0);
+    ngx_conf_merge_msec_value(conf->dyn_rec_timeout, prev->dyn_rec_timeout,
+                             1000);
+    /* Default sizes for the dynamic record sizes are defined to fit maximal
+       TLS + IPv6 overhead in a single TCP segment for lo and 3 segments for hi:
+       1369 = 1500 - 40 (IP) - 20 (TCP) - 10 (Time) - 61 (Max TLS overhead) */
+    ngx_conf_merge_size_value(conf->dyn_rec_size_lo, prev->dyn_rec_size_lo,
+                             1369);
+    /* 4229 = (1500 - 40 - 20 - 10) * 3  - 61 */
+    ngx_conf_merge_size_value(conf->dyn_rec_size_hi, prev->dyn_rec_size_hi,
+                             4229);
+    ngx_conf_merge_uint_value(conf->dyn_rec_threshold, prev->dyn_rec_threshold,
+                             40);
+
     conf->ssl.log = cf->log;
 
     if (conf->enable) {
@@ -896,6 +950,28 @@
         return NGX_CONF_ERROR;
     }
 
+    if (conf->dyn_rec_enable) {
+        conf->ssl.dyn_rec.timeout = conf->dyn_rec_timeout;
+        conf->ssl.dyn_rec.threshold = conf->dyn_rec_threshold;
+
+        if (conf->buffer_size > conf->dyn_rec_size_lo) {
+            conf->ssl.dyn_rec.size_lo = conf->dyn_rec_size_lo;
+
+        } else {
+            conf->ssl.dyn_rec.size_lo = conf->buffer_size;
+        }
+
+        if (conf->buffer_size > conf->dyn_rec_size_hi) {
+            conf->ssl.dyn_rec.size_hi = conf->dyn_rec_size_hi;
+
+        } else {
+            conf->ssl.dyn_rec.size_hi = conf->buffer_size;
+        }
+
+    } else {
+        conf->ssl.dyn_rec.timeout = 0;
+    }
+
     return NGX_CONF_OK;
 }
 
diff --color -uNr a/src/http/modules/ngx_http_ssl_module.h b/src/http/modules/ngx_http_ssl_module.h
--- a/src/http/modules/ngx_http_ssl_module.h	2021-11-02 22:49:22.000000000 +0800
+++ b/src/http/modules/ngx_http_ssl_module.h	2021-11-04 19:41:20.981744126 +0800
@@ -67,6 +67,12 @@
 
     u_char                         *file;
     ngx_uint_t                      line;
+
+    ngx_flag_t                      dyn_rec_enable;
+    ngx_msec_t                      dyn_rec_timeout;
+    size_t                          dyn_rec_size_lo;
+    size_t                          dyn_rec_size_hi;
+    ngx_uint_t                      dyn_rec_threshold;
 } ngx_http_ssl_srv_conf_t;
 
 
diff --color -uNr a/src/http/v2/ngx_http_v2.c b/src/http/v2/ngx_http_v2.c
--- a/src/http/v2/ngx_http_v2.c	2021-11-02 22:49:22.000000000 +0800
+++ b/src/http/v2/ngx_http_v2.c	2021-11-04 19:41:20.982744152 +0800
@@ -274,6 +274,8 @@
 
     h2c->frame_size = NGX_HTTP_V2_DEFAULT_FRAME_SIZE;
 
+    h2c->max_hpack_table_size = NGX_HTTP_V2_DEFAULT_HPACK_TABLE_SIZE;
+
     h2scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v2_module);
 
     h2c->concurrent_pushes = h2scf->concurrent_pushes;
@@ -2283,6 +2285,14 @@
         case NGX_HTTP_V2_HEADER_TABLE_SIZE_SETTING:
 
             h2c->table_update = 1;
+
+            if (value > NGX_HTTP_V2_MAX_HPACK_TABLE_SIZE) {
+                h2c->max_hpack_table_size = NGX_HTTP_V2_MAX_HPACK_TABLE_SIZE;
+            } else {
+                h2c->max_hpack_table_size = value;
+            }
+
+            h2c->indicate_resize = 1;
             break;
 
         default:
diff --color -uNr a/src/http/v2/ngx_http_v2_encode.c b/src/http/v2/ngx_http_v2_encode.c
--- a/src/http/v2/ngx_http_v2_encode.c	2021-11-02 22:49:22.000000000 +0800
+++ b/src/http/v2/ngx_http_v2_encode.c	2021-11-04 19:41:20.983744177 +0800
@@ -10,7 +10,7 @@
 #include <ngx_http.h>
 
 
-static u_char *ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix,
+u_char *ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix,
     ngx_uint_t value);
 
 
@@ -40,7 +40,7 @@
 }
 
 
-static u_char *
+u_char *
 ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix, ngx_uint_t value)
 {
     if (value < prefix) {
diff --color -uNr a/src/http/v2/ngx_http_v2_filter_module.c b/src/http/v2/ngx_http_v2_filter_module.c
--- a/src/http/v2/ngx_http_v2_filter_module.c	2021-11-02 22:49:22.000000000 +0800
+++ b/src/http/v2/ngx_http_v2_filter_module.c	2021-11-04 19:41:20.984744203 +0800
@@ -23,10 +23,53 @@
 #define ngx_http_v2_literal_size(h)                                           \
     (ngx_http_v2_integer_octets(sizeof(h) - 1) + sizeof(h) - 1)
 
+#define ngx_http_v2_indexed(i)      (128 + (i))
+#define ngx_http_v2_inc_indexed(i)  (64 + (i))
+
+#define NGX_HTTP_V2_ENCODE_RAW            0
+#define NGX_HTTP_V2_ENCODE_HUFF           0x80
+
+#define NGX_HTTP_V2_AUTHORITY_INDEX       1
+#define NGX_HTTP_V2_METHOD_GET_INDEX      2
+#define NGX_HTTP_V2_PATH_INDEX            4
+
+#define NGX_HTTP_V2_SCHEME_HTTP_INDEX     6
+#define NGX_HTTP_V2_SCHEME_HTTPS_INDEX    7
+
+#define NGX_HTTP_V2_STATUS_INDEX          8
+#define NGX_HTTP_V2_STATUS_200_INDEX      8
+#define NGX_HTTP_V2_STATUS_204_INDEX      9
+#define NGX_HTTP_V2_STATUS_206_INDEX      10
+#define NGX_HTTP_V2_STATUS_304_INDEX      11
+#define NGX_HTTP_V2_STATUS_400_INDEX      12
+#define NGX_HTTP_V2_STATUS_404_INDEX      13
+#define NGX_HTTP_V2_STATUS_500_INDEX      14
+
+#define NGX_HTTP_V2_ACCEPT_ENCODING_INDEX 16
+#define NGX_HTTP_V2_ACCEPT_LANGUAGE_INDEX 17
+#define NGX_HTTP_V2_CONTENT_LENGTH_INDEX  28
+#define NGX_HTTP_V2_CONTENT_TYPE_INDEX    31
+#define NGX_HTTP_V2_DATE_INDEX            33
+#define NGX_HTTP_V2_LAST_MODIFIED_INDEX   44
+#define NGX_HTTP_V2_LOCATION_INDEX        46
+#define NGX_HTTP_V2_SERVER_INDEX          54
+#define NGX_HTTP_V2_USER_AGENT_INDEX      58
+#define NGX_HTTP_V2_VARY_INDEX            59
 
 #define NGX_HTTP_V2_NO_TRAILERS           (ngx_http_v2_out_frame_t *) -1
 
 
+static const struct {
+    u_char        *name;
+    u_char const   len;
+} push_header[] = {
+    { (u_char*)":authority"      , 10 },
+    { (u_char*)"accept-encoding" , 15 },
+    { (u_char*)"accept-language" , 15 },
+    { (u_char*)"user-agent"      , 10 }
+};
+
+
 typedef struct {
     ngx_str_t      name;
     u_char         index;
@@ -155,11 +198,9 @@
 #endif
 
     static size_t nginx_ver_len = ngx_http_v2_literal_size(NGINX_VER);
-    static u_char nginx_ver[ngx_http_v2_literal_size(NGINX_VER)];
 
     static size_t nginx_ver_build_len =
                                   ngx_http_v2_literal_size(NGINX_VER_BUILD);
-    static u_char nginx_ver_build[ngx_http_v2_literal_size(NGINX_VER_BUILD)];
 
     stream = r->stream;
 
@@ -435,7 +476,7 @@
     }
 
     tmp = ngx_palloc(r->pool, tmp_len);
-    pos = ngx_pnalloc(r->pool, len);
+    pos = ngx_pnalloc(r->pool, len + 15 + 1);
 
     if (pos == NULL || tmp == NULL) {
         return NGX_ERROR;
@@ -443,11 +484,16 @@
 
     start = pos;
 
-    if (h2c->table_update) {
-        ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 table size update: 0");
-        *pos++ = (1 << 5) | 0;
-        h2c->table_update = 0;
+    h2c = r->stream->connection;
+
+    if (h2c->indicate_resize) {
+        *pos = 32;
+        pos = ngx_http_v2_write_int(pos, ngx_http_v2_prefix(5),
+                                    h2c->max_hpack_table_size);
+        h2c->indicate_resize = 0;
+#if (NGX_HTTP_V2_HPACK_ENC)
+        ngx_http_v2_table_resize(h2c);
+#endif
     }
 
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
@@ -458,67 +504,28 @@
         *pos++ = status;
 
     } else {
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_STATUS_INDEX);
-        *pos++ = NGX_HTTP_V2_ENCODE_RAW | 3;
-        pos = ngx_sprintf(pos, "%03ui", r->headers_out.status);
+        ngx_sprintf(pos + 8, "%O3ui", r->headers_out.status);
+        pos = ngx_http_v2_write_header(h2c, pos, (u_char *)":status",
+                                       sizeof(":status") - 1, pos + 8, 3, tmp);
     }
 
     if (r->headers_out.server == NULL) {
-
         if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_ON) {
-            ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                           "http2 output header: \"server: %s\"",
-                           NGINX_VER);
-
-        } else if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_BUILD) {
-            ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                           "http2 output header: \"server: %s\"",
-                           NGINX_VER_BUILD);
-
-        } else {
-            ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                           "http2 output header: \"server: nginx\"");
-        }
-
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_SERVER_INDEX);
-
-        if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_ON) {
-            if (nginx_ver[0] == '\0') {
-                p = ngx_http_v2_write_value(nginx_ver, (u_char *) NGINX_VER,
-                                            sizeof(NGINX_VER) - 1, tmp);
-                nginx_ver_len = p - nginx_ver;
-            }
-
-            pos = ngx_cpymem(pos, nginx_ver, nginx_ver_len);
+            pos = ngx_http_v2_write_header_str("server", NGINX_VER);
 
         } else if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_BUILD) {
-            if (nginx_ver_build[0] == '\0') {
-                p = ngx_http_v2_write_value(nginx_ver_build,
-                                            (u_char *) NGINX_VER_BUILD,
-                                            sizeof(NGINX_VER_BUILD) - 1, tmp);
-                nginx_ver_build_len = p - nginx_ver_build;
-            }
-
-            pos = ngx_cpymem(pos, nginx_ver_build, nginx_ver_build_len);
+            pos = ngx_http_v2_write_header_str("server", NGINX_VER_BUILD);
 
         } else {
-            pos = ngx_cpymem(pos, nginx, sizeof(nginx));
+            pos = ngx_http_v2_write_header_str("server", "nginx");
         }
     }
 
     if (r->headers_out.date == NULL) {
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"date: %V\"",
-                       &ngx_cached_http_time);
-
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_DATE_INDEX);
-        pos = ngx_http_v2_write_value(pos, ngx_cached_http_time.data,
-                                      ngx_cached_http_time.len, tmp);
+        pos = ngx_http_v2_write_header_tbl("date", ngx_cached_http_time);
     }
 
     if (r->headers_out.content_type.len) {
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_CONTENT_TYPE_INDEX);
-
         if (r->headers_out.content_type_len == r->headers_out.content_type.len
             && r->headers_out.charset.len)
         {
@@ -544,64 +551,36 @@
             r->headers_out.content_type.data = p - len;
         }
 
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"content-type: %V\"",
-                       &r->headers_out.content_type);
-
-        pos = ngx_http_v2_write_value(pos, r->headers_out.content_type.data,
-                                      r->headers_out.content_type.len, tmp);
+        pos = ngx_http_v2_write_header_tbl("content-type",
+                                           r->headers_out.content_type);
     }
 
     if (r->headers_out.content_length == NULL
         && r->headers_out.content_length_n >= 0)
     {
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"content-length: %O\"",
-                       r->headers_out.content_length_n);
-
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_CONTENT_LENGTH_INDEX);
-
-        p = pos;
-        pos = ngx_sprintf(pos + 1, "%O", r->headers_out.content_length_n);
-        *p = NGX_HTTP_V2_ENCODE_RAW | (u_char) (pos - p - 1);
+        p = ngx_sprintf(pos + 15, "%O", r->headers_out.content_length_n);
+        pos = ngx_http_v2_write_header(h2c, pos, (u_char *)"content-length",
+                                       sizeof("content-length") - 1, pos + 15,
+                                       p - (pos + 15), tmp);
     }
 
     if (r->headers_out.last_modified == NULL
         && r->headers_out.last_modified_time != -1)
     {
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_LAST_MODIFIED_INDEX);
-
-        ngx_http_time(pos, r->headers_out.last_modified_time);
+        ngx_http_time(pos + 14, r->headers_out.last_modified_time);
         len = sizeof("Wed, 31 Dec 1986 18:00:00 GMT") - 1;
-
-        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"last-modified: %*s\"",
-                       len, pos);
-
-        /*
-         * Date will always be encoded using huffman in the temporary buffer,
-         * so it's safe here to use src and dst pointing to the same address.
-         */
-        pos = ngx_http_v2_write_value(pos, pos, len, tmp);
+        pos = ngx_http_v2_write_header(h2c, pos, (u_char *)"last-modified",
+                                       sizeof("last-modified") - 1, pos + 14,
+                                       len, tmp);
     }
 
     if (r->headers_out.location && r->headers_out.location->value.len) {
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"location: %V\"",
-                       &r->headers_out.location->value);
-
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_LOCATION_INDEX);
-        pos = ngx_http_v2_write_value(pos, r->headers_out.location->value.data,
-                                      r->headers_out.location->value.len, tmp);
+        pos = ngx_http_v2_write_header_tbl("location", r->headers_out.location->value);
     }
 
 #if (NGX_HTTP_GZIP)
     if (r->gzip_vary) {
-        ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 output header: \"vary: Accept-Encoding\"");
-
-        *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_VARY_INDEX);
-        pos = ngx_cpymem(pos, accept_encoding, sizeof(accept_encoding));
+        pos = ngx_http_v2_write_header_str("vary", "Accept-Encoding");
     }
 #endif
 
@@ -624,23 +603,10 @@
             continue;
         }
 
-#if (NGX_DEBUG)
-        if (fc->log->log_level & NGX_LOG_DEBUG_HTTP) {
-            ngx_strlow(tmp, header[i].key.data, header[i].key.len);
-
-            ngx_log_debug3(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                           "http2 output header: \"%*s: %V\"",
-                           header[i].key.len, tmp, &header[i].value);
-        }
-#endif
-
-        *pos++ = 0;
-
-        pos = ngx_http_v2_write_name(pos, header[i].key.data,
-                                     header[i].key.len, tmp);
+        pos = ngx_http_v2_write_header(h2c, pos, header[i].key.data,
+                                       header[i].key.len, header[i].value.data,
+                                       header[i].value.len, tmp);
 
-        pos = ngx_http_v2_write_value(pos, header[i].value.data,
-                                      header[i].value.len, tmp);
     }
 
     fin = r->header_only
@@ -998,6 +964,7 @@
 
     for (i = 0; i < NGX_HTTP_V2_PUSH_HEADERS; i++) {
         len += binary[i].len;
+        len += push_header[i].len + 1;
     }
 
     pos = ngx_pnalloc(r->pool, len);
@@ -1007,12 +974,17 @@
 
     start = pos;
 
-    if (h2c->table_update) {
-        ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
-                       "http2 table size update: 0");
-        *pos++ = (1 << 5) | 0;
-        h2c->table_update = 0;
-    }
+    h2c = r->stream->connection;
+
+    if (h2c->indicate_resize) {
+        *pos = 32;
+        pos = ngx_http_v2_write_int(pos, ngx_http_v2_prefix(5),
+                                    h2c->max_hpack_table_size);
+        h2c->indicate_resize = 0;
+#if (NGX_HTTP_V2_HPACK_ENC)
+        ngx_http_v2_table_resize(h2c);
+#endif
+     }
 
     ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
                    "http2 push header: \":method: GET\"");
@@ -1022,8 +994,7 @@
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
                    "http2 push header: \":path: %V\"", path);
 
-    *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX);
-    pos = ngx_http_v2_write_value(pos, path->data, path->len, tmp);
+    pos = ngx_http_v2_write_header_pot(":path", path);
 
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
                    "http2 push header: \":scheme: %V\"", &r->schema);
@@ -1048,11 +1019,15 @@
             continue;
         }
 
+        value = &(*h)->value;
+
         ngx_log_debug2(NGX_LOG_DEBUG_HTTP, fc->log, 0,
                        "http2 push header: \"%V: %V\"",
                        &ph[i].name, &(*h)->value);
 
-        pos = ngx_cpymem(pos, binary[i].data, binary[i].len);
+        pos = ngx_http_v2_write_header(h2c, pos,
+                  push_header[i].name, push_header[i].len, value->data, value->len,
+                  tmp);
     }
 
     frame = ngx_http_v2_create_push_frame(r, start, pos);
diff --color -uNr a/src/http/v2/ngx_http_v2.h b/src/http/v2/ngx_http_v2.h
--- a/src/http/v2/ngx_http_v2.h	2021-11-02 22:49:22.000000000 +0800
+++ b/src/http/v2/ngx_http_v2.h	2021-11-04 19:41:20.985744228 +0800
@@ -51,6 +51,14 @@
 #define NGX_HTTP_V2_MAX_WINDOW           ((1U << 31) - 1)
 #define NGX_HTTP_V2_DEFAULT_WINDOW       65535
 
+#define HPACK_ENC_HTABLE_SZ              128 /* better to keep a PoT < 64k */
+#define HPACK_ENC_HTABLE_ENTRIES         ((HPACK_ENC_HTABLE_SZ * 100) / 128)
+#define HPACK_ENC_DYNAMIC_KEY_TBL_SZ     10  /* 10 is sufficient for most */
+#define HPACK_ENC_MAX_ENTRY              512 /* longest header size to match */
+
+#define NGX_HTTP_V2_DEFAULT_HPACK_TABLE_SIZE     4096
+#define NGX_HTTP_V2_MAX_HPACK_TABLE_SIZE         16384 /* < 64k */
+
 #define NGX_HTTP_V2_DEFAULT_WEIGHT       16
 
 
@@ -114,6 +122,46 @@
 } ngx_http_v2_hpack_t;
 
 
+#if (NGX_HTTP_V2_HPACK_ENC)
+typedef struct {
+    uint64_t                         hash_val;
+    uint32_t                         index;
+    uint16_t                         pos;
+    uint16_t                         klen, vlen;
+    uint16_t                         size;
+    uint16_t                         next;
+} ngx_http_v2_hpack_enc_entry_t;
+
+
+typedef struct {
+    uint64_t                         hash_val;
+    uint32_t                         index;
+    uint16_t                         pos;
+    uint16_t                         klen;
+} ngx_http_v2_hpack_name_entry_t;
+
+
+typedef struct {
+    size_t                           size;    /* size as defined in RFC 7541 */
+    uint32_t                         top;     /* the last entry */
+    uint32_t                         pos;
+    uint16_t                         n_elems; /* number of elements */
+    uint16_t                         base;    /* index of the oldest entry */
+    uint16_t                         last;    /* index of the newest entry */
+
+    /* hash table for dynamic entries, instead using a generic hash table,
+       which would be too slow to process a significant amount of headers,
+       this table is not determenistic, and might ocasionally fail to insert
+       a value, at the cost of slightly worse compression, but significantly
+       faster performance */
+    ngx_http_v2_hpack_enc_entry_t    htable[HPACK_ENC_HTABLE_SZ];
+    ngx_http_v2_hpack_name_entry_t   heads[HPACK_ENC_DYNAMIC_KEY_TBL_SZ];
+    u_char                           storage[NGX_HTTP_V2_MAX_HPACK_TABLE_SIZE +
+                                             HPACK_ENC_MAX_ENTRY];
+} ngx_http_v2_hpack_enc_t;
+#endif
+
+
 struct ngx_http_v2_connection_s {
     ngx_connection_t                *connection;
     ngx_http_connection_t           *http_connection;
@@ -135,6 +183,8 @@
 
     size_t                           frame_size;
 
+    size_t                           max_hpack_table_size;
+
     ngx_queue_t                      waiting;
 
     ngx_http_v2_state_t              state;
@@ -164,6 +214,11 @@
     unsigned                         blocked:1;
     unsigned                         goaway:1;
     unsigned                         push_disabled:1;
+    unsigned                         indicate_resize:1;
+
+#if (NGX_HTTP_V2_HPACK_ENC)
+    ngx_http_v2_hpack_enc_t          hpack_enc;
+#endif
 };
 
 
@@ -207,6 +262,8 @@
 
     ngx_array_t                     *cookies;
 
+    size_t                           header_limit;
+
     ngx_pool_t                      *pool;
 
     unsigned                         waiting:1;
@@ -419,4 +476,35 @@
     u_char *tmp, ngx_uint_t lower);
 
 
+u_char *ngx_http_v2_string_encode(u_char *dst, u_char *src, size_t len,
+    u_char *tmp, ngx_uint_t lower);
+
+u_char *
+ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix, ngx_uint_t value);
+
+#define ngx_http_v2_write_name(dst, src, len, tmp)                            \
+    ngx_http_v2_string_encode(dst, src, len, tmp, 1)
+#define ngx_http_v2_write_value(dst, src, len, tmp)                           \
+    ngx_http_v2_string_encode(dst, src, len, tmp, 0)
+
+u_char *
+ngx_http_v2_write_header(ngx_http_v2_connection_t *h2c, u_char *pos,
+    u_char *key, size_t key_len, u_char *value, size_t value_len,
+    u_char *tmp);
+
+void
+ngx_http_v2_table_resize(ngx_http_v2_connection_t *h2c);
+
+#define ngx_http_v2_write_header_str(key, value)                        \
+    ngx_http_v2_write_header(h2c, pos, (u_char *) key, sizeof(key) - 1, \
+    (u_char *) value, sizeof(value) - 1, tmp);
+
+#define ngx_http_v2_write_header_tbl(key, val)                          \
+    ngx_http_v2_write_header(h2c, pos, (u_char *) key, sizeof(key) - 1, \
+    val.data, val.len, tmp);
+
+#define ngx_http_v2_write_header_pot(key, val)                          \
+    ngx_http_v2_write_header(h2c, pos, (u_char *) key, sizeof(key) - 1, \
+    val->data, val->len, tmp);
+
 #endif /* _NGX_HTTP_V2_H_INCLUDED_ */
diff --color -uNr a/src/http/v2/ngx_http_v2_table.c b/src/http/v2/ngx_http_v2_table.c
--- a/src/http/v2/ngx_http_v2_table.c	2021-11-02 22:49:22.000000000 +0800
+++ b/src/http/v2/ngx_http_v2_table.c	2021-11-04 19:41:20.986744254 +0800
@@ -361,3 +361,434 @@
 
     return NGX_OK;
 }
+
+
+#if (NGX_HTTP_V2_HPACK_ENC)
+
+static ngx_int_t
+hpack_get_static_index(ngx_http_v2_connection_t *h2c, u_char *val, size_t len);
+
+static ngx_int_t
+hpack_get_dynamic_index(ngx_http_v2_connection_t *h2c, uint64_t key_hash,
+                        uint8_t *key, size_t key_len);
+
+
+void
+ngx_http_v2_table_resize(ngx_http_v2_connection_t *h2c)
+{
+    ngx_http_v2_hpack_enc_entry_t  *table;
+    uint64_t                        idx;
+
+    table = h2c->hpack_enc.htable;
+
+    while (h2c->hpack_enc.size > h2c->max_hpack_table_size) {
+        idx = h2c->hpack_enc.base;
+        h2c->hpack_enc.base = table[idx].next;
+        h2c->hpack_enc.size -= table[idx].size;
+        table[idx].hash_val = 0;
+        h2c->hpack_enc.n_elems--;
+    }
+}
+
+
+/* checks if a header is in the hpack table - if so returns the table entry,
+   otherwise encodes and inserts into the table and returns 0,
+   if failed to insert into table, returns -1 */
+static ngx_int_t
+ngx_http_v2_table_encode_strings(ngx_http_v2_connection_t *h2c,
+    size_t key_len, size_t val_len, uint8_t *key, uint8_t *val,
+    ngx_int_t *header_idx)
+{
+    uint64_t  hash_val, key_hash, idx, lru;
+    int       i;
+    size_t    size = key_len + val_len + 32;
+    uint8_t  *storage = h2c->hpack_enc.storage;
+
+    ngx_http_v2_hpack_enc_entry_t   *table;
+    ngx_http_v2_hpack_name_entry_t  *name;
+
+    *header_idx = NGX_ERROR;
+    /* step 1: compute the hash value of header */
+    if (size > HPACK_ENC_MAX_ENTRY || size > h2c->max_hpack_table_size) {
+        return NGX_ERROR;
+    }
+
+    key_hash = ngx_murmur_hash2_64(key, key_len, 0x01234);
+    hash_val = ngx_murmur_hash2_64(val, val_len, key_hash);
+
+    if (hash_val == 0) {
+        return NGX_ERROR;
+    }
+
+    /* step 2: check if full header in the table */
+    idx = hash_val;
+    i = -1;
+    while (idx) {
+         /* at most 8 locations are checked, but most will be done in 1 or 2 */
+        table = &h2c->hpack_enc.htable[idx % HPACK_ENC_HTABLE_SZ];
+        if (table->hash_val == hash_val
+            && table->klen == key_len
+            && table->vlen == val_len
+            && ngx_memcmp(key, storage + table->pos, key_len) == 0
+            && ngx_memcmp(val, storage + table->pos + key_len, val_len) == 0)
+        {
+            return (h2c->hpack_enc.top - table->index) + 61;
+        }
+
+        if (table->hash_val == 0 && i == -1) {
+            i = idx % HPACK_ENC_HTABLE_SZ;
+            break;
+        }
+
+        idx >>= 8;
+    }
+
+    /* step 3: check if key is in one of the tables */
+    *header_idx = hpack_get_static_index(h2c, key, key_len);
+
+    if (i == -1) {
+        return NGX_ERROR;
+    }
+
+    if (*header_idx == NGX_ERROR) {
+        *header_idx = hpack_get_dynamic_index(h2c, key_hash, key, key_len);
+    }
+
+    /* step 4: store the new entry */
+    table =  h2c->hpack_enc.htable;
+
+    if (h2c->hpack_enc.top == 0xffffffff) {
+        /* just to be on the safe side, avoid overflow */
+        ngx_memset(&h2c->hpack_enc, 0, sizeof(ngx_http_v2_hpack_enc_t));
+    }
+
+    while ((h2c->hpack_enc.size + size > h2c->max_hpack_table_size)
+           || h2c->hpack_enc.n_elems == HPACK_ENC_HTABLE_ENTRIES) {
+        /* make space for the new entry first */
+        idx = h2c->hpack_enc.base;
+        h2c->hpack_enc.base = table[idx].next;
+        h2c->hpack_enc.size -= table[idx].size;
+        table[idx].hash_val = 0;
+        h2c->hpack_enc.n_elems--;
+    }
+
+    table[i] = (ngx_http_v2_hpack_enc_entry_t){.hash_val = hash_val,
+                                               .index = h2c->hpack_enc.top,
+                                               .pos = h2c->hpack_enc.pos,
+                                               .klen = key_len,
+                                               .vlen = val_len,
+                                               .size = size,
+                                               .next = 0};
+
+    table[h2c->hpack_enc.last].next = i;
+    if (h2c->hpack_enc.n_elems == 0) {
+        h2c->hpack_enc.base = i;
+    }
+
+    h2c->hpack_enc.last = i;
+    h2c->hpack_enc.top++;
+    h2c->hpack_enc.size += size;
+    h2c->hpack_enc.n_elems++;
+
+    /* update header name lookup */
+    if (*header_idx == NGX_ERROR ) {
+        lru = h2c->hpack_enc.top;
+
+        for (i=0; i<HPACK_ENC_DYNAMIC_KEY_TBL_SZ; i++) {
+
+            name = &h2c->hpack_enc.heads[i];
+
+            if ( name->hash_val == 0 || (name->hash_val == key_hash
+                && ngx_memcmp(storage + name->pos, key, key_len) == 0) )
+            {
+                name->hash_val = key_hash;
+                name->pos = h2c->hpack_enc.pos;
+                name->index = h2c->hpack_enc.top - 1;
+                break;
+            }
+
+            if (lru > name->index) {
+                lru = name->index;
+                idx = i;
+            }
+        }
+
+        if (i == HPACK_ENC_DYNAMIC_KEY_TBL_SZ) {
+            name = &h2c->hpack_enc.heads[idx];
+            name->hash_val = hash_val;
+            name->pos = h2c->hpack_enc.pos;
+            name->index = h2c->hpack_enc.top - 1;
+        }
+    }
+
+    ngx_memcpy(storage + h2c->hpack_enc.pos, key, key_len);
+    ngx_memcpy(storage + h2c->hpack_enc.pos + key_len, val, val_len);
+
+    h2c->hpack_enc.pos += size;
+    if (h2c->hpack_enc.pos > NGX_HTTP_V2_MAX_HPACK_TABLE_SIZE) {
+        h2c->hpack_enc.pos = 0;
+    }
+
+    return NGX_OK;
+}
+
+
+u_char *
+ngx_http_v2_write_header(ngx_http_v2_connection_t *h2c, u_char *pos,
+                         u_char *key, size_t key_len,
+                         u_char *value, size_t value_len,
+                         u_char *tmp)
+{
+    ngx_int_t idx, header_idx;
+
+    ngx_log_debug4(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                   "http2 output header: %*s: %*s", key_len, key, value_len,
+                   value);
+
+    /* attempt to find the value in the dynamic table */
+    idx = ngx_http_v2_table_encode_strings(h2c, key_len, value_len, key, value,
+                                           &header_idx);
+
+    if (idx > 0) {
+        /* positive index indicates success */
+        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                       "http2 hpack encode: Indexed Header Field: %ud", idx);
+
+        *pos = 128;
+        pos = ngx_http_v2_write_int(pos, ngx_http_v2_prefix(7), idx);
+
+    } else {
+
+        if (header_idx == NGX_ERROR) { /* if key is not present */
+
+            if (idx == NGX_ERROR) {    /* if header was not added */
+                *pos++ = 0;
+
+                ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                              "http2 hpack encode: Literal Header Field without"
+                              " Indexing — New Name");
+            } else {                   /* if header was added */
+                *pos++ = 64;
+
+                ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                              "http2 hpack encode: Literal Header Field with "
+                              "Incremental Indexing — New Name");
+            }
+
+            pos = ngx_http_v2_write_name(pos, key, key_len, tmp);
+
+        } else {                       /* if key is present */
+
+            if (idx == NGX_ERROR) {
+                *pos = 0;
+                pos = ngx_http_v2_write_int(pos, ngx_http_v2_prefix(4), header_idx);
+
+                ngx_log_debug1(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                              "http2 hpack encode: Literal Header Field without"
+                              " Indexing — Indexed Name: %ud", header_idx);
+            } else {
+                *pos = 64;
+                pos = ngx_http_v2_write_int(pos, ngx_http_v2_prefix(6), header_idx);
+
+                ngx_log_debug1(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+                              "http2 hpack encode: Literal Header Field with "
+                              "Incremental Indexing — Indexed Name: %ud", header_idx);
+            }
+        }
+
+        pos = ngx_http_v2_write_value(pos, value, value_len, tmp);
+    }
+
+    return pos;
+}
+
+
+static ngx_int_t
+hpack_get_dynamic_index(ngx_http_v2_connection_t *h2c, uint64_t key_hash,
+                        uint8_t *key, size_t key_len)
+{
+    ngx_http_v2_hpack_name_entry_t  *name;
+    int                              i;
+
+    for (i=0; i<HPACK_ENC_DYNAMIC_KEY_TBL_SZ; i++) {
+        name = &h2c->hpack_enc.heads[i];
+
+        if (name->hash_val == key_hash
+            && ngx_memcmp(h2c->hpack_enc.storage + name->pos, key, key_len) == 0)
+        {
+            if (name->index >= h2c->hpack_enc.top - h2c->hpack_enc.n_elems) {
+                return (h2c->hpack_enc.top - name->index) + 61;
+            }
+            break;
+        }
+    }
+
+    return NGX_ERROR;
+}
+
+
+/* decide if a given header is present in the static dictionary, this could be
+   done in several ways, but it seems the fastest one is "exhaustive" search */
+static ngx_int_t
+hpack_get_static_index(ngx_http_v2_connection_t *h2c, u_char *val, size_t len)
+{
+    /* the static dictionary of response only headers,
+       although response headers can be put by origin,
+       that would be rare */
+    static const struct {
+        u_char         len;
+        const u_char   val[28];
+        u_char         idx;
+    } server_headers[] = {
+        { 3, "age",                         21},//0
+        { 3, "via",                         60},
+        { 4, "date",                        33},//2
+        { 4, "etag",                        34},
+        { 4, "link",                        45},
+        { 4, "vary",                        59},
+        { 5, "allow",                       22},//6
+        { 6, "server",                      54},//7
+        { 7, "expires",                     36},//8
+        { 7, "refresh",                     52},
+        { 8, "location",                    46},//10
+        {10, "set-cookie",                  55},//11
+        {11, "retry-after",                 53},//12
+        {12, "content-type",                31},//13
+        {13, "content-range",               30},//14
+        {13, "accept-ranges",               18},
+        {13, "cache-control",