Overview

URL 69av6969.cc/
IP23.225.139.66
ASNCNSERVERS
Location United States
Report completed2022-09-29 05:51:09 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-29 2 n6579.com Sinkholed


Files

No files detected



Passive DNS (50)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (11) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:36:09 UTC 23.36.77.32
mnemonic passive DNS 69av6969.cc (1) 0 2022-08-19 23:17:47 UTC 2022-09-28 05:50:38 UTC 23.225.139.66 Unknown ranking
mnemonic passive DNS kvtggg.top (1) 0 2022-08-03 08:47:54 UTC 2022-09-28 03:01:50 UTC 104.21.11.149 Unknown ranking
mnemonic passive DNS kvtfff.top (1) 0 2022-07-19 10:01:17 UTC 2022-09-28 13:42:37 UTC 104.21.87.253 Unknown ranking
mnemonic passive DNS kvhdd.com (1) 0 2022-08-04 10:03:01 UTC 2022-09-28 16:46:48 UTC 78.46.107.74 Unknown ranking
mnemonic passive DNS vesdsp.com (1) 0 2022-07-06 03:53:54 UTC 2022-09-28 16:47:25 UTC 103.170.15.61 Unknown ranking
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-28 05:05:05 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS n6579.com (1) 0 2022-07-03 13:21:26 UTC 2022-09-26 23:41:08 UTC 45.61.212.50 Unknown ranking
mnemonic passive DNS webs21.i1c.xyz (1) 0 2022-09-13 19:37:39 UTC 2022-09-25 16:48:26 UTC 104.21.92.238 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-28 04:36:20 UTC 142.250.74.3
mnemonic passive DNS 69av.one (1) 0 2019-12-02 19:07:40 UTC 2022-09-27 07:17:14 UTC 172.67.186.131 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-29 04:10:37 UTC 34.120.237.76
mnemonic passive DNS s.ssl.qhres2.com (1) 89936 2021-10-25 22:09:20 UTC 2022-09-28 18:28:08 UTC 54.230.111.4
mnemonic passive DNS zz.bdstatic.com (1) 27702 2017-01-30 07:45:48 UTC 2022-09-28 20:38:41 UTC 58.254.150.48
mnemonic passive DNS img.x973.xyz (1) 0 2022-07-18 13:09:38 UTC 2022-09-27 14:55:43 UTC 23.225.222.2 Unknown ranking
mnemonic passive DNS img.999996.co (1) 0 2022-08-05 15:58:25 UTC 2022-09-28 17:34:16 UTC 23.225.228.58 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-29 05:03:41 UTC 34.160.144.191
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-29 04:12:37 UTC 93.184.220.29
mnemonic passive DNS ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-09-29 04:32:01 UTC 104.18.21.226
mnemonic passive DNS u0084.com (1) 0 2021-02-01 01:45:41 UTC 2022-09-27 15:34:44 UTC 20.239.186.41 Unknown ranking
mnemonic passive DNS xpj08.oss-cn-beijing.aliyuncs.com (1) 0 2022-08-08 14:33:36 UTC 2022-09-28 13:42:37 UTC 59.110.185.220 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS mc.yandex.ru (3) 2672 2017-01-29 05:34:36 UTC 2022-09-28 11:50:04 UTC 87.250.251.119
mnemonic passive DNS ocsp.crlocsp.cn (1) 175388 2020-04-10 14:39:04 UTC 2022-09-28 18:22:41 UTC 101.198.193.5
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-28 04:42:17 UTC 142.250.74.72
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-09-29 00:48:38 UTC 104.18.32.68
mnemonic passive DNS ocsp2.globalsign.com (5) 1544 2012-05-21 07:12:19 UTC 2022-09-28 04:46:12 UTC 104.18.21.226
mnemonic passive DNS s10.histats.com (3) 15211 2012-05-21 17:14:14 UTC 2022-09-28 20:57:11 UTC 46.105.201.240
mnemonic passive DNS s4.histats.com (2) 12782 2012-05-21 17:14:14 UTC 2022-09-28 20:57:11 UTC 198.27.80.143
mnemonic passive DNS sz88.oss-cn-shenzhen.aliyuncs.com (2) 0 2022-06-01 18:03:12 UTC 2022-09-28 13:42:37 UTC 120.77.166.72 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS p.qlogo.cn (2) 48578 2014-01-15 11:11:45 UTC 2022-09-29 02:20:14 UTC 43.129.255.47
mnemonic passive DNS img.x957.xyz (1) 0 2022-07-22 11:19:19 UTC 2022-09-29 02:20:14 UTC 23.225.228.34 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 18:56:49 UTC 143.204.55.115
mnemonic passive DNS ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-09-29 00:48:38 UTC 172.64.155.188
mnemonic passive DNS p3.douyinpic.com (3) 23536 2020-12-18 11:20:50 UTC 2022-09-29 02:20:15 UTC 47.246.44.229
mnemonic passive DNS jytdlz.com (3) 0 2015-11-05 16:37:27 UTC 2022-09-28 16:46:45 UTC 172.67.10.19 Unknown ranking
mnemonic passive DNS kvhmm.com (1) 0 2021-10-20 04:40:54 UTC 2022-09-28 13:42:37 UTC 78.46.107.74 Unknown ranking
mnemonic passive DNS jspassport.ssl.qhimg.com (1) 82940 2015-06-19 07:16:50 UTC 2022-09-28 18:28:07 UTC 54.230.111.66
mnemonic passive DNS ocsp2.globalsign.com (5) 1544 2012-05-21 07:12:19 UTC 2022-09-28 04:46:12 UTC 104.18.20.226
mnemonic passive DNS acoossn.top (1) 475526 2022-03-01 11:57:13 UTC 2022-09-28 07:49:07 UTC 172.67.213.234
mnemonic passive DNS sp0.baidu.com (1) 18423 2014-12-05 23:12:12 UTC 2022-09-28 20:38:42 UTC 183.232.231.173
mnemonic passive DNS e1.o.lencr.org (8) 6159 2021-08-20 07:36:30 UTC 2022-09-28 05:22:53 UTC 23.36.76.226
mnemonic passive DNS dimg04.c-ctrip.com (7) 139731 2014-05-08 16:11:10 UTC 2022-09-28 17:34:16 UTC 104.110.17.24
mnemonic passive DNS kzecc.com (1) 0 2017-01-29 04:39:36 UTC 2022-09-29 02:20:14 UTC 45.154.215.92 Unknown ranking
mnemonic passive DNS acoossw.top (1) 680187 2021-11-17 04:43:25 UTC 2022-09-28 07:49:07 UTC 104.21.56.179
mnemonic passive DNS 38qptu4.oss-cn-hangzhou.aliyuncs.com (1) 0 2022-06-05 16:26:43 UTC 2022-09-28 13:42:37 UTC 47.110.177.110 Domain (aliyuncs.com) ranked at: 1959
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 34.212.13.96
mnemonic passive DNS kvezz.com (1) 237784 2021-10-17 08:32:09 UTC 2022-09-29 02:20:14 UTC 104.143.94.110
mnemonic passive DNS kvtlll.top (1) 0 2022-08-04 10:10:55 UTC 2022-09-28 03:12:33 UTC 172.67.185.29 Unknown ranking
mnemonic passive DNS s.360.cn (1) 19814 2012-07-10 16:01:51 UTC 2022-09-28 20:05:50 UTC 101.198.2.147


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 23.225.139.66

Date UQ / IDS / BL URL IP
2022-11-19 08:43:46 +0000
0 - 0 - 3 theporn221.cc/ 23.225.139.66
2022-09-29 05:51:09 +0000
0 - 0 - 1 69av6969.cc/ 23.225.139.66

Last 5 reports on ASN: CNSERVERS

Date UQ / IDS / BL URL IP
2022-12-01 11:51:49 +0000
0 - 0 - 4 www.mdfsyy.com/news/6798/%3E 23.224.194.143
2022-12-01 09:12:35 +0000
0 - 0 - 7 www.thbxg168.com/355.html%3E 172.247.69.68
2022-12-01 02:16:36 +0000
0 - 0 - 7 adtz3.one/ 172.247.24.19
2022-11-30 20:36:39 +0000
0 - 0 - 2 172.247.48.244/server.exe 172.247.48.244
2022-11-30 16:19:39 +0000
0 - 0 - 19 23.224.6.134/2048/login.php 23.224.6.134

Last 2 reports on domain: 69av6969.cc

Date UQ / IDS / BL URL IP
2022-10-08 05:54:01 +0000
0 - 0 - 1 69av6969.cc/ 104.233.145.17
2022-09-29 05:51:09 +0000
0 - 0 - 1 69av6969.cc/ 23.225.139.66

No other reports with similar screenshot



JavaScript

Executed Scripts (30)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 109, repeated: 1) - SHA256: 405d1b31aee0ca88643371e6ae67d3f53bebb2a2ba8ebc69cf7449f788a2d04c

                                        < script src = "https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba"
id = "sozz" > < /script>
                                    

#2 JavaScript::Write (size: 88, repeated: 1) - SHA256: 1c78737754efd40c05f7c5d9cb5ea93256f0d10f0cd935eae2e4208c7f9464d6

                                        < script charset = "utf-8"
src = "https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js" > < /script>
                                    


HTTP Transactions (102)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 05:15:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qdW1b9z5v-hRWBPCKWQ8R2UGAJNyapjbGXbuxWWzvH_QKPEmyFSo8w==
Age: 2105


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4594
Expires: Thu, 29 Sep 2022 07:07:32 GMT
Date: Thu, 29 Sep 2022 05:50:58 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: 69av6969.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         23.225.139.66
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty
Date: Thu, 29 Sep 2022 05:50:58 GMT
Content-Length: 166
Connection: keep-alive
ghash: _8c2ef6d11c0
ipcountry: NO
Location: https://69av.one/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   166
Md5:    3ea1c8d079b38532a6e01a96216ba5e2
Sha1:   598d3ff91d3e252f1e13df8cf0348b270ff2da3f
Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E16E8B782B441ECB9A57C3FC3DB9884B5A3034967B846CCA67B2F53644FCABDF"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2872
Expires: Thu, 29 Sep 2022 06:38:50 GMT
Date: Thu, 29 Sep 2022 05:50:58 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: aVynqAbMTIV8dxoGqQCXF2iMXZj0cRF1NzkebgYexOvoLdINMkcxR5BYM/17YdxkPytqsvJTIGqY0LKlFQvupw==
x-amz-request-id: 0HMK36K01DFVH7J7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 05:50:28 GMT
age: 30
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "222E8031049D632E68B43140227DC1F6258D88F8FB6C277564B133842F429DE0"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=596
Expires: Thu, 29 Sep 2022 06:00:54 GMT
Date: Thu, 29 Sep 2022 05:50:58 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 05:50:58 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "222E8031049D632E68B43140227DC1F6258D88F8FB6C277564B133842F429DE0"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=596
Expires: Thu, 29 Sep 2022 06:00:54 GMT
Date: Thu, 29 Sep 2022 05:50:58 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:50:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-J1BC80FEXD HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 05:50:58 GMT
expires: Thu, 29 Sep 2022 05:50:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20189)
Size:   75442
Md5:    ce4f78e805cf2365960db3ae5dbe3234
Sha1:   15047ee3e35471f0741d092ada8cff31efb64d9d
Sha256: 7d454b8a2d2d0a956fa8d19180a52aa1ac84cddb40e3e0d758493da98eab63d9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:50:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3691D21908FD162CCAC69F8DD7F7848E8FAFABDDE3DCC168CA0B4045BE8692BE"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8645
Expires: Thu, 29 Sep 2022 08:15:03 GMT
Date: Thu, 29 Sep 2022 05:50:58 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 05:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 05:35:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AwNFA8NWfyt2G9SXXqrH728RxTl1Quu8gt1OczwCcGSSnE4NbLaOIg==
Age: 1285


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "20712A23429F87879B662A48512671BE6F0B16D7E139EBB0A6897F288FC206BC"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19745
Expires: Thu, 29 Sep 2022 11:20:03 GMT
Date: Thu, 29 Sep 2022 05:50:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4328
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 05:50:58 GMT
Last-Modified: Thu, 29 Sep 2022 04:38:50 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J28siAcz4gWJfCQigDqglQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.13.96
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7QVSGGo7gWqfMh46GaEgOYcWjIQ=

                                        
                                            GET /static/css/themes/default/assets/fonts/icons.woff2?a HTTP/1.1 
Host: jytdlz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://69av.one
Connection: keep-alive
Referer: https://jytdlz.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.10.19
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Thu, 29 Sep 2022 05:50:59 GMT
content-length: 40148
last-modified: Tue, 19 Jul 2022 15:05:16 GMT
etag: "62d6c82c-9cd4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: *
cf-cache-status: HIT
age: 188731
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 752271c5cb56b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 40148, version 1.0\012- data
Size:   40148
Md5:    0ab54153eeeca0ce03978cc463b257f7
Sha1:   6ec6d36cb2464b4e821cfabb532f310bd342601c
Sha256: 434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "F50E8884A35A19915495D16CFCBB16764AFAE4EFF5AA25C660C6CFF980005B2B"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5243
Expires: Thu, 29 Sep 2022 07:18:22 GMT
Date: Thu, 29 Sep 2022 05:50:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "F50E8884A35A19915495D16CFCBB16764AFAE4EFF5AA25C660C6CFF980005B2B"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5243
Expires: Thu, 29 Sep 2022 07:18:22 GMT
Date: Thu, 29 Sep 2022 05:50:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "26C263ED5246B7A58C15D2AEDC35B2BAB12715CD260A1FB5E2B07B196E6C9343"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14063
Expires: Thu, 29 Sep 2022 09:45:23 GMT
Date: Thu, 29 Sep 2022 05:51:00 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: 69av.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.186.131
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 29 Sep 2022 05:50:58 GMT
cf-ray: 752271be1e1db50b-OSL
access-control-allow-origin: *
age: 1341
cache-control: public, max-age=172000, stale-if-error=7200
expires: Mon, 28 Nov 2022 05:07:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cache-key: 69av:_da710b96fef:/
ghash: _da710b96fef
ipcountry: CN
t-ray: wsla4
w-cache: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBAsGZDu4Leo%2FEg2vssHjsXEwrbugnE2mmYPT%2FIhR5%2FXcvVpYXw5K5fZW9L9P6sHCIc3v8SxdZzggkoIICE%2BHcmEfsnoue4t%2F5A7%2BGf3%2B1TYx8%2F%2BhZjg7IFZig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40184)
Size:   276325
Md5:    ad9bf82c62b786aa13e0a72dcd89b2f5
Sha1:   f9c17246cd4bdad658fc13972d762af3efd6165a
Sha256: f024857d8c1086ac1201a026ded4e69ea917772723893a051dadb8dc78148aef
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A15FF03D5615AE233D663D464E1CFFF567C952CA37E7845CBFB01E4D519425D5"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14599
Expires: Thu, 29 Sep 2022 09:54:19 GMT
Date: Thu, 29 Sep 2022 05:51:00 GMT
Connection: keep-alive

                                        
                                            GET /3a51d5c56a7a748c2c25ca523628cc04.gif HTTP/1.1 
Host: kvhmm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         78.46.107.74
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 29 Sep 2022 05:51:00 GMT
content-length: 162
location: https://kvtfff.top/3a51d5c56a7a748c2c25ca523628cc04.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /e1dac3356c0e9d5f1899262d4f5d6b9c.gif HTTP/1.1 
Host: kvtggg.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://69av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.11.149
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 05:51:00 GMT
content-length: 573384
last-modified: Wed, 14 Sep 2022 07:34:15 GMT
etag: "632183f7-8bfc8"
cache-control: max-age=5356800
cf-cache-status: HIT
age: 69704
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVIHBCpnAOBwJ2fk6hM0zkRBjBxiqCmMzGVJytL5O6qcP7sFrkfDswTR20HWmWUKa53VHULU7xA3UyL3VPMIHNOgv72xJ7PR8UyzBtTa1kTWxtqmKYFUsMOfj8vu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752271ca7d46b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   573384
Md5:    b4effa2453ed234460236aa814287055
Sha1:   07e2e8f1fd0f850743ab141de1782070a6502635
Sha256: 33a79ebf1ba58097c89e691d34e1fc3ae2b1367db2addf29b1bc081e66dd2d28
                                        
                                            POST /s/gts1p5/XcsiDt_oaJc HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /11.0.1.js?d182b3f28525f2db83acfaaf6e696dba HTTP/1.1 
Host: jspassport.ssl.qhimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.66
HTTP/2 200 OK
content-type: application/x-javascript
                                        
last-modified: Wed, 28 Nov 2018 07:43:20 GMT
kcs-via: HIT from w-fc03.lato;REVALIDATED from w-sc01.lato
date: Thu, 29 Sep 2022 05:45:42 GMT
cache-control: max-age=600
expires: Thu, 29 Sep 2022 05:54:45 GMT
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HkrnWsCcnITIy-X8tjlwNaSnp839SKZJjmDQ4Qa5VCOq8WCl4RKDEQ==
age: 373
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1565
Md5:    19c197eca84f5da4588eb78c64e21dcb
Sha1:   d02cb809daf88d19e788e5aa07d87b9dfdb88c74
Sha256: 2af64ad43296c67b47a9bd1d3b8a430c54e4a3450fe88a1152ea826490a0f970
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10984
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 05:51:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "293F38DB51556E6BACE92BA8E808A7AFF338A8D96DF2DB668D72FE0F685FB9A7"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4882
Expires: Thu, 29 Sep 2022 07:12:22 GMT
Date: Thu, 29 Sep 2022 05:51:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6795
x-amzn-requestid: 20067932-e2e5-410a-8c7a-a5f623f33454
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCs6FbooAMFyHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633117ec-65749cd04e48e49a46b4c215;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:09:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: o1q8r6PSQDQyLs4xfhCSXu4q8fFi3zIoAIMlwNznvOsEtORfuVumCA==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 05:17:35 GMT
age: 2005
etag: "7057c6707c7299ac386c6b2164240eff241db294"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6795
Md5:    9f94853ffae41ec3c0e002bc152da1c4
Sha1:   7057c6707c7299ac386c6b2164240eff241db294
Sha256: 818f3ff90d7b7923b4af4e423dbb01388795490ac2097e1d58d70608b95618f4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9034
x-amzn-requestid: ccfaad8d-c270-491f-b0fa-ac56fb1ba14e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVJ_G2doAMFXqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633268a6-1599ec83051ceef5038d1296;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:06:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: G--ubYYfq5CFGAZzorD-TAgKentdIyvzSjrvqjTf_yGWDvjwX75KHg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:21 GMT
age: 5439
etag: "927d5a375d9607b23caadae148566fdff10147b1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9034
Md5:    2054ae778a3079d8233ee33045127df6
Sha1:   927d5a375d9607b23caadae148566fdff10147b1
Sha256: 6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9688
x-amzn-requestid: 68e9fd78-af17-4a8f-ad4b-6fe563ae94fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4JHF5IAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9a-603f13d3016d77fa2ca94492;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gIg0vR5I9vnA6Z7MJtTNaXn2TK8YeHWWcJEodiNJ6BEB7z7LUrcV1Q==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:45:26 GMT
age: 29134
etag: "523da6aeec4cc23897fe01b0bc8b5da254edb3a8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9688
Md5:    28799c10f9ea39af55c7003f4254cc60
Sha1:   523da6aeec4cc23897fe01b0bc8b5da254edb3a8
Sha256: 2d1640fbd1f61aee3f2be670b37eb06e20bb265f702a428fadb550a4b51d64ab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7810
x-amzn-requestid: 7f6d92e1-c7b1-4dd2-9efa-52ad324ca19d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK6pFvkoAMF_yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334beaa-362b7368566955966db78385;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TbPFEVDpMOjK26iu1UGcx56vtP7Pywq05VAylNubOIfbMgo1qGsA-w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:12:40 GMT
age: 5900
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7810
Md5:    456968f691ae9464d69a37bffe9bd7ce
Sha1:   31b8538deb0f00d5b4182739a4a2fcc1b956a998
Sha256: 5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2
                                        
                                            GET /3a51d5c56a7a748c2c25ca523628cc04.gif HTTP/1.1 
Host: kvtfff.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://69av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.87.253
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 05:51:00 GMT
content-length: 524316
last-modified: Sun, 21 Aug 2022 08:40:42 GMT
etag: "6301ef8a-8001c"
expires: Tue, 18 Oct 2022 11:26:43 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 930257
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gT8sfyDwNbfqlmWyO585dwSOtARmv3w%2Fr8Dmcp02Nv6w5A06bX2fd7n3A3y1og3sRPM%2FWvJl7MQ8a2yNtgx7cs3BcQvMArvZat44Aw2GhW8LTHbWiZpndolBqYzx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752271cbbe350afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   524316
Md5:    ab00ff5aa53f9c2ae0f048518e94911e
Sha1:   84cccff597b536d7d4bd462b369dd9bf42ea4a9a
Sha256: cb96931b2f0f9a849cb8f6ea462315c9e8f7f648a49ddf284e6ed87ef9e36edc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4093
x-amzn-requestid: 4275d743-8507-4fbe-83d1-cc0da2adef7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKoPHCMIAMF7wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be34-5ddb717430e7b38e3ee53657;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H713oiiX6wslZytV_P5NblH5vT7KZ2fv1G3DLKLrH5nw0lHOquia4w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:48 GMT
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
age: 29412
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4093
Md5:    aed4d25286420a1405c3274931194002
Sha1:   c17c7bdfa4b40f9a0634da65c610869e5c410bf1
Sha256: f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AD6D902FEC09DFAF7D3B92FA4D2F0C577CF75A7F55FA6C0B6A707B546EE0E8BF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2498
Expires: Thu, 29 Sep 2022 06:32:38 GMT
Date: Thu, 29 Sep 2022 05:51:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0881edd-e0e9-466c-b336-8ab1cddabd13.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6327
x-amzn-requestid: 88075140-b88b-42fc-8f44-931786b997ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMLAAEwqoAMFqcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334becc-5930f80c649b9f6742c9c662;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T0JQjjiYhsQ7-oi8bKzMRrFBJilGhnYVx0zccnuebmdbJjKyCm-5lw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:47:03 GMT
age: 29037
etag: "af24a2bc892fee0ddc420ecb9ae6a20c4467721a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6327
Md5:    363780f6c5cd25605ef91528dbc9dca6
Sha1:   af24a2bc892fee0ddc420ecb9ae6a20c4467721a
Sha256: 232e78b64f79f5e79a1d1f3be972e7757136b55b8d29728dc38b4d5e3a426466
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "293F38DB51556E6BACE92BA8E808A7AFF338A8D96DF2DB668D72FE0F685FB9A7"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4882
Expires: Thu, 29 Sep 2022 07:12:22 GMT
Date: Thu, 29 Sep 2022 05:51:00 GMT
Connection: keep-alive

                                        
                                            GET /ea70c0389991740415dab8787f87d0e6.gif HTTP/1.1 
Host: kvhdd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         78.46.107.74
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 29 Sep 2022 05:51:00 GMT
content-length: 162
location: https://kvtlll.top/ea70c0389991740415dab8787f87d0e6.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:00 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 20:23:14 GMT
Expires: Sun, 02 Oct 2022 20:23:13 GMT
Etag: "78554b4c63713413ecef1ddac95bb0ba06fadbb6"
Cache-Control: max-age=310932,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752271cc0f3bb4f7-OSL

                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:00 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 03 Oct 2022 05:37:36 GMT
ETag: "e5d1d74eb50195a0f70bef6c1b1936f58660ef78"
Last-Modified: Thu, 29 Sep 2022 05:37:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 752271cb4ef9b4f4-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    a4036209872c764688ad34f03bc514f6
Sha1:   e5d1d74eb50195a0f70bef6c1b1936f58660ef78
Sha256: 364b88f9a8afaa2f03a77710b602f16a5868e7690220def8a84d96a16df99b08
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:00 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 03 Oct 2022 05:37:36 GMT
ETag: "e5d1d74eb50195a0f70bef6c1b1936f58660ef78"
Last-Modified: Thu, 29 Sep 2022 05:37:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 752271cb2b161c02-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    a4036209872c764688ad34f03bc514f6
Sha1:   e5d1d74eb50195a0f70bef6c1b1936f58660ef78
Sha256: 364b88f9a8afaa2f03a77710b602f16a5868e7690220def8a84d96a16df99b08
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:00 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 15:55:49 GMT
Expires: Wed, 05 Oct 2022 15:55:48 GMT
Etag: "1bc79cbc5a98b1fdca1770b09f665df31e37265e"
Cache-Control: max-age=554087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752271cc6f83b4f7-OSL

                                        
                                            GET /images/0103b120009tgnusp7B2E_R_600_10000_Q90.jpg?proc=autoorient HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 82659
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=11438716
expires: Wed, 08 Feb 2023 15:16:16 GMT
date: Thu, 29 Sep 2022 05:51:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x360, components 3\012- data
Size:   82659
Md5:    fbcf38b19212493fcdd845ba1fbd6558
Sha1:   3d9152971a675217fbdaf5b4610bb8718e87a549
Sha256: ba451248e74e201c0b4779ff33609a16f3e486fa7f632d13f1587ee254731234
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:00 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 03 Oct 2022 01:44:41 GMT
ETag: "74d3be59521b8280b5ecc96f2bccf4230922f98a"
Last-Modified: Thu, 29 Sep 2022 01:44:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2900
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 752271cc987ab4f4-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    b8e5dacd0dd78bac6d16bed4c7fa9537
Sha1:   74d3be59521b8280b5ecc96f2bccf4230922f98a
Sha256: ad966c624e2b5e8ea17c15ff93f6e3756cda4bbd8f016c7f90d07b3fca238ae3
                                        
                                            GET /images/0106d120009xynp2h4C59.gif?proc=autoorient HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 61146
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13996347
expires: Fri, 10 Mar 2023 05:43:27 GMT
date: Thu, 29 Sep 2022 05:51:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   61146
Md5:    71d3b226da95d5a5abb3f063324964be
Sha1:   9c72ed2e2e083a71d179f3a5b1d759e898f40d58
Sha256: 565a28ff220536add488d456ca85c28c58b1bd8dc8fe0d359b31a482c6072d31
                                        
                                            GET /images/0102s120009tgnmwv2D93.gif HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 75382
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=11438683
expires: Wed, 08 Feb 2023 15:15:43 GMT
date: Thu, 29 Sep 2022 05:51:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   75382
Md5:    ce988b6533d16f843f8fe4dcf9612f26
Sha1:   b57cc466c966f24e4de357f2d88950f427fa10bd
Sha256: d6c9e43ca1b14063638c7cab44f3c9840c95abde842a568c4ddbae007a4d43b0
                                        
                                            GET /images/0100812000a0gbc4iF593.gif?proc=autoorient HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 212414
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15459127
expires: Mon, 27 Mar 2023 04:03:07 GMT
date: Thu, 29 Sep 2022 05:51:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1140 x 100\012- data
Size:   212414
Md5:    70730bae184e481644c32bb7b632f611
Sha1:   498605c96e0a4b47c79e3ce0af02e111907e77d9
Sha256: 6fd07537bbc60b12f5708a94fb208b3afe0db2e1da1b7159956cb026ee5c535b
                                        
                                            GET /images/03906120009z0w4ea794F.gif HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 335834
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=14690887
expires: Sat, 18 Mar 2023 06:39:07 GMT
date: Thu, 29 Sep 2022 05:51:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   335834
Md5:    60a94dcd919e57fcbf70dbbada8bf39a
Sha1:   0d0e1623af2a6d987fbb73dc29dac1dcf2e2402d
Sha256: fe5d029ee7e1af7ce14732f17f3f94dffe8c3268f8782d8390918a5f5425035d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:00 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 15:55:49 GMT
Expires: Wed, 05 Oct 2022 15:55:48 GMT
Etag: "1bc79cbc5a98b1fdca1770b09f665df31e37265e"
Cache-Control: max-age=554087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752271ccafe4b4ff-OSL

                                        
                                            GET /images/01025120009xlxvcj935B.gif HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 486900
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=13731548
expires: Tue, 07 Mar 2023 04:10:08 GMT
date: Thu, 29 Sep 2022 05:51:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   486900
Md5:    74d02513f3773d3b94765a1315157565
Sha1:   eccace184c4c8b0680d980d3be10d7eb0d1a2e93
Sha256: 37e407b33f89d82ed1e2e38a122150d522e16948daf9d2ba1ab40319dbb2912c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "153038FD47AB224273DA8158D2BCE03A9A356F6A472E90FC2962FFCF47585B58"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17729
Expires: Thu, 29 Sep 2022 10:46:29 GMT
Date: Thu, 29 Sep 2022 05:51:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4DD8A2069E9443EDFD3DFA9D9A159436A99E4175107F08F9C18B8270951EE4D4"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14179
Expires: Thu, 29 Sep 2022 09:47:19 GMT
Date: Thu, 29 Sep 2022 05:51:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "BF4E0E4BD6CCA5ECB70A64589F4436EE4C04DFF2E4547C05E31C570F087633BC"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Thu, 29 Sep 2022 11:50:57 GMT
Date: Thu, 29 Sep 2022 05:51:00 GMT
Connection: keep-alive

                                        
                                            GET /ff82ede81a5bf7b5ff047745ebd831ad.gif HTTP/1.1 
Host: kvezz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.143.94.110
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 29 Sep 2022 05:51:00 GMT
content-length: 162
location: https://acoossn.top/ff82ede81a5bf7b5ff047745ebd831ad.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /ea70c0389991740415dab8787f87d0e6.gif HTTP/1.1 
Host: kvtlll.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://69av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.185.29
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 05:51:00 GMT
content-length: 318932
last-modified: Thu, 04 Aug 2022 11:29:46 GMT
etag: "62ebadaa-4ddd4"
expires: Sat, 15 Oct 2022 13:38:14 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 1181566
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFftxtfhX9wxS%2FuiJp%2FTsCNMzOrJGVJwb0QZGAbr%2F0rccbfwpkQrRB4taalUjFE103uA29qxGpFEC4qHVKnzNDzOLHQb3nMGlc7KlmVsC0oseutlYapHAKmT%2B2fM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752271ce691afac4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 70\012- data
Size:   318932
Md5:    ceb91a4ba1e6fbe90c9ac68df7fa62f1
Sha1:   4553ccf75ced61a0ce431d773ea82d24ffee2d15
Sha256: a78b92684842e269822085917184067257a4a90668b2f2328fe5e9733bd56318
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "BF4E0E4BD6CCA5ECB70A64589F4436EE4C04DFF2E4547C05E31C570F087633BC"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Thu, 29 Sep 2022 11:50:57 GMT
Date: Thu, 29 Sep 2022 05:51:00 GMT
Connection: keep-alive

                                        
                                            GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1 
Host: kzecc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.154.215.92
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 29 Sep 2022 05:51:00 GMT
content-length: 162
location: https://acoossw.top/8fdce7479dd03f1ee73805e8d2e9bab8.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /ff82ede81a5bf7b5ff047745ebd831ad.gif HTTP/1.1 
Host: acoossn.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://69av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.213.234
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 05:51:00 GMT
content-length: 513789
last-modified: Mon, 02 May 2022 19:22:05 GMT
etag: "62702f5d-7d6fd"
expires: Sun, 23 Oct 2022 16:48:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 478948
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QauFLX%2BvGytI58sx9YmgEkSg%2FwhagPL1%2FKrSWPYoviTCMv5c6pfr%2F2n4gbfYeeKMG6chb%2BkE5AZ%2BqNZrQ6WN%2BCuXnasHGsTZJcmf2dHb3ZP6Tu8oqbZFD7vDR1VRiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752271cf2a931bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   513789
Md5:    cf359e5788472ae6d8dd1077b7178e46
Sha1:   b65c4ca87f886a8f875c92dd5230b882421cd0fc
Sha256: 754e73a6a2a86f8533f15bf92061610fa505787bce36a52c9e1944b44ae15364
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1190
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 05:51:01 GMT
Last-Modified: Thu, 29 Sep 2022 05:31:11 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 727

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1508
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 05:51:01 GMT
Last-Modified: Thu, 29 Sep 2022 05:25:53 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /8fdce7479dd03f1ee73805e8d2e9bab8.gif HTTP/1.1 
Host: acoossw.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://69av.one/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.56.179
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 05:51:01 GMT
content-length: 864004
last-modified: Sun, 04 Sep 2022 09:11:53 GMT
etag: "63146bd9-d2f04"
expires: Fri, 28 Oct 2022 15:09:24 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 52897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMP5ASoopseFwZ8Qhvma8zHoS2y0T0r3vgUvgfE5SnGKbqAdCIjVw8XuBipqcU%2FsRcxAJep513wV2u4%2BLu2TI1dVjWrSHdEpbPajR2c17KNWG4RpCyfBUf8RJS%2FVjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752271cfbd81b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   864004
Md5:    d2c820747a9b9b8c3abaab0775436ab7
Sha1:   99651afd10bd3874fb84d7973845482cd2c81f23
Sha256: 8aa3c7b05ba9bb5176a7155ead2a0ea562b07fb0dd7b27a9cf91c38e95ed43ed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2643
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 05:51:01 GMT
Last-Modified: Thu, 29 Sep 2022 05:06:58 GMT
Server: ECS (amb/6B80)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /obj/tos-cn-i-dy/6519457f70474f95b15fcaa5031f9e95 HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.229
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 286168
date: Fri, 09 Sep 2022 08:22:43 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 08:02:30 GMT
nw-session-id: 202209091602290102100520221955FA017rjdf02dy
nw-session-trace: 2022-09-09T16:02:30.12960851+08:00 194
x-bdcdn-cache-status: TCP_HIT
x-length: 286168
x-powered-by: ImageX
x-response-date: Fri, 09 Sep 2022 16:02:30 GMT
x-tt-logid: 202209091602290102100520221955FA01
via: n150-112-092, cache11.l2de2[0,0,206-0,H], cache14.l2de2[0,0], cache14.l2de2[1,0], cache2.se1[0,0,200-0,H], cache8.se1[2,0]
x-request-ip: fdbd:dc02:22:591::146
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-tt-trace-host: 01cbee9379081dede4563ed816372eaed9d65ca17817563127ad4f6fe589ac23b06601eadb15a1b1af2d716d8d13b0c80a69aa01f60ef19e30914639d458c8f6767e639787b85e610812a6ef7bfc5d75975ab89632f43b92a7d90a2d42815382aa
x-response-lb: image
ali-swift-global-savetime: 1662711763
age: 1718898
x-cache: HIT TCP_MEM_HIT dirn:11:8792524
x-swift-savetime: Fri, 09 Sep 2022 08:31:28 GMT
x-swift-cachetime: 31535475
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16644306610601276e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   286168
Md5:    c69f681b06f2feb34e383846219c8209
Sha1:   3a27ca24bfdcde1a59c108ffad610f61251630c9
Sha256: affedc1c62a2e5cc16f453ef22ffd25086d3523129b7dfb2ffc34ef7962cbddb
                                        
                                            GET /obj/tos-cn-i-dy/1d14cd452cb34209a4add0da0ea62e04 HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.229
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 439790
date: Fri, 09 Sep 2022 15:26:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 08:12:36 GMT
nw-session-id: 2022090916123601013817220240590C707gqrr01dy
nw-session-trace: 2022-09-09T16:12:36.905948258+08:00 301
x-bdcdn-cache-status: TCP_HIT
x-length: 439790
x-powered-by: ImageX
x-response-date: Fri, 09 Sep 2022 16:12:36 GMT
x-tt-logid: 2022090916123601013817220240590C70
via: n150-054-026, cache17.l2de2[0,0,206-0,H], cache4.l2de2[1,0], cache4.l2de2[1,0], cache3.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc02:22:591::147
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01479e89905d29cd6ba8777bf8d2c4aa79e46f230d5c626f8ca383ae850035bae84417e76eda75a450ce6393505e017b7df6dd0632bb8537e7983dc82c84ca5ded68a3df7a31946ed11c62b80d0987a359951640e2c02a9eb3b790984e57276884
x-response-lb: image
ali-swift-global-savetime: 1662737192
age: 1693469
x-cache: HIT TCP_MEM_HIT dirn:1:179412296
x-swift-savetime: Fri, 09 Sep 2022 16:02:41 GMT
x-swift-cachetime: 31533831
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16644306610991307e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   439790
Md5:    07ad6948d174b603a75e166a521bbb04
Sha1:   d08af2d0fc9693ce636e66cbb89277875d7954f4
Sha256: 40853d1d4eb09490225dfe79a563bcc574195734b42387a2a4043f854bc3ca2b
                                        
                                            GET /obj/tos-cn-i-dy/1006b7bf301c43cf90ea92d55256ca0e HTTP/1.1 
Host: p3.douyinpic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.246.44.229
HTTP/2 200 OK
content-type: image/gif
                                        
server: Tengine
content-length: 716414
date: Fri, 09 Sep 2022 15:26:32 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Fri, 09 Sep 2022 14:23:05 GMT
nw-session-id: 202209092223050101351601672103CD08n749m01dy
nw-session-trace: 2022-09-09T22:23:05.942160162+08:00 72
x-bdcdn-cache-status: TCP_HIT
x-length: 716414
x-powered-by: ImageX
x-response-date: Fri, 09 Sep 2022 22:23:05 GMT
x-tt-logid: 202209092223050101351601672103CD08
via: n150-051-207, cache10.l2de2[0,0,206-0,H], cache9.l2de2[1,0], cache9.l2de2[1,0], cache4.se1[0,0,200-0,H], cache8.se1[1,0]
x-request-ip: fdbd:dc02:19:368::227
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-tt-trace-host: 01479e89905d29cd6ba8777bf8d2c4aa79975ca1cb47b011ee7d46069ed4f7fc3abc547c8db45c8a0158e83cad8fe0ca0a3c3b03e7813f4c4c9347aae17ffda836a56fd1c2b3c392253cb9c6f778cb1db8432228ff4f6040814c7af930dc3a3b67
x-response-lb: image
ali-swift-global-savetime: 1662737192
age: 1693469
x-cache: HIT TCP_MEM_HIT dirn:4:308201146 mlen:0
x-swift-savetime: Fri, 09 Sep 2022 16:02:39 GMT
x-swift-cachetime: 31533833
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9c16644306611041314e
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   716414
Md5:    ba75613bba3b42a68c22abef0e8befee
Sha1:   4e6565415bc8cf1c377c152e75af5095c0ad50b3
Sha256: 9de11aa718d5993920e25b2d987ca7bbbd783059f4a787d8ea0ffe0f2c334f26
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:01 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 03 Oct 2022 04:49:18 GMT
ETag: "c2eb8fa77aaf124bfdb0d6086ed5c1a85bbaff98"
Last-Modified: Thu, 29 Sep 2022 04:49:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 752271d08eb51c02-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    39fe5348fa58ba95b7d50b1aa3d62922
Sha1:   c2eb8fa77aaf124bfdb0d6086ed5c1a85bbaff98
Sha256: ec88b5bb11d2ad38fc8246a8056bcfd3780c58dd34f6750d8ddb3ec371555476
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:01 GMT
Content-Length: 1459
Connection: keep-alive
Expires: Mon, 03 Oct 2022 04:49:18 GMT
ETag: "c2eb8fa77aaf124bfdb0d6086ed5c1a85bbaff98"
Last-Modified: Thu, 29 Sep 2022 04:49:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 752271d0ad1ab4f4-OSL


--- Additional Info ---
Magic:  data
Size:   1459
Md5:    39fe5348fa58ba95b7d50b1aa3d62922
Sha1:   c2eb8fa77aaf124bfdb0d6086ed5c1a85bbaff98
Sha256: ec88b5bb11d2ad38fc8246a8056bcfd3780c58dd34f6750d8ddb3ec371555476
                                        
                                            GET /ssl/ab77b6ea7f3fbf79.js HTTP/1.1 
Host: s.ssl.qhres2.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.4
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-length: 478
date: Fri, 15 Jul 2022 01:13:34 GMT
x-qstatic-hit: 1
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"67d74adaac6d2f43"
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
expires: Mon, 12 Jul 2032 01:13:34 GMT
kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lato
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OS_AUyvgMITDavfxbfGS5rIGwhjG8LCEFplMHUin6NN3YkYNELtQHQ==
age: 6583047
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (478), with no line terminators
Size:   478
Md5:    5dd27f8f2b042194c3cdabd62fd80110
Sha1:   c035036a939799d4c29b9c0f7229ae1953d03109
Sha256: 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:01 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 03 Oct 2022 01:13:33 GMT
ETag: "d482c19249f508470e7b06963c80f8f3f7da6075"
Last-Modified: Thu, 29 Sep 2022 01:13:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3153
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 752271d26d3bb4ff-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    386c26a36a79c46ce3491f9ac6e98602
Sha1:   d482c19249f508470e7b06963c80f8f3f7da6075
Sha256: d466de48b98e998440c88bfa64a98d92c7568dc7cec2d9b37adbf3b3997fa3b7
                                        
                                            GET /fe2b4a6631ac41b8b709f0135e69b958.gif HTTP/1.1 
Host: vesdsp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.170.15.61
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=86400
etag: "6309e2d9-48c87"
server: nginx
date: Wed, 28 Sep 2022 21:30:58 GMT
last-modified: Sat, 27 Aug 2022 09:24:41 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-51
content-length: 298119
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   391202
Md5:    86c57ddd202edb61117a03e426213c3d
Sha1:   5f718c2a958a4a144a6cbfc1e5e954a770461189
Sha256: 9e3bac839bb723fb4155a919753be6df8c52c8c02b2e52a4d3bcf294da4cc0a7
                                        
                                            GET /images/0103z12000a0k9uu12B28_R_600_10000_Q90.jpg?proc=autoorient HTTP/1.1 
Host: dimg04.c-ctrip.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.110.17.24
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 43800
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=15500051
expires: Mon, 27 Mar 2023 15:25:12 GMT
date: Thu, 29 Sep 2022 05:51:01 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x166, components 3\012- data
Size:   43800
Md5:    5bc3e5b89cbef89a3808ef0ece27302d
Sha1:   9ea362d893fbbe8eb488bbc3b53405953ea8adaf
Sha256: 9c1ca823136610c7e4c92d01f2917fb6e550cdf7d97f7f78013ef3488712135c
                                        
                                            GET /69av/img/cd-top-arrow.svg HTTP/1.1 
Host: jytdlz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jytdlz.com/69av/css/web.69av.css?0d22ec9f9ba3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.10.19
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Thu, 29 Sep 2022 05:50:59 GMT
last-modified: Sun, 24 Jul 2022 12:21:04 GMT
etag: W/"62dd3930-232"
cache-control: max-age=31536000
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 752271c5ab31b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   317413
Md5:    e83df36484ac78daf7c9c35c1ae8930c
Sha1:   a7d6dd6e702695ee025a60650f7c11a9bd5e16af
Sha256: 53dfa94d94268d9998050689ec73f4530f1e03dcc893ff3215b667fb47cdfd1b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:01 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 05:45:34 GMT
Expires: Mon, 03 Oct 2022 05:45:33 GMT
Etag: "53b4481bb6edb906c5cc9a768312e5a4e6b88f2e"
Cache-Control: max-age=344671,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752271cdd8dcb4f7-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AFD6DFBE471B0FA2376E6EDFF4FBF2DBE31BB0767F97AA689FD5276BB601BDC4"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10194
Expires: Thu, 29 Sep 2022 08:40:55 GMT
Date: Thu, 29 Sep 2022 05:51:01 GMT
Connection: keep-alive

                                        
                                            GET /js15_as.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         46.105.201.240
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Thu, 29 Sep 2022 05:43:19 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 4661939
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text
Size:   4725
Md5:    75f10430ff86a00dbc5597365587b44e
Sha1:   e8afae9998c375d2e2840a5c9da2e8df2e13adb0
Sha256: f316f83e7813d4099854e3557bb8446ff867e534e3f124d99c3b419935d07bb1
                                        
                                            GET /d863e5ffa8d54455b43dbb4fd95a9341.gif HTTP/1.1 
Host: u0084.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.239.186.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 29 Sep 2022 05:51:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 19 Sep 2022 08:54:50 GMT
ETag: W/"63282e5a-84801"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  GIF image data, version 89a, 900 x 90\012- data
Size:   271289
Md5:    532f878d3630e5b827abffdab76e5d72
Sha1:   86c9c439a336d0400ed1776c4c3d4f1c6dfd2c77
Sha256: a1e73904e0424e55426808dd30dad8c9aa309f9b7c3cd2480e18f1a85477b300
                                        
                                            GET /69av/css/web.69av.css?0d22ec9f9ba3d HTTP/1.1 
Host: jytdlz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.10.19
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 29 Sep 2022 05:50:59 GMT
last-modified: Thu, 29 Sep 2022 04:31:14 GMT
vary: Accept-Encoding
etag: W/"63351f92-c4307"
content-encoding: gzip
cache-control: max-age=31536000
cf-cache-status: HIT
server: cloudflare
cf-ray: 752271c14f00b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   464742
Md5:    05c657389857b40a6f842c6aa8863105
Sha1:   de67ac6404c0a19c1a4053f3a7c0b80d4e9b1fde
Sha256: 9ea87b01e9f30b51569da45588f79cf8d63f924bb3241d4a6a5527d942eb768b
                                        
                                            POST /g/collect?v=2&tid=G-J1BC80FEXD&gtm=2oe9q0&_p=1325350235&cid=2078026800.1664430659&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664430658&sct=1&seg=0&dl=https%3A%2F%2F69av.one%2F&dt=%E6%88%90%E4%BA%BA%E7%A6%8F%E5%88%A9%E8%A7%86%E9%A2%91%EF%BC%8C%E5%9C%A8%E7%BA%BF%E6%92%AD%E6%94%BE%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%20-%2069AV&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://69av.one
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://69av.one
date: Thu, 29 Sep 2022 05:51:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1664430658987&@k0&@l1&@m&@n0&@ohttps%3A%2F%2F69av.one%2F&@q0&@r0&@s100&@ten-US&@u1280&@b1:41629218&@b3:1664430659&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F69av.one%2Fanyalytics%3Fv%3D_4b53cbb4188&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         198.27.80.143
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Thu, 29 Sep 2022 05:51:02 GMT
Content-Length: 54
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   54
Md5:    c71ab62f4c678afaef67cd7fe7bc775d
Sha1:   fc5e25ae7a865e91f765cef7bd54e4285ce59d20
Sha256: 14beebdd8ba3c427002b3b09c4d9423b45e2fb152d89361f81eabf61215860fa
                                        
                                            GET /3.gif HTTP/1.1 
Host: 38qptu4.oss-cn-hangzhou.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         47.110.177.110
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Thu, 29 Sep 2022 05:51:00 GMT
Content-Length: 299398
Connection: keep-alive
x-oss-request-id: 633532446E537B353977E3B7
Accept-Ranges: bytes
ETag: "F4B7967855549E81F65598B93A43D9DB"
Last-Modified: Mon, 11 Jul 2022 06:09:21 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8810428828543929982
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: 9LeWeFVUnoH2VZi5OkPZ2w==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   299398
Md5:    f4b7967855549e81f65598b93a43d9db
Sha1:   6ab53e8a9af687c1dddad236af323080a04499cf
Sha256: 2e95dc2082af7cc833e0aef825efc261c04b69e3ec4350203854008cc4a12dc6
                                        
                                            GET /counters/cc_100.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         46.105.201.240
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Thu, 29 Sep 2022 05:50:35 GMT
etag: "1473736416"
last-modified: Thu, 16 Apr 2020 10:44:22 GMT
x-request-id: 667323806
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 7662
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (19234), with no line terminators
Size:   7662
Md5:    eb2e335634e1d042469dc377a3989ff9
Sha1:   bfd517c0fb7e6fa042d4f6bd8b62655371d567ec
Sha256: 9045a6bdc5e51706e78bb09c79ae593f9d03142090e6931ff3e17a093dac89e9
                                        
                                            GET /js960x80%20.gif HTTP/1.1 
Host: sz88.oss-cn-shenzhen.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         120.77.166.72
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Thu, 29 Sep 2022 05:51:01 GMT
Content-Length: 397200
Connection: keep-alive
x-oss-request-id: 633532452612B03537A80B7A
Accept-Ranges: bytes
ETag: "0D809E04F716B7DC1CDFC0257CEC94E1"
Last-Modified: Sun, 03 Jul 2022 04:32:59 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6647872845358323269
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: DYCeBPcWt9wc38AlfOyU4Q==
x-oss-server-time: 1


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   397200
Md5:    0d809e04f716b7dc1cdfc0257cec94e1
Sha1:   bcb9e09d31d9187c08c30f2b8ce95b770a47ae29
Sha256: 75d04a8c719342e2ed71db3bc7e07f18f5cf68c92462c3703ad1cf511b48fe5d
                                        
                                            GET /c8df37543ed94f678f16fd38e85c4f0b.gif HTTP/1.1 
Host: n6579.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.61.212.50
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: max-age=604800
ETag: "62f2251e-31f6c"
Date: Wed, 28 Sep 2022 09:34:53 GMT
Server: nginx
Last-Modified: Tue, 09 Aug 2022 09:13:02 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-20
Content-Length: 204652


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   204652
Md5:    893ce7e1e286a47f5ee410fa3ef6d6ce
Sha1:   22f23ceae5657d1fe4d00f2bb31e121aa4f803e1
Sha256: 3549f7f43225c6ad611e4d0ce1013126b16e41c6cf9a8f3d9a06f31182721477

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /vip80.gif HTTP/1.1 
Host: xpj08.oss-cn-beijing.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         59.110.185.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Thu, 29 Sep 2022 05:51:00 GMT
Content-Length: 264494
Connection: keep-alive
x-oss-request-id: 63353244CF36CB3939ADE6C0
Accept-Ranges: bytes
ETag: "672B95E7B6AB24B5606B8287DB85DBB4"
Last-Modified: Mon, 08 Aug 2022 07:28:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8762574589038276875
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: ZyuV57arJLVga4KH24XbtA==
x-oss-server-time: 3


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 80\012- data
Size:   264494
Md5:    672b95e7b6ab24b5606b8287db85dbb4
Sha1:   98f1f1b06b3cb318d7f7a1bf7add76fa0a30c112
Sha256: 4203e1ae18bb06c6e719832987e87e838d8001fd6154e56a8b79c4c0678e7b54
                                        
                                            GET /tyc960x80.gif HTTP/1.1 
Host: sz88.oss-cn-shenzhen.aliyuncs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         120.77.166.72
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: AliyunOSS
Date: Thu, 29 Sep 2022 05:51:00 GMT
Content-Length: 577277
Connection: keep-alive
x-oss-request-id: 63353244D0DEFE3437070C9F
Accept-Ranges: bytes
ETag: "4F5DB76354D22133D0F614711BB62FD4"
Last-Modified: Sun, 03 Jul 2022 04:19:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8667772596430290618
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: T123Y1TSITPQ9hRxG7Yv1A==
x-oss-server-time: 1


--- Additional Info ---
Magic:  PNG image data, 505 x 259, 8-bit/color RGBA, non-interlaced\012- data
Size:   578403
Md5:    7085a4810ed6412ecba5101e4dd25595
Sha1:   d31bf0a9c86df7b63e61f166e5a5c5677490a966
Sha256: 48ce868d74373e15a277ca5e4c3ae0e53a6722122c44589b9a21ca297af798ff
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 05:51:03 GMT
Content-Length: 939
Connection: keep-alive
Expires: Mon, 03 Oct 2022 03:38:38 GMT
ETag: "ad7a4a1794d48af4b0f3099c015641d5fe39abb5"
Last-Modified: Thu, 29 Sep 2022 03:38:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 648
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 752271dc3f65b4ff-OSL

                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 72341
date: Thu, 29 Sep 2022 05:51:03 GMT
access-control-allow-origin: *
etag: "63344141-11a95"
expires: Thu, 29 Sep 2022 06:51:03 GMT
last-modified: Wed, 28 Sep 2022 15:42:41 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Size:   72341
Md5:    7a68c8644032413981e4ba5bc0d66c4a
Sha1:   2d46ca8055e8577ae7138140e34a6e633434973c
Sha256: e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
                                        
                                            GET /so/zz.gif?url=https%3A%2F%2F69av.one%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1e8n2ob.3vfa29865/2/5:fs2pdtbt HTTP/1.1 
Host: s.360.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         101.198.2.147
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: openresty/1.15.8.2
Date: Thu, 29 Sep 2022 05:51:03 GMT
Content-Length: 0
Last-Modified: Tue, 31 May 2022 08:31:58 GMT
Connection: keep-alive
ETag: "6295d27e-0"
Accept-Ranges: bytes

                                        
                                            GET /watch/89144926?wmode=7&page-url=https%3A%2F%2F69av.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1478%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1033692212464%3Ahid%3A771757591%3Az%3A0%3Ai%3A20220929055100%3Aet%3A1664430661%3Ac%3A1%3Arn%3A18930669%3Arqn%3A1%3Au%3A1664430661117523659%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A12%2C75%2C16%2C4%2C369%2C0%2C%2C3111%2C10%2C%2C%2C%2C3598%3Ans%3A1664430655055%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664430661%3At%3A%E6%88%90%E4%BA%BA%E7%A6%8F%E5%88%A9%E8%A7%86%E9%A2%91%EF%BC%8C%E5%9C%A8%E7%BA%BF%E6%92%AD%E6%94%BE%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%20-%2069AV&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://69av.one
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 302 Found
                                        
location: /watch/89144926/1?wmode=7&page-url=https%3A%2F%2F69av.one%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1478%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1033692212464%3Ahid%3A771757591%3Az%3A0%3Ai%3A20220929055100%3Aet%3A1664430661%3Ac%3A1%3Arn%3A18930669%3Arqn%3A1%3Au%3A1664430661117523659%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A12%2C75%2C16%2C4%2C369%2C0%2C%2C3111%2C10%2C%2C%2C%2C3598%3Ans%3A1664430655055%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664430661%3At%3A%E6%88%90%E4%BA%BA%E7%A6%8F%E5%88%A9%E8%A7%86%E9%A2%91%EF%BC%8C%E5%9C%A8%E7%BA%BF%E6%92%AD%E6%94%BE%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%20-%2069AV&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 29 Sep 2022 05:51:03 GMT
access-control-allow-origin: https://69av.one
set-cookie: yandexuid=2652336041664430663; Expires=Fri, 29-Sep-2023 05:51:03 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=2652336041664430663; Expires=Fri, 29-Sep-2023 05:51:03 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=35517071664430663; Path=/; SameSite=None; Secure i=RHXaJI1aiaSZe/sDUv5Pecv4yQlL5wASEXIV0F0u3V6mjEegpTahqrzSLdTAd07317rokPyhdCfSnus0dD4bNeKk/I0=; Expires=Sun, 26-Sep-2032 05:51:02 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1695966663.yrts.1664430663#1695966663.yrtsi.1664430663; Expires=Fri, 29-Sep-2023 05:51:03 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 29-Sep-2022 05:51:03 GMT
last-modified: Thu, 29-Sep-2022 05:51:03 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

                                        
                                            GET /hy_personal/3e28f14aa051684245c4e0cfebfbd4b50a56a24a513385a602ad3f28c6b7e75d/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.129.255.47
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Thu, 29 Sep 2022 05:51:01 GMT
content-length: 688878
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 16:38:19 GMT
cache-control: max-age=2592000
x-delay: 344 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 688878
chid: 0
fid: 0
x-nws-log-uuid: 078cc309-4af8-4110-b436-6168c351a396
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   688878
Md5:    38adb06da8d7db34d62dfc1760cda2dd
Sha1:   862c5ecedd5add094b8dfb22c3087b09493a312a
Sha256: 89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
                                        
                                            GET /hy_personal/3e28f14aa05168424fa80afa512d47670c98e6ee97c11a60ad0f9c35a38b4b7f/0.png HTTP/1.1 
Host: p.qlogo.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         43.129.255.47
HTTP/2 200 OK
content-type: image/gif
                                        
server: Qnginx/1.4.4
date: Thu, 29 Sep 2022 05:51:01 GMT
content-length: 988610
vary: Accept,Origin
last-modified: Mon, 18 Jul 2022 15:22:35 GMT
cache-control: max-age=2592000
x-delay: 498 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 988610
chid: 0
fid: 0
x-nws-log-uuid: a730985a-e1e1-468a-aeda-97ac7310dca2
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 60\012- data
Size:   988610
Md5:    4145292e4c977dcbc7b371f460e08cf2
Sha1:   c8025e36c672a4240da49f73e80295b42a71b274
Sha256: 3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
                                        
                                            GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://69av.one/ HTTP/1.1 
Host: sp0.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         183.232.231.173
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Content-Length: 0
Date: Thu, 29 Sep 2022 05:51:03 GMT

                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
date: Thu, 29 Sep 2022 05:51:04 GMT
access-control-allow-origin: *
etag: "63344141-2b"
expires: Thu, 29 Sep 2022 06:51:04 GMT
accept-ranges: bytes
last-modified: Wed, 28 Sep 2022 15:42:41 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /stats/4242872.php?4242872&@f16&@g1&@h1&@i1&@j1664430660270&@k0&@l1&@m%E6%88%90%E4%BA%BA%E7%A6%8F%E5%88%A9%E8%A7%86%E9%A2%91%EF%BC%8C%E5%9C%A8%E7%BA%BF%E6%92%AD%E6%94%BE%E6%88%90%E4%BA%BA%E8%A7%86%E9%A2%91%20-%2069AV&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1280&@b1:-191793972&@b3:1664430660&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F69av.one%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         198.27.80.143
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Thu, 29 Sep 2022 05:51:04 GMT
Content-Length: 47
Connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   47
Md5:    06b05ae9614bafae9b0b09cfbeed559e
Sha1:   9b087683529b7b89a117b2d5cbb35a93e7dcbaca
Sha256: a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
                                        
                                            GET /counters/cc_601.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         46.105.201.240
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Thu, 29 Sep 2022 05:46:48 GMT
etag: "-433514832"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 870875624
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4289
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (13013), with no line terminators
Size:   4289
Md5:    8880b670a68556228d84476076882af8
Sha1:   b061690737d09c8fdb4278881c5dc3d163238dee
Sha256: 07c39031971616075a9795825d2d52d31984636b393263ab97f672f43e9d2d64
                                        
                                            POST / HTTP/1.1 
Host: ocsp.crlocsp.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         101.198.193.5
HTTP/1.1 500 Internal Server Error
Content-Type: text/html
                                        
Server: nginx/1.9.14
Date: Thu, 29 Sep 2022 05:50:48 GMT
Content-Length: 193
Connection: close

                                        
                                            GET /linksubmit/push.js HTTP/1.1 
Host: zz.bdstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         58.254.150.48
HTTP/2 200 OK
content-type: application/x-javascript
                                        
server: JSP3/2.0.14
date: Thu, 29 Sep 2022 05:51:01 GMT
last-modified: Sun, 31 Jul 2022 09:23:08 GMT
etag: "62e649fc-134"
cache-control: max-age=86400
content-encoding: br
age: 76225
accept-ranges: bytes
tracecode: 24361532380310087434092816
ohc-cache-hit: gz3un59 [2], zhuzuncache61 [1]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/631af309b62b4063cbda48fc.gif HTTP/1.1 
Host: img.x957.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.228.34
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/6519457f70474f95b15fcaa5031f9e95
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/631af564b62b4063cbda4902.gif HTTP/1.1 
Host: img.x973.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.222.2
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/1d14cd452cb34209a4add0da0ea62e04
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/tmp/xxx/az.gif?iv=d8322d751a0cb42491c581b0c46d69d HTTP/1.1 
Host: webs21.i1c.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.92.238
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 05:50:59 GMT
last-modified: Wed, 07 Sep 2022 05:30:29 GMT
vary: Accept-Encoding
etag: W/"63182c75-98d99"
expires: Sat, 29 Oct 2022 03:19:52 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 9067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiCgNpPPtW9hjR5mnqMxr7iZtQoIpnF%2BKrTVqpSCDcNy5ide2imHyuRnXbk5kiQy%2BBIItt1JMN3syvQwrmcBa86XXrEc0d2vcYMEve1DSKJKkrgRIsOzPUBBvLRoGvZ%2Bzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752271c7ccfb0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /images/6319daed178bb5a0f9388074.gif HTTP/1.1 
Host: img.999996.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://69av.one/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.225.228.58
HTTP/2 302 Found
                                        
referrer-policy: no-referrer
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/1006b7bf301c43cf90ea92d55256ca0e
cache-control: max-age=3600
X-Firefox-Spdy: h2


--- Additional Info ---