Overview

URLavideo.cc/
IP 172.67.170.30 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 02:17:33 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (32)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
js.starttui.xyz (1) 0 2022-09-29 08:41:07 UTC 2022-11-26 15:30:44 UTC 72.167.51.253 Unknown ranking
www.clarity.ms (2) 1404 2018-08-22 07:41:57 UTC 2020-02-17 10:26:03 UTC 13.107.213.53
stat.18av.link (2) 0 2022-10-17 14:33:45 UTC 2022-11-25 06:25:28 UTC 172.67.156.41 Unknown ranking
r3.o.lencr.org (9) 344 No data No data 95.101.11.115
www.googletagmanager.com (2) 75 2013-05-22 02:07:37 UTC 2022-12-05 08:37:19 UTC 172.217.21.168
region1.google-analytics.com (2) 0 2022-03-17 11:26:33 UTC 2022-12-05 04:09:35 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
static.getclicky.com (4) 11697 2012-05-22 03:28:28 UTC 2020-04-02 09:02:24 UTC 104.16.221.29
js.tuituiwm.xyz (1) 0 2022-10-08 22:20:54 UTC 2022-11-26 15:30:43 UTC 68.178.205.178 Unknown ranking
dg.mzxvib.com (1) 0 No data No data 211.97.85.131 Unknown ranking
caomeiapi.com (5) 0 2021-10-22 03:01:12 UTC 2022-11-28 12:12:20 UTC 137.175.72.61 Unknown ranking
img.bttimg.com (4) 0 No data No data 54.230.111.89 Unknown ranking
avideo.cc (2) 0 2022-09-16 05:37:43 UTC 2022-11-25 15:13:35 UTC 172.67.170.30 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
ocsp.globalsign.com (3) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.21.226
js.users.51.la (2) 53024 2012-05-30 15:10:11 UTC 2022-08-20 01:24:32 UTC 103.143.19.103
in.getclicky.com (4) 9776 2012-05-21 17:12:47 UTC 2022-12-05 19:15:11 UTC 198.145.13.11
ocsp.pki.goog (3) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
ocsp.sectigo.com (2) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
e1.o.lencr.org (9) 6159 No data No data 95.101.11.115
avideo.cc (2) 0 2022-09-16 05:37:43 UTC 2022-11-25 15:13:35 UTC 104.21.28.5 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
ocsp.sectigochina.com (1) 0 No data No data 104.18.33.217 Unknown ranking
b.clarity.ms (1) 3462 No data No data 20.75.32.255
avideo.cyou (1) 0 2022-11-05 15:51:45 UTC 2022-11-25 06:25:29 UTC 188.114.96.1 Unknown ranking
static.getclicky.com (4) 11697 2012-05-22 03:28:28 UTC 2020-04-02 09:02:24 UTC 104.16.160.16
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.38.139.17
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140
i.audlt.cc (1) 0 2022-10-19 08:48:28 UTC 2022-12-04 19:09:43 UTC 104.21.87.60 Unknown ranking
ocsp.r2m01.amazontrust.com (1) 0 2022-10-12 20:43:53 UTC 2022-12-05 07:07:40 UTC 54.230.80.227 Domain (amazontrust.com) ranked at: 581
ia.51.la (1) 59607 2017-10-31 08:01:51 UTC 2020-05-01 02:41:03 UTC 103.143.19.103

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-06 2 avideo.cyou Sinkholed
2022-12-06 2 tuituiwm.xyz Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 172.67.170.30
Date UQ / IDS / BL URL IP
2022-12-06 02:17:33 +0000 0 - 0 - 2 avideo.cc/ 172.67.170.30


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-08 10:14:27 +0000 0 - 1 - 0 cdn.discordapp.com/attachments/86816253439236 (...) 162.159.130.233
2023-02-08 10:12:15 +0000 0 - 1 - 4 george-login.buzz/sparkat/a1b2c3/e221ae1b05c1 (...) 104.21.7.103
2023-02-08 10:12:09 +0000 0 - 1 - 4 george-login.buzz/sparkat/a1b2c3/e221ae1b05c1 (...) 104.21.7.103
2023-02-08 10:03:39 +0000 0 - 2 - 0 my.nasz-baltic-pipe.one/polski_champion_j/?ce (...) 188.114.97.1
2023-02-08 09:57:10 +0000 0 - 2 - 0 r.behindprosecute.top/ 172.67.189.53


Last 1 reports on domain: avideo.cc
Date UQ / IDS / BL URL IP
2022-12-06 02:17:33 +0000 0 - 0 - 2 avideo.cc/ 172.67.170.30


No other reports with similar screenshot

JavaScript

Executed Scripts (38)

Executed Evals (0)

Executed Writes (2)
#1 JavaScript::Write (size: 73) - SHA256: 0ed7a02163ce66e896af45af9496f60ab5a9ea9fcf34b8d630d0807a1e169546
< ins style = "display:none!important"
id = "3651912026076680308-10257" > < /ins>
#2 JavaScript::Write (size: 66) - SHA256: 01266086a064c11e4e432d372f3fd81bd09e477bd2a4be35aeed1e7dcec03daa
< p style = 'padding: 80px 0; text-align: center' > �ء� qG� < /p>


HTTP Transactions (81)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: avideo.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.170.30
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 06 Dec 2022 02:17:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 03:17:21 GMT
Location: https://avideo.cc/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Prtnzh9avE1bA1WbToe9qJoIhh4pf%2FEdTcaSBidV5zZOhTvzYxY8qRl%2BviObnUyqEfwB0NUdt%2BmaqQ5sbIQDSDWXmJwM4ZzQXoor9Hm3bUZ96UwDzAM%2Ff6YVGZI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775186556814b4e8-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2704
Expires: Tue, 06 Dec 2022 03:02:25 GMT
Date: Tue, 06 Dec 2022 02:17:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2723
Cache-Control: max-age=118761
Date: Tue, 06 Dec 2022 02:17:21 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:16:42 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7208
Expires: Tue, 06 Dec 2022 04:17:29 GMT
Date: Tue, 06 Dec 2022 02:17:21 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 01:20:20 GMT
cache-control: public,max-age=3600
age: 3421
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: dcby8y/gLtIbkujkypnSsndn80KQGQhtx1SRQJAOGP3g0S07NcuGvDQAs95fk/73rz0tyNNHIug=
x-amz-request-id: 1FVGXTB2TGGK5DA6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 01:46:55 GMT
age: 1826
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 02:17:21 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "4EDEDFF21D9AEF2E21D19ED7E7D386A7B28A5A31B592FE27A43C30601695A07B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Tue, 06 Dec 2022 08:16:55 GMT
Date: Tue, 06 Dec 2022 02:17:21 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 02:11:20 GMT
cache-control: public,max-age=3600
age: 362
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2732
Cache-Control: max-age=113701
Date: Tue, 06 Dec 2022 02:17:22 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:52:23 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "4EDEDFF21D9AEF2E21D19ED7E7D386A7B28A5A31B592FE27A43C30601695A07B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Tue, 06 Dec 2022 08:16:55 GMT
Date: Tue, 06 Dec 2022 02:17:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6103
Cache-Control: max-age=153444
Date: Tue, 06 Dec 2022 02:17:22 GMT
Etag: "638e42bf-116"
Expires: Wed, 07 Dec 2022 20:54:46 GMT
Last-Modified: Mon, 05 Dec 2022 19:13:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6103
Cache-Control: max-age=153444
Date: Tue, 06 Dec 2022 02:17:22 GMT
Etag: "638e42bf-116"
Expires: Wed, 07 Dec 2022 20:54:46 GMT
Last-Modified: Mon, 05 Dec 2022 19:13:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6522
Cache-Control: max-age=153863
Date: Tue, 06 Dec 2022 02:17:22 GMT
Etag: "638e42bf-116"
Expires: Wed, 07 Dec 2022 21:01:45 GMT
Last-Modified: Mon, 05 Dec 2022 19:13:03 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /101387227.js HTTP/1.1 
Host: static.getclicky.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.160.16
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 02:17:22 GMT
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
expires: Sat, 10 Dec 2022 23:30:52 GMT
cache-control: max-age=604800
x-proxy-cache: MISS
content-encoding: gzip
last-modified: Sat, 03 Dec 2022 23:30:52 GMT
cf-cache-status: HIT
age: 87628
server: cloudflare
cf-ray: 7751865cc8f6b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5609
Md5:    b2a958ad52e0c05cd3aec57d2da976b8
Sha1:   93db1b26bd1392e8e6058a70781d96e26b9a85ea
Sha256: 8b1ceaf81ca9b0ed1229147d9f5f188e30f95370ca19369cab0003f2ad30263b
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zReUWTgaLjnJ0WX1U0LUMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.38.139.17
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NofQsl1uRaFbR3093mASqvXWF20=

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:17:23 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Dec 2022 00:57:31 GMT
ETag: "d0a9be213962a90d58da8bc397f471a91eb34ea6"
Last-Modified: Tue, 06 Dec 2022 00:57:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 30
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775186600c1cb4e8-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    9beee193aead886f82a1a99c49575ee8
Sha1:   d0a9be213962a90d58da8bc397f471a91eb34ea6
Sha256: 6cf2bacad324262dfefe1939e45d988eed14807571a8b920a09d841dd2ff3ab5
                                        
                                            GET /21442999.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Tue, 06 Dec 2022 02:17:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=35e24d63c76b9b1927; path=/ HWWAFSESTIME=1670293043457; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2311
Md5:    47a3f0a8aa70b24ddaff199473b36e8a
Sha1:   111bf924379f4af08d9cc4d2d62301be6d7c933f
Sha256: 6b71f5e7f4c2133f757c9d8b0beaa34500cb5bb4b492f9612081307bd129f87e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14584
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 02:17:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14584
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 02:17:23 GMT
Connection: keep-alive

                                        
                                            GET /101384250.js HTTP/1.1 
Host: static.getclicky.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.160.16
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 02:17:22 GMT
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
expires: Wed, 07 Dec 2022 04:07:58 GMT
cache-control: max-age=604800
x-proxy-cache: MISS
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 04:07:58 GMT
cf-cache-status: HIT
age: 87628
server: cloudflare
cf-ray: 7751865cc8f7b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5832
Md5:    e32593bd2de631bf0a71c4a29256b03b
Sha1:   28fc30e4c6de91508ab8d613105eb6e2749133f0
Sha256: e719373fd63e36def3259be798473ff4651068d60f50047b42e9dc761cc32df9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14583
Expires: Tue, 06 Dec 2022 06:20:27 GMT
Date: Tue, 06 Dec 2022 02:17:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "16C6610D3FA21DEC312B64AB89DC897137ED431BE74DD4DE4457D8A1D8838CAB"
Last-Modified: Sat, 03 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 08:17:23 GMT
Date: Tue, 06 Dec 2022 02:17:23 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5273
x-amzn-requestid: 5ab71aaf-6757-46dc-86fc-0a866958d22f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSz2EqfIAMFqng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e5-15ae9d330e005f547161b4df;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xcEI729NEfORs3fT_fHi-BkyqA1sHl0dA6fAGd9hYkJNePUlM4vKQg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:05:52 GMT
age: 15091
etag: "bde85bd98858e4b13484a9cc3263b4db7fb5d348"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5273
Md5:    49c08cd33e41826af9dd4a8a912e0ddf
Sha1:   bde85bd98858e4b13484a9cc3263b4db7fb5d348
Sha256: 43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i6QasBBRK9APW19sH0DdOipvUJA3gWj0CAMTzt7ejRCOk_V2psz-Xw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:45:47 GMT
age: 16297
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8469
Md5:    2f60a6490f38a772dcd50a1132e98e1b
Sha1:   ff254a1df087d2c157d88a6ef04e395dc49efe5e
Sha256: 653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 14055
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 14101
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11352
Md5:    7f2c354a00ab51d4a41221b6bf191c10
Sha1:   01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
Sha256: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9987
x-amzn-requestid: 3d4d7dd0-2be0-46c1-a9c0-aa3cce2e8c81
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvUHhJIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c8-63a6960043564aa762caaabe;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XaKRGgDJdys5Ufgv2QasOrlxuXHRnb8dJWc_tHiXa72QvQ-egpRDsQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:37 GMT
age: 13907
etag: "a4aae05e7a929fc7f652f56748d2a2da9c44ac45"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9987
Md5:    8055d0db573ab34924db3b60ed788bb2
Sha1:   a4aae05e7a929fc7f652f56748d2a2da9c44ac45
Sha256: f6a9555f112882d4ac284c6dc26ae0f02f6ccf8ee312615e01ebec8242bade1f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 15732
x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVIIESBIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:21 GMT
age: 14103
etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   15732
Md5:    b5e953213b7b13b8ee202406147fac52
Sha1:   67a09d8cd23ed444667b225f7fbf4bb17b9f42dd
Sha256: cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "16C6610D3FA21DEC312B64AB89DC897137ED431BE74DD4DE4457D8A1D8838CAB"
Last-Modified: Sat, 03 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Tue, 06 Dec 2022 08:17:23 GMT
Date: Tue, 06 Dec 2022 02:17:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6195D8C2909CDADC75CC8F70ED690E6FADCCC329A720E459B875F8C505D0AAD5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 08:17:24 GMT
Date: Tue, 06 Dec 2022 02:17:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "6195D8C2909CDADC75CC8F70ED690E6FADCCC329A720E459B875F8C505D0AAD5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Tue, 06 Dec 2022 08:17:24 GMT
Date: Tue, 06 Dec 2022 02:17:25 GMT
Connection: keep-alive

                                        
                                            GET /in.php?site_id=101386550&type=pageview&href=%2F&title=%E8%BF%9B%E5%85%A5%E4%B8%AD&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.13045385859223324 HTTP/1.1 
Host: in.getclicky.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         198.145.13.11
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Tue, 06 Dec 2022 02:17:24 GMT
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   22149
Md5:    90084560f986c875bdaf0efd0a033f20
Sha1:   264dfc0cc4e2391a3eff1745a2a93ea35a1416fc
Sha256: 523b7c8dfefa67fbaa8495d68351c38de9b05f5f1a37305cf007b13f92a5287c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-YJV38PGD1B HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 02:17:25 GMT
expires: Tue, 06 Dec 2022 02:17:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79005
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26337)
Size:   79005
Md5:    61c45cae4a2fd4a74beef3dee239df0c
Sha1:   7387c892318d46df3dfd708f9d1165ad6fb816de
Sha256: 0423ac7c7aa39aed65e8e31107bc547436b163c886906057df1cace19f50230f
                                        
                                            GET /gtag/js?id=G-ZSDTYDL6VN HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 02:17:25 GMT
expires: Tue, 06 Dec 2022 02:17:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76894
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22462)
Size:   76894
Md5:    47e7c4e6e8d8dacde6c1885c09e284b8
Sha1:   896fa7191c8ee9d3adaf610c5a13f81e3cf0445d
Sha256: dd7ce0787c36a42f690210b2948e8a7508ae6b962bb2d3552390313964669994
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "951A24F3EC2DF6C2B9F32175823CBE79ADE820F17BB4CA4D16DBD8B7E7BA2660"
Last-Modified: Sat, 03 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 08:17:26 GMT
Date: Tue, 06 Dec 2022 02:17:26 GMT
Connection: keep-alive

                                        
                                            GET /bc-banner/20221108-120.gif HTTP/1.1 
Host: i.audlt.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.87.60
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 06 Dec 2022 02:17:26 GMT
content-length: 486580
last-modified: Sat, 12 Nov 2022 09:05:00 GMT
etag: "636f61bc-76cb4"
expires: Mon, 26 Dec 2022 23:19:51 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 788255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EO%2FlWIaDLJSLnHp6K6%2FhNVF3UzT9%2FayqcOhZTIbKKD7Lqyb%2FL1ZhGYm3jcfDKqECtRtB059uMyTyjV9IybqfeSPvA0E7P8tL4np8dCiddUb3S9K%2BbHWm06O1JHpJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77518671ac16fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 120\012- data
Size:   486580
Md5:    025ea4d7393db904a62b04d1248d9a65
Sha1:   6333c028655b17e2860b6cd72cf7740e96ef1edb
Sha256: 88a1b2ac6f9746cbced8e0f0b3f33b379d6c88e9e6571b5ffab2305048952928
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "951A24F3EC2DF6C2B9F32175823CBE79ADE820F17BB4CA4D16DBD8B7E7BA2660"
Last-Modified: Sat, 03 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 08:17:26 GMT
Date: Tue, 06 Dec 2022 02:17:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:17:26 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 14:10:08 GMT
Expires: Sun, 11 Dec 2022 14:10:07 GMT
Etag: "17bec1840818d88374edf39c7e39c576bbf479ea"
Cache-Control: max-age=474160,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7751867298b6b4eb-OSL

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:17:26 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Dec 2022 00:57:31 GMT
ETag: "d0a9be213962a90d58da8bc397f471a91eb34ea6"
Last-Modified: Tue, 06 Dec 2022 00:57:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 33
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77518673db28b4e8-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    9beee193aead886f82a1a99c49575ee8
Sha1:   d0a9be213962a90d58da8bc397f471a91eb34ea6
Sha256: 6cf2bacad324262dfefe1939e45d988eed14807571a8b920a09d841dd2ff3ab5
                                        
                                            GET /21443001.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.143.19.103
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: CloudWAF
Date: Tue, 06 Dec 2022 02:17:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=d3f001a8447e9f7824c; path=/ HWWAFSESTIME=1670293045846; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4898)
Size:   2310
Md5:    631c9a27ddf1f6b17fc03fdccd0f86af
Sha1:   1155845da2cfc728230a9d110962506c4a4e55f3
Sha256: b7cc37486c87c3e040cc3576943b2eeaf5992d1bb2d4fe731a100c9c1dceccfc
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "16C6610D3FA21DEC312B64AB89DC897137ED431BE74DD4DE4457D8A1D8838CAB"
Last-Modified: Sat, 03 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Tue, 06 Dec 2022 08:17:23 GMT
Date: Tue, 06 Dec 2022 02:17:26 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1790
Md5:    21e8cdbb2b6331cf9fb227cadcda6754
Sha1:   c6148f705ce89363f1389f9a7fa858fd3c997dd4
Sha256: fef2172c57b48d118ac084d9bb55139574ab994af758971740c630d0bc4acbdd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:17:27 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 03:14:44 GMT
Expires: Mon, 12 Dec 2022 03:14:43 GMT
Etag: "4bf41aaf98a24ce6ec6b275069c685a6e48c6669"
Cache-Control: max-age=521235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77518679db3db4eb-OSL


--- Additional Info ---
Magic:  data
Size:   3246
Md5:    730eef96542f767d1cb3e1ce7546c295
Sha1:   fa9790dfd9e0f78657573304668e8c495149b08b
Sha256: 72cf565f73cfb52b3ea368275b2ab3f35db1409cf449a88fe61d90dfe617ae5c
                                        
                                            POST /g/collect?v=2&tid=G-YJV38PGD1B&gtm=2oebu0&_p=10517607&cid=1886417425.1670293044&ul=en-us&sr=1280x1024&_s=1&sid=1670293043&sct=1&seg=0&dl=https%3A%2F%2Favideo.cyou%2F&dr=https%3A%2F%2Favideo.cc%2F&dt=%E8%80%81%E5%8F%B8%E6%9C%BA-X%E7%AB%99-AVideo%E8%A7%86%E9%A2%91&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://avideo.cyou
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://avideo.cyou
date: Tue, 06 Dec 2022 02:17:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2267
Md5:    2400003f02b0e8ccc2d6b2e3f229edd3
Sha1:   e09beaa35073ab66fd61c94cec33713c9ecbccf6
Sha256: 343ed89b017f7ee83849666dd3d6c8a0fe6c1670540246f86d50ae83154baf16
                                        
                                            POST /g/collect?v=2&tid=G-ZSDTYDL6VN&gtm=2oebu0&_p=10517607&cid=1886417425.1670293044&ul=en-us&sr=1280x1024&_s=1&sid=1670293044&sct=1&seg=0&dl=https%3A%2F%2Favideo.cyou%2F&dr=https%3A%2F%2Favideo.cc%2F&dt=%E8%80%81%E5%8F%B8%E6%9C%BA-X%E7%AB%99-AVideo%E8%A7%86%E9%A2%91&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://avideo.cyou
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://avideo.cyou
date: Tue, 06 Dec 2022 02:17:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5493
Md5:    df9e2d05d34a7285ba7e1fb9b37db348
Sha1:   655cc98daa7d4a837f444020ec1b74dd6ebd55b8
Sha256: 927fc9baee07634a35ad236f7555becad52ba03bc4750ec71580b51d83ef5fb8
                                        
                                            GET /upload/vod/202211/2022-11-15/aa20221115138.jpg HTTP/1.1 
Host: img.bttimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.89
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 37674
Connection: keep-alive
Server: X
Date: Mon, 05 Dec 2022 11:33:40 GMT
Last-Modified: Sat, 19 Nov 2022 15:30:58 GMT
ETag: "6378f6b2-932a"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7qhdRynNihsuiP0csPqYEbAkKDh5LPuuPR9JgbOFJvBZYXXFRDeXmw==
Age: 53027
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=www.meitu.com, datetime=2022:10:15 06:25:54], baseline, precision 8, 300x450, components 3\012- data
Size:   37674
Md5:    6fd16e3345e75cc55bd54e5cadbf3a5c
Sha1:   d8500938c40dd3e34e8dc2eb75db8a396507fc41
Sha256: bd08d948762874de3606b1b6f5bd2540f593e52bb4c585375021dd3cd09ad0a2
                                        
                                            GET /in.php?site_id=101384250&type=pageview&href=%2F&title=%E8%BF%9B%E5%85%A5%E4%B8%AD&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.2334672660996594 HTTP/1.1 
Host: in.getclicky.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         198.145.13.11
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Tue, 06 Dec 2022 02:17:24 GMT
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   35672
Md5:    eb284f607d5d37810afb3cde0f8ad961
Sha1:   da36c226a16ef3d1c4ee6582df6911ff5e4d47f5
Sha256: 0560c9fb445a8a75abf3793479c37c030883ac3dfac3ca219a929a15c1ae73f9
                                        
                                            GET /101386550.js HTTP/1.1 
Host: static.getclicky.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.160.16
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 02:17:22 GMT
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
expires: Fri, 09 Dec 2022 11:38:26 GMT
cache-control: max-age=604800
x-proxy-cache: MISS
content-encoding: gzip
last-modified: Fri, 02 Dec 2022 11:38:27 GMT
cf-cache-status: HIT
age: 87628
server: cloudflare
cf-ray: 7751865cb8eeb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   46488
Md5:    c5f16428248e516ea8ac0e37ad6eec11
Sha1:   ed904d63400a5f3436464b58d778fcb667861039
Sha256: 04691e2f8d282683b34a757323c3a59160620135e1f17f7a02b16f6c6bfe46d6
                                        
                                            GET /bid?url=https%3A%2F%2Favideo.cyou%2F&frm=0&ref=https%3A%2F%2Favideo.cc%2F&ic=1&pl=0&ml=0&sid=76:105:110:117:120:32:120:56:54:95:54:52:58:50:53:48:50:50:51:49:53:54:58:49:58:49:50:56:48:46:49:48:48:50&ps=20100101&lgs=0&zo=0&ws=1280x1024&gdm=0&iw=1&cpn=16&fid=c9ac64ebd715d4f67814f8ea5ae2de84&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=10257&rid=0c3b93bab518110809c7b6340809c28d&dcc=&dcl=&gvd=&grr=&ct=unknown&diit=&dit=&cmn= HTTP/1.1 
Host: js.starttui.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         72.167.51.253
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 02:17:27 GMT
content-length: 349
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
access-control-allow-origin:
set-cookie: geo=%E6%8C%AA%E5%A8%81%2F%2F; Path=/; Max-Age=259200 oid=2126b63f-750c-11ed-86f7-52542d6d07d9; Path=/; Max-Age=31104000
cache-control: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (347)
Size:   349
Md5:    83aac008c9996db0825818884d773fac
Sha1:   0c4ab1f52481250abbe284296d85bd15ccd4647f
Sha256: 8dbfc9d9147791276fe5c30293108e60c9f3320cc119d54240f95f28d8a407a0
                                        
                                            GET /upload/vod/202211/2022-11-15/aa20221115140.jpg HTTP/1.1 
Host: img.bttimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.89
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 34134
Connection: keep-alive
Server: X
Date: Mon, 05 Dec 2022 11:37:50 GMT
Last-Modified: Sat, 19 Nov 2022 15:30:58 GMT
ETag: "6378f6b2-8556"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YOkrlMMEIJIv2Ap4aEdnB1lJgvcQARIA6N3HgY3G-GM1Vo14-UG50A==
Age: 52777
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=www.meitu.com, datetime=2022:11:12 14:25:20], baseline, precision 8, 300x450, components 3\012- data
Size:   34134
Md5:    2646c818d71ead202748da20abc126db
Sha1:   e0cc3d63c5f0bb63e0e9a69b07df83ba51ae101a
Sha256: 3ee50c106bce443d73b72ef2202f0dcc57c6aab270546443b0e852b9f39a394f
                                        
                                            GET /upload/vod/202211/2022-11-15/aa20221115139.jpg HTTP/1.1 
Host: img.bttimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.89
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 36316
Connection: keep-alive
Server: X
Date: Mon, 05 Dec 2022 11:37:48 GMT
Last-Modified: Sat, 19 Nov 2022 15:30:58 GMT
ETag: "6378f6b2-8ddc"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qMigcICst6c8f9hTTZJQqQoWhDI77NHbgqy2NAH0HWgUSbqpN68G6A==
Age: 52779
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=www.meitu.com, datetime=2022:10:15 06:43:15], baseline, precision 8, 300x450, components 3\012- data
Size:   36316
Md5:    f75c7470ef1534c80f37bded9f647772
Sha1:   936d87aa8140d4706d1a92c7b997891e21de6a16
Sha256: ccaf4e69533954651801529bbe861c34ec3d6e286a6a47f7a3a04abd59a1ea80
                                        
                                            GET /upload/vod/202211/2022-11-15/aa20221115141.jpg HTTP/1.1 
Host: img.bttimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.89
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 34710
Connection: keep-alive
Server: X
Date: Mon, 05 Dec 2022 11:37:48 GMT
Last-Modified: Sat, 19 Nov 2022 15:30:58 GMT
ETag: "6378f6b2-8796"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: p9-2MZt2PtbI5FZ2_JyrBvw1UERq6PzaOdQXwZNARGT08yyoBMjtog==
Age: 52779
Vary: Accept-Encoding, Origin


--- Additional Info ---
Magic:  data
Size:   37729
Md5:    3477febb503836e3b4fc1730b1da10b5
Sha1:   fdf768dc9731761ca036b112a61305ca72a96dec
Sha256: 54c404e877d743511ead826c5028671eac360123e18e0bd68b6989f8b187776f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigochina.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.33.217
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:17:27 GMT
Content-Length: 599
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 06:59:57 GMT
Expires: Sat, 10 Dec 2022 06:59:56 GMT
Etag: "87e161816c2bc90c50f952d9479749126def3e73"
Cache-Control: max-age=361948,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7751867b2d2cb4f7-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6B4DE89D3B0BE686C7A0C2E270F5CF493C2AE5177C3ADB6897E3F03DA0126C2A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20853
Expires: Tue, 06 Dec 2022 08:05:00 GMT
Date: Tue, 06 Dec 2022 02:17:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6B4DE89D3B0BE686C7A0C2E270F5CF493C2AE5177C3ADB6897E3F03DA0126C2A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5289
Expires: Tue, 06 Dec 2022 03:45:36 GMT
Date: Tue, 06 Dec 2022 02:17:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6B4DE89D3B0BE686C7A0C2E270F5CF493C2AE5177C3ADB6897E3F03DA0126C2A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7364
Expires: Tue, 06 Dec 2022 04:20:11 GMT
Date: Tue, 06 Dec 2022 02:17:27 GMT
Connection: keep-alive

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 02:17:27 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 09 Dec 2022 22:46:01 GMT
ETag: "ab51b64d2cb0fb278f18f87826917cf14ca345c4"
Last-Modified: Mon, 05 Dec 2022 22:46:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2216
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7751867c3dccb4e8-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    5425bacd37ff17f18723c39c17534d97
Sha1:   ab51b64d2cb0fb278f18f87826917cf14ca345c4
Sha256: 8509515e421095740d64f7db7c2a906cfbcfb3668ec089bd15249efc4d878889
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6B4DE89D3B0BE686C7A0C2E270F5CF493C2AE5177C3ADB6897E3F03DA0126C2A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19701
Expires: Tue, 06 Dec 2022 07:45:48 GMT
Date: Tue, 06 Dec 2022 02:17:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.r2m01.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.80.227
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116706
Date: Tue, 06 Dec 2022 02:17:27 GMT
Etag: "638dbfed-1d7"
Expires: Wed, 07 Dec 2022 10:42:33 GMT
Last-Modified: Mon, 05 Dec 2022 09:54:53 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jwcc_YJGhEXtsiWF5SAKqdfEpiYiauhthocluuPTPvsMhmhszpV_Cw==
Age: 2860

                                        
                                            GET /in.php?site_id=101387227&type=pageview&href=%2F&title=%E8%BF%9B%E5%85%A5%E4%B8%AD&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.2791343843919212 HTTP/1.1 
Host: in.getclicky.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         198.145.13.11
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Tue, 06 Dec 2022 02:17:24 GMT
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   33056
Md5:    125a0f748e7184719984ef2b4d0f9adf
Sha1:   9a2d3224bb5fbdc5cdb8fc21b22d1d9c22f8dd41
Sha256: bd6abd375184a9f30baf9b54c1018b4fedf71f4feece1f9eff844dd3066d6f10
                                        
                                            GET /sc/2484?n=ewqszpqg HTTP/1.1 
Host: dg.mzxvib.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         211.97.85.131
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx/1.18.0
Date: Tue, 06 Dec 2022 01:19:39 GMT
X-Powered-By: PHP/5.6.31
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Pragma: max-age=1800
Accept-Ranges: bytes
Cache-Control: max-age=1800
Age: 932
Content-Length: 10447
X-NWS-LOG-UUID: 16370395380991944277
Connection: keep-alive
X-Cache-Lookup: Cache Hit, Hit From Inner Cluster


--- Additional Info ---
Magic:  ASCII text, with very long lines (10447), with no line terminators
Size:   10447
Md5:    82581568f942dff7aceb2d9510edc70b
Sha1:   4d262b78f1118d086e43c4e18fd3ad3b390aa751
Sha256: 4e6d47ca4af7549e8e7c8e31b3d744c5b896d5542c37a9c26f16d5776af633ce
                                        
                                            GET /go1?id=21443001&rt=1670293044144&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%259B%25BD%25E4%25BA%25A7%25E6%25AC%25A7%25E7%25BE%258E%25E6%2597%25A5%25E5%2585%258D%25E8%25B4%25B9%25E7%25BA%25BF%25E4%25B8%258A%25E7%259C%258B%25E6%2588%2590%25E4%25BA%25BA%25E8%25A7%2586%25E9%25A2%2591&ing=1&ekc=&sid=1670293044144&tt=%25E8%2580%2581%25E5%258F%25B8%25E6%259C%25BA-X%25E7%25AB%2599-AVideo%25E8%25A7%2586%25E9%25A2%2591&kw=%25E5%2585%258D%25E8%25B4%25B9%252C%25E7%25BA%25BF%25E4%25B8%258A%252C%25E5%259B%25BD%25E4%25BA%25A7%252C%25E6%25AC%25A7%25E7%25BE%258E%252C%25E6%2588%2590%25E4%25BA%25BA%25E5%25BD%25B1%25E7%2589%2587%252C%25E6%2588%2590%25E4%25BA%25BA%25E8%25A7%2586%25E9%25A2%2591%252C%25E7%25BA%25BF%25E4%25B8%258A%25E7%259C%258B%252C%25E5%25A5%25B3%25E4%25BC%2598%252C%25E7%25A6%258F%25E5%2588%25A9%25E8%25A7%2586%25E9%25A2%2591&cu=https%253A%252F%252Favideo.cyou%252F&pu=https%253A%252F%252Favideo.cc%252F HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.143.19.103
HTTP/1.1 200
                                        
Server: CloudWAF
Date: Tue, 06 Dec 2022 02:17:27 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=7a7ad3d056db104b0fc; path=/ HWWAFSESTIME=1670293046752; path=/

                                        
                                            GET /upload/vod/2022-12-05/167021536410.jpg HTTP/1.1 
Host: caomeiapi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         137.175.72.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Tue, 06 Dec 2022 02:17:33 GMT
Content-Length: 131044
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 04:42:45 GMT
Accept-Ranges: bytes
ETag: "d7fd04648d91:0"


--- Additional Info ---
Magic:  data
Size:   133113
Md5:    e9ab6c49a7cb5d31312ebf2b7eab1043
Sha1:   5b5c2be69fa9a70def260bff66e3ee963efbcbd1
Sha256: cffa3f7187057957264f3a2db5732f613dedc7f6ab66b25f6c0690988d7c3c43
                                        
                                            GET /upload/vod/2022-12-05/16702153543.jpg HTTP/1.1 
Host: caomeiapi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         137.175.72.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Tue, 06 Dec 2022 02:17:33 GMT
Content-Length: 115028
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 04:42:35 GMT
Accept-Ranges: bytes
ETag: "83ebfdfe638d91:0"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, software=www.meitu.com, datetime=2022:09:04 13:42:19], baseline, precision 8, 600x336, components 3\012- data
Size:   115028
Md5:    471e6c414c8e097b830e901b6b1952ea
Sha1:   376ca02af1f7784e1a7a09699fb8eae55585f518
Sha256: c209732764680c2767a1f1034b582018675698fe310c13d92e7c4ed889ba5e96
                                        
                                            GET /upload/vod/2022-12-05/167021536914.jpg HTTP/1.1 
Host: caomeiapi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         137.175.72.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Tue, 06 Dec 2022 02:17:33 GMT
Content-Length: 100108
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 04:42:50 GMT
Accept-Ranges: bytes
ETag: "8d3d48648d91:0"


--- Additional Info ---
Magic:  data
Size:   100484
Md5:    f0bd2e247293217b19514d1268239d7c
Sha1:   45404ec6e4ecefe2a13c91eebc99b76a7b1f4169
Sha256: 63ce9ef7f5e4066c55cc92cc49ba6ccf0af415ec8009e9241ab254fe8055bf5b
                                        
                                            GET /upload/vod/2022-12-05/167021536612.jpg HTTP/1.1 
Host: caomeiapi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         137.175.72.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Tue, 06 Dec 2022 02:17:33 GMT
Content-Length: 122457
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 04:42:48 GMT
Accept-Ranges: bytes
ETag: "d44d716648d91:0"


--- Additional Info ---
Magic:  data
Size:   130226
Md5:    5e1b054cb6b57c397d384e76ab9913da
Sha1:   053c5c8daa767fd0db19e93c60473dbacb1d59e1
Sha256: ca2040ed58ba991a6ffa92a0c1a4010362226dfdfd323ff72c1f05f2a09be13f
                                        
                                            GET /upload/vod/2022-12-05/16702153565.jpg HTTP/1.1 
Host: caomeiapi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         137.175.72.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Date: Tue, 06 Dec 2022 02:17:33 GMT
Content-Length: 154334
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 04:42:38 GMT
Accept-Ranges: bytes
ETag: "cfb0a80648d91:0"


--- Additional Info ---
Magic:  data
Size:   164458
Md5:    31f503b0e3f48eb4a216c7f25e5b35fc
Sha1:   a5201afaf4af4c4e561fd9f66a6916fc78ed528a
Sha256: 2109540935faf83a4d6af0104f0560bdaf0ccfdd0fbbe22cb19fb552a590b82e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6109
Cache-Control: max-age=153444
Date: Tue, 06 Dec 2022 02:17:28 GMT
Etag: "638e42bf-116"
Expires: Wed, 07 Dec 2022 20:54:52 GMT
Last-Modified: Mon, 05 Dec 2022 19:13:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /eus2/s/0.6.43/clarity.js HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         13.107.213.53
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
cache-control: public,max-age=86400
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 06x+OYwAAAAAwT6LeiIEhRbO2vCXeRfjQQU1TMDRFREdFMTgxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0OaaOYwAAAAA37ynnkCXHRrR01KhNoA1XU1ZHMjBFREdFMDUxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 06 Dec 2022 02:17:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (55029)
Size:   18490
Md5:    6d59b47d9560d98259e9f35dce3d09e1
Sha1:   15cb16b12236a8f03d24a6710c024cfd96fc88f5
Sha256: ab85cb42892169204b435caa21790dbbb9f58961722c33e341163dd1fa8dce4c
                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 57992
Origin: https://avideo.cyou
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         20.75.32.255
HTTP/2 204 No Content
                                        
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://avideo.cyou
access-control-allow-credentials: true
date: Tue, 06 Dec 2022 02:17:29 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /in.php?site_id=101386550&type=pageview&href=%2F&title=%E8%80%81%E5%8F%B8%E6%9C%BA-X%E7%AB%99-AVideo%E8%A7%86%E9%A2%91&ref=https%3A%2F%2Favideo.cc%2F&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.4591485037137163 HTTP/1.1 
Host: in.getclicky.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         198.145.13.11
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
server: nginx
date: Tue, 06 Dec 2022 02:17:29 GMT
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /matomo.js HTTP/1.1 
Host: stat.18av.link
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.156.41
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Dec 2022 02:17:24 GMT
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=65842
etag: W/"635a7dce-10132"
expires: Tue, 06 Dec 2022 10:47:44 GMT
last-modified: Thu, 27 Oct 2022 12:47:10 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 12580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdHUdh3g75RnYXz5j4OcKkCAJ%2Fgs6yNqKpHr7pPq%2FbrvawQu7Y8el8vnEVKJgZVR7H6m53zne7948N4PgzTJ0ueGc4JHniytAGRqLuF04Zbpyuzs4eABrF8lIZZrJKzpBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775186651f270b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tag/dzbm1lavk3 HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.213.53
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=2cce3649786e42218b4a065c9f2b415a.20221206.20231206; expires=Wed, 06 Dec 2023 02:17:28 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
x-cache: CONFIG_NOCACHE
x-azure-ref: 0OKaOYwAAAAATR3bWIJ+1QbxgXZ9Z3NDBU1ZHMjBFREdFMDUxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 06 Dec 2022 02:17:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: avideo.cyou
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         188.114.96.1
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Tue, 06 Dec 2022 02:17:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkSu1J9WltnjawMd7hEH7sDZPesyk%2B%2BZmEPLeI3HTf9jqnDmfnVAmYRkFiJVz48I239DsARFMBOKgeeXHXHAtGDqExYgS0%2F5ZjzOSE1fx%2BkquHnNId9Ug9lczJMN2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7751866afa3bb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /matomo.js HTTP/1.1 
Host: stat.18av.link
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.156.41
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Dec 2022 02:17:26 GMT
cache-control: max-age=43200
cf-bgj: minify
cf-polished: origSize=65842
etag: W/"635a7dce-10132"
expires: Tue, 06 Dec 2022 10:47:44 GMT
last-modified: Thu, 27 Oct 2022 12:47:10 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 12582
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osJFopcRLTqHfyVg7Y0NOcfqCHlLOHThFdzJUJ403n8EwCVSnOddjc15kx7qbcHkjgcQhno4Ic7amzSN6lf55DO6QheQLlBZd7JkjsKcsDEe%2FcO3HAtcilKcZeIf9fYbhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77518677ad58b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: avideo.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.21.28.5
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 06 Dec 2022 02:17:22 GMT
last-modified: Wed, 23 Nov 2022 12:52:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPjTI28BW%2FkkBwOr9GDOsL%2FOWRUZlVQcJeB9zhnh0%2FJunzNAXPYUVDeXGorSfcZ9k7zQLwyHP9ywoilTH%2B01n5U2yAN4krUvbaOqTtehOmGedJqDOt5erEa2dBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77518658286fb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /101386550.js HTTP/1.1 
Host: static.getclicky.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.221.29
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 02:17:28 GMT
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
expires: Fri, 09 Dec 2022 11:38:26 GMT
cache-control: max-age=604800
x-proxy-cache: MISS
content-encoding: gzip
last-modified: Fri, 02 Dec 2022 11:38:27 GMT
cf-cache-status: HIT
age: 87634
server: cloudflare
cf-ray: 775186830ae40b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /o.js HTTP/1.1 
Host: js.tuituiwm.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://avideo.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         68.178.205.178
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 06 Dec 2022 02:17:26 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
access-control-allow-origin:
expires: Tue, 06 Dec 2022 02:18:26 GMT
cache-control: max-age=60
x-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed