| www.amdahost.com/media/logo.png | 104.21.40.89 | 200 OK | 26 kB |
URL GET HTTP/3www.amdahost.com/media/logo.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 382 x 70, 8-bit/color RGBA, non-interlaced Hash9c5c0fe1ed466c1a4801524b31777955 eb7bfae0af480eae554a937a9f64e96a0a4f734a 62b08c1489fff9fb4cf4d33857fb46d4f8298c3f74fc57f92279bdad95472640
GET /media/logo.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=837b71035c
Cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:48 GMT
content-type: image/png
content-length: 25625
last-modified: Fri, 15 Mar 2024 19:45:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4042
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BLR5RVwtXRwQEfKpIHwCYBhB1qiKyjGgl7UIr7XHoa%2BJTR2Zse1299SyT3F4OuL5B5KZvq8EfkogLyp8u0eP%2F8Q80nGCaN%2Bu9qkr0PuJkTforIrqy%2FjkQjPSSyqMagjSt75"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10b32a07569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css | 151.101.193.229 | 200 OK | 17 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/remixicon@4.0.0/fonts/remixicon.css IP151.101.193.229:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash373c68d52e3daa5cd7e1ae058fb6bd70 30a01afb8338555278162655e4a8e7ac57774f35 f53b0f6c14c09b5c263713876dfe7185531a3a424a91d192dfee3c5fa03493dd
GET /npm/remixicon@4.0.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"200b1-MKAa+4M4VVJ4FiZV5KjnrFd3TzU"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 22:38:48 GMT
age: 4303418
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410026-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16743
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js | 172.217.21.170 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP172.217.21.170:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:54:40 GMT
expires: Sat, 26 Apr 2025 05:54:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 60248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| vjs.zencdn.net/8.10.0/video-js.css | 151.101.130.217 | 200 OK | 13 kB |
URL GET HTTP/2vjs.zencdn.net/8.10.0/video-js.css IP151.101.130.217:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGlobalSign nv-sa Subjectvjs.zencdn.net Fingerprint6B:3F:11:07:D7:05:FD:AF:4D:46:B4:BA:1C:8A:60:70:95:37:35:17 ValidityWed, 06 Mar 2024 21:50:11 GMT - Mon, 07 Apr 2025 21:50:10 GMT
File typeASCII text, with very long lines (7288) Hash27818e70d5704691d9264fe0083c5b08 b4dffd90528e8f63d54ad3a859b749344e6e00ad 92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
GET /8.10.0/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 17 Jan 2024 12:53:07 GMT
etag: "27818e70d5704691d9264fe0083c5b08"
x-amz-server-side-encryption: AES256
content-type: text/css
content-encoding: gzip
date: Fri, 26 Apr 2024 22:38:49 GMT
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 6
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 12695
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/thumbnails/1714099835_733efbabe8c432e8.jpg | 104.21.40.89 | 200 OK | 21 kB |
URL GET HTTP/3www.amdahost.com/thumbnails/1714099835_733efbabe8c432e8.jpg IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 50", baseline, precision 8, 960x540, components 3 Hash6bed9d11ac55db21f65bbfe9c3ae37a6 44eb0571d80fb66415ec9bc5ecdd30f77e9a43d6 46184e991eeaa4c8ce0ef8f639bfe1984c7fe8f2009a17bd36f98f93791c885d
GET /thumbnails/1714099835_733efbabe8c432e8.jpg HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=837b71035c
Cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:49 GMT
content-type: image/jpeg
content-length: 20686
last-modified: Fri, 26 Apr 2024 02:50:35 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBMBUO9ESX03KwXqrnJW7NlYvoPd2Ti7Uy6Vxbn387eUjFyvwsHX0bM08MMrpCLjU5RoBsF22ICgX97al4flagETw8ohrnDCGGsK%2BroAcG2aOQ6ZJWbY82zDodHAKE%2FkeFBk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10b33a0b569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| d16sobzswqonxq.cloudfront.net/?zbosd=1043796 | 143.204.42.158 | 200 OK | 54 kB |
URL GET HTTP/2d16sobzswqonxq.cloudfront.net/?zbosd=1043796 IP143.204.42.158:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (15945) Hashfc3e33919a565ba50946be30d6cb76e3 877b7d5078799416e613fa8006e1b8ca4937e5ae aa9971eecd04254e8d487069a3e1d110c3a218c82f588881d5aaab76de341355
GET /?zbosd=1043796 HTTP/1.1
Host: d16sobzswqonxq.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 54523
date: Fri, 26 Apr 2024 22:38:49 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OjZPd7WBbrdPymJ-Blj14kB-yL0Hi8fmgbVdg6tN7tAXp_hyNdINjQ==
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 | 216.58.207.227 | 200 OK | 13 kB |
URL GET HTTP/2fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 IP216.58.207.227:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13184, version 1.0 Hash37b12babb3bd0f9d9587cc8ca89a19b9 49cfe5b31144493cec4f21dc63fb2f1051061b45 73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0
GET /s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:40:57 GMT
expires: Fri, 25 Apr 2025 02:40:57 GMT
cache-control: public, max-age=31536000
age: 158272
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 | 216.58.207.227 | 200 OK | 14 kB |
URL GET HTTP/2fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13820, version 1.0 Hash2dd698f2699a5ef991625825011bff90 523ff9357131751e57dd78cb92b218a49a130d1d 02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
GET /s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:34:37 GMT
expires: Fri, 25 Apr 2025 02:34:37 GMT
cache-control: public, max-age=31536000
age: 158652
last-modified: Thu, 24 Aug 2023 21:28:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| quitesousefulhe.info/a1FZbWpEbjoeVwkWMSgnLB89OjI6Ew9cEggyPicyPBc1FCg9In8ZAw9saF1eWGZgW0wbOD1QW00iLQweHiJkXEwCPz8CV00nZFxEWGV3XlxFZX8YV1p3LR0LDGxoSxofJTVQW1xgbVxdWmBqXVhbaQ | 172.67.156.192 | 204 No Content | 0 B |
URL GET HTTP/2quitesousefulhe.info/a1FZbWpEbjoeVwkWMSgnLB89OjI6Ew9cEggyPicyPBc1FCg9In8ZAw9saF1eWGZgW0wbOD1QW00iLQweHiJkXEwCPz8CV00nZFxEWGV3XlxFZX8YV1p3LR0LDGxoSxofJTVQW1xgbVxdWmBqXVhbaQ IP172.67.156.192:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectquitesousefulhe.info Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7 ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a1FZbWpEbjoeVwkWMSgnLB89OjI6Ew9cEggyPicyPBc1FCg9In8ZAw9saF1eWGZgW0wbOD1QW00iLQweHiJkXEwCPz8CV00nZFxEWGV3XlxFZX8YV1p3LR0LDGxoSxofJTVQW1xgbVxdWmBqXVhbaQ HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 26 Apr 2024 22:38:50 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rGggmBBc9xTaXUBqz80eyDkdC5AWwASDr5vIHMsZnXpNhbWxzuzx07ibB0%2Fl3WKd5Atp8J3Q9JFs7jD3yYisXwmG5vqzZvS5uSPKKssi4CF564gAyP7FZn5QIHsnoa3CrrYixX%2BS1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa10bbe8fd56ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| onservantasr.info/WTRxS2s4VhImVDgJE20eK1hMblkfEUMND2gCAiQJI0cGOgQ3TABlCDVbBC8NK1sfP0U3UQVuWR8FICU6a2VABgMeBRYnCR1tFR4FbF0SICofUDY7WwxfKDMlMGY7Gj8IXxMJPTt+CwIaHgQkeA0KcRMcWQwBPBkfAHlDf1geBAYBIx1lNxESHF0/GQMdVwkKJAxfOH4lag00DihhTT0JJhVuJRIYH0MFMg8KeSAdI2xaKwopHng1I05rcjB6BGl6IhIyDXAgcyAffjUCBm1CNnscKGQIfz0cBzQdD2hbNhEGH00pDl4gbRwvIz1zKyMIMVwXBzgAAiQaRgtOOngbGlUpHQUDBBV7MTRyCAkAG1koCiUXdTZ6ATgFNA4II2UfDVppRxUlKiB2OQUCOl8gAwhrfh8ZDABYPiEqC2EyPBkDBCs8DjRiAhkpGAYTJSZ/XgIkBSkJBCQRE3sHOjo7RQYnHml3PQ | 54.230.111.51 | 200 OK | 1.2 kB |
URL GET HTTP/2onservantasr.info/WTRxS2s4VhImVDgJE20eK1hMblkfEUMND2gCAiQJI0cGOgQ3TABlCDVbBC8NK1sfP0U3UQVuWR8FICU6a2VABgMeBRYnCR1tFR4FbF0SICofUDY7WwxfKDMlMGY7Gj8IXxMJPTt+CwIaHgQkeA0KcRMcWQwBPBkfAHlDf1geBAYBIx1lNxESHF0/GQMdVwkKJAxfOH4lag00DihhTT0JJhVuJRIYH0MFMg8KeSAdI2xaKwopHng1I05rcjB6BGl6IhIyDXAgcyAffjUCBm1CNnscKGQIfz0cBzQdD2hbNhEGH00pDl4gbRwvIz1zKyMIMVwXBzgAAiQaRgtOOngbGlUpHQUDBBV7MTRyCAkAG1koCiUXdTZ6ATgFNA4II2UfDVppRxUlKiB2OQUCOl8gAwhrfh8ZDABYPiEqC2EyPBkDBCs8DjRiAhkpGAYTJSZ/XgIkBSkJBCQRE3sHOjo7RQYnHml3PQ IP54.230.111.51:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerAmazon Subjectonservantasr.info Fingerprint4E:0A:E9:00:74:B8:B3:C9:4F:2A:1E:4E:6D:FA:10:D6:85:BC:6F:CE ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3058), with no line terminators Hashe1ce29d59b2079459cbfea06d20ff795 4da5a022efddcad0eca4e7f4884ceb25a677e605 63eace52d84c673092a0b9f9e8d0c63fadb3ac7a01729f66a2dbe961883ee874
GET /WTRxS2s4VhImVDgJE20eK1hMblkfEUMND2gCAiQJI0cGOgQ3TABlCDVbBC8NK1sfP0U3UQVuWR8FICU6a2VABgMeBRYnCR1tFR4FbF0SICofUDY7WwxfKDMlMGY7Gj8IXxMJPTt+CwIaHgQkeA0KcRMcWQwBPBkfAHlDf1geBAYBIx1lNxESHF0/GQMdVwkKJAxfOH4lag00DihhTT0JJhVuJRIYH0MFMg8KeSAdI2xaKwopHng1I05rcjB6BGl6IhIyDXAgcyAffjUCBm1CNnscKGQIfz0cBzQdD2hbNhEGH00pDl4gbRwvIz1zKyMIMVwXBzgAAiQaRgtOOngbGlUpHQUDBBV7MTRyCAkAG1koCiUXdTZ6ATgFNA4II2UfDVppRxUlKiB2OQUCOl8gAwhrfh8ZDABYPiEqC2EyPBkDBCs8DjRiAhkpGAYTJSZ/XgIkBSkJBCQRE3sHOjo7RQYnHml3PQ HTTP/1.1
Host: onservantasr.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1208
date: Fri, 26 Apr 2024 22:38:50 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VnXmhENa16_RWor2UJ9u6HUk0Y6r5pFEpjM0C08ARkFTx9_PdEvJnQ==
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.40.89 | 302 Found | 0 B |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 22:38:50 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control: max-age=300, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oScu49qEjM75qMQ8tjfsDfO%2FhfCl5XyRmt67r0VKb5JKC83Uir2QB%2Fag3Zo3v6FJDlFvV1ftwMymaDsP2MQraClgW6sqLPSBuz39g4NeN3naogTbhhYvtjdp%2FYh3K58jlz1K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10bd0953569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ku42hjr2e.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6867739360251904&eclog=0&im=1 | 212.117.190.201 | 200 OK | 43 B |
URL POST HTTP/2ku42hjr2e.com/solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6867739360251904&eclog=0&im=1 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=2020088&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6867739360251904&eclog=0&im=1 HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Fri, 30 May 2025 22:38:50 GMT; Secure; SameSite=None
UID=2404261738305856ebdc1f4877905d132a90; Path=/; Expires=Fri, 30 May 2025 22:38:50 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| d16sobzswqonxq.cloudfront.net/1QnQ2Q1MhG1glbDYdUn5ickAFdGp0UkYxNiRJQTQkbBVbJzIqG0U3fSEbW2U5MRtYM243G0wJHDQFZyEiNRhDcxAOUkI5N39EEC8yLBMLZTYsFwtydSMQVH5nZABGLDh/A1o0NSYYTDQ8KFJDIm4vG0wqPy4VE3EVd1oGZmFyXE5yYmdHdGZhchhfLSY6UQ-RzK3pCaXVnZ0d0ZmFyBkBmYANNAG1ja1EEczQnF10sdnAyBHNickQHc2JnRgYlOjARUCwrZ0ZwemVsRBA2bnM | 143.204.42.158 | | 536 B |
URL d16sobzswqonxq.cloudfront.net/1QnQ2Q1MhG1glbDYdUn5ickAFdGp0UkYxNiRJQTQkbBVbJzIqG0U3fSEbW2U5MRtYM243G0wJHDQFZyEiNRhDcxAOUkI5N39EEC8yLBMLZTYsFwtydSMQVH5nZABGLDh/A1o0NSYYTDQ8KFJDIm4vG0wqPy4VE3EVd1oGZmFyXE5yYmdHdGZhchhfLSY6UQ-RzK3pCaXVnZ0d0ZmFyBkBmYANNAG1ja1EEczQnF10sdnAyBHNickQHc2JnRgYlOjARUCwrZ0ZwemVsRBA2bnM IP143.204.42.158:0
CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (752), with no line terminators Hash8aedcfd85b60cc8f99e17ba23bf0b559 6bca4b67bdaab3b338efb4e827b2e6dbadf9f525 2c04851297537357b337c8cf4423b31deb8ace0f5fc14095247423904f5c1595
GET /1QnQ2Q1MhG1glbDYdUn5ickAFdGp0UkYxNiRJQTQkbBVbJzIqG0U3fSEbW2U5MRtYM243G0wJHDQFZyEiNRhDcxAOUkI5N39EEC8yLBMLZTYsFwtydSMQVH5nZABGLDh/A1o0NSYYTDQ8KFJDIm4vG0wqPy4VE3EVd1oGZmFyXE5yYmdHdGZhchhfLSY6UQ-RzK3pCaXVnZ0d0ZmFyBkBmYANNAG1ja1EEczQnF10sdnAyBHNickQHc2JnRgYlOjARUCwrZ0ZwemVsRBA2bnM HTTP/1.1
Host: d16sobzswqonxq.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onservantasr.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 536
date: Fri, 26 Apr 2024 22:38:50 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ago2QYvjIJsQCpn_OV2GpiEkyGKOGhTZey03uJvZRrT8TDIpKuKmCA==
X-Firefox-Spdy: h2
|
|
| s.pemsrv.com/venor.php | 95.211.229.246 | 200 OK | 21 B |
IP95.211.229.246:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
File typevery short file (no magic) Hashcfcd208495d565ef66e7dff9f98764da b6589fc6ab0dc82cf12099d1c2d40ab994e8410c 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
GET /venor.php HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 22:38:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| www.amdahost.com/videos/1714099721_2d7f2301666d69e9.mp4 | 104.21.40.89 | 206 Partial Content | 923 kB |
URL GET HTTP/3www.amdahost.com/videos/1714099721_2d7f2301666d69e9.mp4 IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Size923 kB (922677 bytes) Hash43824cb293b596db9e1fbe9f1c854797 b768eb25795f870d6f4f75f34d5dff3f6625c7af 0e033a5428412aadddc5f9eef5bbf83218f7efe2add89153b6deec16b24032c8
GET /videos/1714099721_2d7f2301666d69e9.mp4 HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=83951616-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=837b71035c
Cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: video/mp4
content-length: 922677
last-modified: Fri, 26 Apr 2024 02:50:33 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
content-range: bytes 83951616-84874292/84874293
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8CNTLQtyqOL1BTiOAjJ8ADo6KL1bCa1k7w2yZglQA2eKx3duRlR%2FkMVILp3XkW5Qu10hITBDd90ync1NEYWeSwgdf9UVbQSUJU4ozws67m5GeWYBJL9x91Edfr4dKUhDW08"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10beeaf9569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| s.magsrv.com/v1/api.php | 95.211.229.248 | 200 OK | 3.3 kB |
IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
Hashf01bcde8201cb2ea0c4b3762bf1ff381 7eea9d4adbdb7ef020f3181b1cc855efa122fe7d 416edcb7b0a2bf1eb97b7cab6b6df2dc497dfa85d9a58747aa783cb9025cd101
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 371
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 22:38:50 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662c2cfa895092.282209392210417242%22%3B%7D; expires=Sun, 26-Apr-2026 22:38:50 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| cdn.pncloudfl.com/pn/8b1/acc/f8f/8b1accf8fb98b012be461abbc9130a57549b68ff.png | 104.22.58.221 | 200 OK | 44 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/8b1/acc/f8f/8b1accf8fb98b012be461abbc9130a57549b68ff.png IP104.22.58.221:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint74:12:B3:16:53:18:34:1F:1C:1F:C7:58:FE:87:06:72:9F:9E:27:E6 ValidityThu, 29 Feb 2024 00:47:39 GMT - Wed, 29 May 2024 00:47:38 GMT
File typeRIFF (little-endian) data, Web/P image Hash739d14b2e66ad303e845777319560711 3f5d1d6e842ea39d9be64c645118e7ece8f27236 d97dcdd28cb319a6a3738b5045302dca3efbd9b4d9d1ab3992ba934e5fdddd7c
GET /pn/8b1/acc/f8f/8b1accf8fb98b012be461abbc9130a57549b68ff.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: image/webp
content-length: 43860
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=68845
content-disposition: inline; filename="8b1accf8fb98b012be461abbc9130a57549b68ff.webp"
etag: 157cdb1886b1ed8fa38e01b105d8bb4c
expires: Sun, 28 Apr 2024 02:45:55 GMT
last-modified: Thu, 04 Jan 2024 12:00:16 GMT
vary: Accept
x-openstack-request-id: tx90f75348333b4b0ab8c29-0065969dec
x-proxy-cache: HIT
x-timestamp: 1704369615.90306
x-trans-id: tx90f75348333b4b0ab8c29-0065969dec
cf-cache-status: HIT
age: 71575
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87aa10bf6b80b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/159/4e9/574/1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.png | 104.22.58.221 | 200 OK | 48 kB |
URL GET HTTP/2cdn.pncloudfl.com/pn/159/4e9/574/1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.png IP104.22.58.221:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectcdn.pncloudfl.com Fingerprint74:12:B3:16:53:18:34:1F:1C:1F:C7:58:FE:87:06:72:9F:9E:27:E6 ValidityThu, 29 Feb 2024 00:47:39 GMT - Wed, 29 May 2024 00:47:38 GMT
File typeRIFF (little-endian) data, Web/P image Hashfaa49393df3208c063f655607da54633 3de75eda9ed337e13622611cdda3d5bf615b311f 5b8090f769afc76f83e8635a46499a1e467be6c44aee86f5f53b7ca51baa53de
GET /pn/159/4e9/574/1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: image/webp
content-length: 47678
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=74321
content-disposition: inline; filename="1594e95742a74b4d78cb97059ff18a3f1cdbc0cb.webp"
etag: e7242897f9459085037ffcbcd74c060f
expires: Sun, 28 Apr 2024 04:30:43 GMT
last-modified: Mon, 23 Dec 2019 09:01:22 GMT
vary: Accept
x-openstack-request-id: tx6522abc861fc4738a75fe-0061b0bcf9
x-proxy-cache: HIT
x-timestamp: 1577091681.42646
x-trans-id: tx6522abc861fc4738a75fe-0061b0bcf9
cf-cache-status: HIT
age: 65287
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 87aa10bf6b83b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| js.capndr.com/advertising.js | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/2js.capndr.com/advertising.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectjs.capndr.com Fingerprint0D:30:A1:FB:7E:A0:EC:89:85:17:27:67:37:21:DA:E0:CB:E3:26:06 ValiditySun, 21 Apr 2024 03:00:41 GMT - Sat, 20 Jul 2024 03:00:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Fri, 26 Apr 2024 22:43:51 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/apple-touch-icon.png | 104.21.40.89 | 200 OK | 40 kB |
URL GET HTTP/3www.amdahost.com/media/apple-touch-icon.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash3a0b8d799ca52ea360286be206ff8fb3 2dc98f04f62990a7ab58494b8cc4c9d34f88d82b a18a7554000483027f4297e642dd6ffa175ee4028844be6e7888cd31c165972d
GET /media/apple-touch-icon.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=837b71035c
Cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:51 GMT
content-type: image/png
content-length: 40332
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4044
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oRimbsJdaYyotY%2BM83OflL%2Ff1%2BBzeR2bW5A%2BiKtYMAq%2Bq8zJwxovC58CfdRepmXU%2BwXzZ9oupMuSjF4R7nbedgvmRIWf1iN%2BSSQ6JXEmY1PEnt69PRUh7Be6CfzmYUTSoyj4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10c15cf3569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 104.21.40.89 | 200 OK | 4.7 kB |
URL GET HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7921), with no line terminators Hash641616ffe0830c26a15610f0345effa6 71a456cde43359f88b95d28f921423b05332ebe3 1951693ba3974da23e2adba7c1b359258deaf2454fb63ffb5df18e094e40cfba
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: br
cache-control: max-age=14400, public
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j552oCe7iB%2BzSkuobJEx7nw9N5ZnpDpJT8VddSOUs%2FBZeItzZtdEfl0zSuo0MDyBfXgBcEF4%2BP60n3wER7BTRpiJWgwrcz4bydgBwfBO%2BHk0VMHhXpAtd3RQ%2B1pY4FOghUB7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa10bf4b62569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/87aa10afa91456be | 104.21.40.89 | 200 OK | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/challenge-platform/h/b/jsd/r/87aa10afa91456be IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/87aa10afa91456be HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12199
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=837b71035c
Cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=pI7kURTBECJV0jkVKoneqLyZL3xlnhnrwStr_MrCUDw-1714171131-1.0.1.1-EYKZpi8DtyM3pQjz8Il0OEAjrYF5dq.8M1VF6rqIpVj7n2k8lIg9cdrVulIE75DwQZp8Y8x3tOOxro3D.3Kalw; path=/; expires=Sat, 26-Apr-25 22:38:51 GMT; domain=.amdahost.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8kyT7qCSapqyYrnZgoi88rEucAF1hRi3xngIREPcODsW2TNQs6JRo6cuhDqCZyTzi%2BXnl4msNLC4ytiSem9xxJUO1p91dZhSyTUfGXsrsla99KMjiWlBxfuFFhZabzaLN8T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa10c19d17569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:VOVwH6NUDKk8TbLakvNFxPyPFqCEUA:77dcs3tGfIB4VPeS; Expires=Sun, 26-Apr-2026 22:38:51 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:51 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQy5a-7oSgaOF0MfWuD-AV95lAlosQ24-QJ7hUTYM5pjZH4BWx8ixKXaMchw31JL5kpVnCjm
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-cSQT4jLKC3pU2Ya0Oau6Pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:crdvW3ZKZgHa2ST8fODh23prvQkMpw:8fS4Tx1EWXx-No9T; Expires=Sun, 26-Apr-2026 22:38:51 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:51 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwqbaLdUhUydV3u6K98y0YdiOU7Vl1DVB60EwSQKMU97xxDhrVnHStuMD9Y0Y5wEYyBFG1rZQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-NDD2nKHkxlNc5I6OfU_OCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQy5a-7oSgaOF0MfWuD-AV95lAlosQ24-QJ7hUTYM5pjZH4BWx8ixKXaMchw31JL5kpVnCjm | 74.125.131.84 | 302 Found | 425 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQy5a-7oSgaOF0MfWuD-AV95lAlosQ24-QJ7hUTYM5pjZH4BWx8ixKXaMchw31JL5kpVnCjm IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeHTML document, ASCII text, with very long lines (403) Hashd318cf0cc9833a072346ec7353f81afe 6c947be4914150e11b7ffa8ad3e6032cae5cfbfe 2950c20d33f52dcc1e7385d966c352d373480676a774778599ef14740a9d8ec8
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQy5a-7oSgaOF0MfWuD-AV95lAlosQ24-QJ7hUTYM5pjZH4BWx8ixKXaMchw31JL5kpVnCjm HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:qNdpozB96W92odhJInWGRwQcrxT9LA:4ZGa69BT2NdMN0X5;Path=/;Expires=Sun, 26-Apr-2026 22:38:51 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:51 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwF_Rfyk8LW4lEN_qehVAQA9eLwtMP7jpCvnX6Ah9uzB-v01BtfomaT4uA5M6fHE8fvXm9pFQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1527658459%3A1714171131355229&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-Lz4313lrXgr4zSRC1w8TsQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwqbaLdUhUydV3u6K98y0YdiOU7Vl1DVB60EwSQKMU97xxDhrVnHStuMD9Y0Y5wEYyBFG1rZQ | 74.125.131.84 | 302 Found | 427 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwqbaLdUhUydV3u6K98y0YdiOU7Vl1DVB60EwSQKMU97xxDhrVnHStuMD9Y0Y5wEYyBFG1rZQ IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeHTML document, ASCII text, with very long lines (406) Hash1104a8fce556940f1168bb1ea63fcf08 a5006b4634c9b5a9b61e8d586d215c367df49128 d954243dfc70662c6d00df6696dc744cb76dd3fe1db1609eaf878947e980cd61
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQwqbaLdUhUydV3u6K98y0YdiOU7Vl1DVB60EwSQKMU97xxDhrVnHStuMD9Y0Y5wEYyBFG1rZQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:Hwna9fo3UYM8N4Uzy8GOMauUHvoOPQ:0_MtFHFQWnrFXClc;Path=/;Expires=Sun, 26-Apr-2026 22:38:51 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:51 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwnboYFcI79_oWbx0UtiKrzmSqpxvMHglzivVbwQzSdjSwmnaN0lxt-0vKZiUrEuwDegi1BZg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S537448165%3A1714171131392252&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-FNs1UwVj9E4pnD9jRXDA8w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 427
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OTU4DMQxGr8IFZvT5J47TNWuQQBwgM50Rm9JFWRTJhydJAQF5ipTY70vMYJ2gE9sd+UH8kBCF5oJZeaak8fD4FEpRT8f6er68z+v5FMqeKIUXqHoQWMg4EpuqIRI81CVZS1txgWSLpkugwUlUxykjXp7vx6ZODgGu3Aag8WsoRgPXbtOxkqybGOm+aVbLRtuaKtecmXfv4t8pcWOG9Ff4+96Yuiukwm2UthCjXC8fb2vEL7GTfqI99b97g2FfRrgtC3SpWDNV3rfNanYrSymtLFI/AQC11TFxAQAA | 95.211.229.248 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OTU4DMQxGr8IFZvT5J47TNWuQQBwgM50Rm9JFWRTJhydJAQF5ipTY70vMYJ2gE9sd+UH8kBCF5oJZeaak8fD4FEpRT8f6er68z+v5FMqeKIUXqHoQWMg4EpuqIRI81CVZS1txgWSLpkugwUlUxykjXp7vx6ZODgGu3Aag8WsoRgPXbtOxkqybGOm+aVbLRtuaKtecmXfv4t8pcWOG9Ff4+96Yuiukwm2UthCjXC8fb2vEL7GTfqI99b97g2FfRrgtC3SpWDNV3rfNanYrSymtLFI/AQC11TFxAQAA IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12OTU4DMQxGr8IFZvT5J47TNWuQQBwgM50Rm9JFWRTJhydJAQF5ipTY70vMYJ2gE9sd+UH8kBCF5oJZeaak8fD4FEpRT8f6er68z+v5FMqeKIUXqHoQWMg4EpuqIRI81CVZS1txgWSLpkugwUlUxykjXp7vx6ZODgGu3Aag8WsoRgPXbtOxkqybGOm+aVbLRtuaKtecmXfv4t8pcWOG9Ff4+96Yuiukwm2UthCjXC8fb2vEL7GTfqI99b97g2FfRrgtC3SpWDNV3rfNanYrSymtLFI/AQC11TFxAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662c2cfa895092.282209392210417242%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 22:38:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OS04DQQxEr8IFZuS/PVmzBgnEAXp+YhOySBZB8uFxTzZAl1oqdb+yi4BkABnInjBOHCeFnHCcYBQaUSVfXt9SMNt5bZ+X621cLucUDmHPmEAkEoEYjVLJWCqhEGmqE0SNsiAzoURNTiiRskh3IxTnkB/vz8fFUoFOcJdK4rE5CVLKw71ncW3Iy8aGsm/iYm64LdqouRPt0cG/TSsDUB1qDrL0rVimODrKPDT0GKMwVbM6kMdzu35/LZm/wC49oqx9dCf/fT/kfQWKdCY3s1m3WX0O3X2VcGeLTWyFCZD8B0AkD4SDAQAA | 95.211.229.248 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OS04DQQxEr8IFZuS/PVmzBgnEAXp+YhOySBZB8uFxTzZAl1oqdb+yi4BkABnInjBOHCeFnHCcYBQaUSVfXt9SMNt5bZ+X621cLucUDmHPmEAkEoEYjVLJWCqhEGmqE0SNsiAzoURNTiiRskh3IxTnkB/vz8fFUoFOcJdK4rE5CVLKw71ncW3Iy8aGsm/iYm64LdqouRPt0cG/TSsDUB1qDrL0rVimODrKPDT0GKMwVbM6kMdzu35/LZm/wC49oqx9dCf/fT/kfQWKdCY3s1m3WX0O3X2VcGeLTWyFCZD8B0AkD4SDAQAA IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12OS04DQQxEr8IFZuS/PVmzBgnEAXp+YhOySBZB8uFxTzZAl1oqdb+yi4BkABnInjBOHCeFnHCcYBQaUSVfXt9SMNt5bZ+X621cLucUDmHPmEAkEoEYjVLJWCqhEGmqE0SNsiAzoURNTiiRskh3IxTnkB/vz8fFUoFOcJdK4rE5CVLKw71ncW3Iy8aGsm/iYm64LdqouRPt0cG/TSsDUB1qDrL0rVimODrKPDT0GKMwVbM6kMdzu35/LZm/wC49oqx9dCf/fT/kfQWKdCY3s1m3WX0O3X2VcGeLTWyFCZD8B0AkD4SDAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662c2cfa895092.282209392210417242%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 22:38:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OTUpEMRCEr+IFJvR/+s3atYLiAeL7wc04i3ExQh3e5A2Kmo+GoruKlJDYgewgccd51Dw6YeIyUTEp7IaHxycYo52W9na+fJT5fIJZmjNyoq7AJMohcAkzTzj14VqTCOnhmf3IDgV1xNVsqEJE7MKohJfn+324E1Ciq/QevH8OIVjXdB1xXhrrvGqwbatVixq8zt6k1Sqy5TD+LUs3Ck0c/Srfi85hmJVNpVfqj7Cv2+XzfQZ+GQf+Ex2p/9cbaahgs+FB1NQtOVMlorVlXmN71cV6bdIl1i/dHRkrewEAAA== | 95.211.229.248 | 200 OK | 20 B |
URL GET HTTP/1.1s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA12OTUpEMRCEr+IFJvR/+s3atYLiAeL7wc04i3ExQh3e5A2Kmo+GoruKlJDYgewgccd51Dw6YeIyUTEp7IaHxycYo52W9na+fJT5fIJZmjNyoq7AJMohcAkzTzj14VqTCOnhmf3IDgV1xNVsqEJE7MKohJfn+324E1Ciq/QevH8OIVjXdB1xXhrrvGqwbatVixq8zt6k1Sqy5TD+LUs3Ck0c/Srfi85hmJVNpVfqj7Cv2+XzfQZ+GQf+Ex2p/9cbaahgs+FB1NQtOVMlorVlXmN71cV6bdIl1i/dHRkrewEAAA== IP95.211.229.248:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA12OTUpEMRCEr+IFJvR/+s3atYLiAeL7wc04i3ExQh3e5A2Kmo+GoruKlJDYgewgccd51Dw6YeIyUTEp7IaHxycYo52W9na+fJT5fIJZmjNyoq7AJMohcAkzTzj14VqTCOnhmf3IDgV1xNVsqEJE7MKohJfn+324E1Ciq/QevH8OIVjXdB1xXhrrvGqwbatVixq8zt6k1Sqy5TD+LUs3Ck0c/Srfi85hmJVNpVfqj7Cv2+XzfQZ+GQf+Ex2p/9cbaahgs+FB1NQtOVMlorVlXmN71cV6bdIl1i/dHRkrewEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662c2cfa895092.282209392210417242%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 22:38:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| s3t3d2y8.afcdn.net/library/448451/ee6568b37b61ea208c14fe485989a7efc14c184b.mp4 | 185.76.9.22 | 206 Partial Content | 52 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/448451/ee6568b37b61ea208c14fe485989a7efc14c184b.mp4 IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hashaa7df9303c99187ae9be3deb397ee170 ee6568b37b61ea208c14fe485989a7efc14c184b b7c09ce82f1d4be68665bfd9caff5bef8010ffdb7f18741b6ade8b181d641d01
GET /library/448451/ee6568b37b61ea208c14fe485989a7efc14c184b.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: video/mp4
content-length: 51589
last-modified: Wed, 16 Aug 2023 20:47:01 GMT
etag: "64dd35c5-c985"
accept-ch:
expires: Tue, 07 Jan 2025 20:32:00 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJFAH3Hc6PAAwBuUwKEwH3HwMAAAgB1GY4nAFh
x-77-nzt-ray: af585630ac349570fc2c2c66e883f821
x-77-cache: HIT
x-accel-expires: @1736281920
x-accel-date: 1704746719
x-cache-lb: HIT
x-age-lb: 799
x-77-age: 9424413
server: CDN77-Turbo
x-cache: HIT
x-age: 9424413
x-77-pop: stockholmSE
content-range: bytes 0-51588/51589
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/library/438437/f07c82591285d5ecbffdf90b26f7adfec97eef66.webp | 185.76.9.22 | 200 OK | 20 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/438437/f07c82591285d5ecbffdf90b26f7adfec97eef66.webp IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 720x480, Scaling: [none]x[none], YUV color, decoders should clamp Hash7c57742a81908e5048e44f5fb449e566 f07c82591285d5ecbffdf90b26f7adfec97eef66 4f43af8a6195158946b50fca6a0d87225566c36bb7961b7bf187b12ef68ddd82
GET /library/438437/f07c82591285d5ecbffdf90b26f7adfec97eef66.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: image/webp
content-length: 20304
last-modified: Wed, 17 Apr 2024 08:59:44 GMT
etag: "661f8f80-4f50"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 17 Apr 2025 11:56:05 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJFAH3yQQMAAwBuUwKDAH3Cm8AAAwBisclwQH3VAAAAA
x-77-nzt-ray: af585630ac349570fc2c2c66d328fd21
x-accel-expires: @1744890965
x-accel-date: 1713383475
x-77-cache: HIT
x-77-age: 787657
server: CDN77-Turbo
x-cache: HIT
x-age: 787657
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/library/428515/ede74c7bceaa7703fd30a60d5d9f04ca5eac5716.mp4 | 185.76.9.22 | 206 Partial Content | 33 kB |
URL GET HTTP/2s3t3d2y8.afcdn.net/library/428515/ede74c7bceaa7703fd30a60d5d9f04ca5eac5716.mp4 IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash1413cd1c8cc4a6653851bdfc54fdb32f ede74c7bceaa7703fd30a60d5d9f04ca5eac5716 41f006ad3d3978487383e7cdf609bbd8041bb1fd2af17b81874d80eaad003235
GET /library/428515/ede74c7bceaa7703fd30a60d5d9f04ca5eac5716.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: video/mp4
content-length: 33263
last-modified: Fri, 31 Dec 2021 10:19:17 GMT
etag: "61ced925-81ef"
accept-ch:
expires: Wed, 16 Apr 2025 14:32:15 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBuUwJFAH3BaENAAwBuUwKEwH3BwAAAAgB1GY4EQGB
x-77-nzt-ray: af585630ac349570fc2c2c66de240022
x-accel-expires: @1744813936
x-77-cache: HIT
x-accel-date: 1713277943
x-77-age: 893189
server: CDN77-Turbo
x-cache: HIT
x-age: 893189
x-77-pop: stockholmSE
content-range: bytes 0-33262/33263
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/images/close-icon-circle.png | 185.76.9.22 | 200 OK | 405 B |
URL GET HTTP/2s3t3d2y8.afcdn.net/images/close-icon-circle.png IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced Hashbc8bf5d1633e548e9a178bf29be30b7b bd290b6eabd73d2c95db053620797503e9178484 94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb
GET /images/close-icon-circle.png HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: image/png
content-length: 405
last-modified: Tue, 25 Oct 2022 11:33:38 GMT
etag: "6357c992-195"
expires: Fri, 27 Oct 2023 07:10:07 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJFAH3d1yMAQ
x-77-nzt-ray: af585630ac349570fc2c2c66a23f7022
x-accel-expires: @1719731205
x-accel-date: 1688195205
x-cache: HIT
x-age: 25975927
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 25975927
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 814 B |
IP162.252.214.5:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1020), with no line terminators Hash8e96656ecd7409b23d16c7102cad9d94 1f037311463700c1e235dffd067cd49a8ba28fee 7a0d1d7dfe1d2dd16e886e69e305a4420a01182b3463c82c0e9416df6eff186f
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1644
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 22:38:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://www.amdahost.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| img.cdn.house/i/1/4VaCZM13hUiNyC58G0oN-m9ShoP_xOT0OqHqwy1qVVPAA4chu3UDVQJBqnFUWuNERmb659m9x-KKwUJgHSZNCQPfPHfPWXGxRJQt6NsiTeLzNVMoSkPnSNzbEXuHjakR8IaURfakieDsv8Bqu9jVxg4wPDivwi6viCNJrR6YsfU6O9y4l-uzR7NJA4bNcBts4t8sE-FM | 95.216.74.110 | 200 OK | 3.8 kB |
URL GET HTTP/2img.cdn.house/i/1/4VaCZM13hUiNyC58G0oN-m9ShoP_xOT0OqHqwy1qVVPAA4chu3UDVQJBqnFUWuNERmb659m9x-KKwUJgHSZNCQPfPHfPWXGxRJQt6NsiTeLzNVMoSkPnSNzbEXuHjakR8IaURfakieDsv8Bqu9jVxg4wPDivwi6viCNJrR6YsfU6O9y4l-uzR7NJA4bNcBts4t8sE-FM IP95.216.74.110:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectimg.cdn.house Fingerprint98:AC:05:29:31:CD:6B:03:04:7D:9B:28:08:AA:B1:09:56:1A:CA:30 ValidityThu, 21 Mar 2024 10:50:12 GMT - Wed, 19 Jun 2024 10:50:11 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp Hash1a1f2a5a03a4b73b5f4aea2c97f0d7af 5c7040376db1f4b23d544c8b557379953d635f58 970c680d5d55f928c2104fcdf34770b580e4e4d56a5958a514dcd3ac585da2a0
GET /i/1/4VaCZM13hUiNyC58G0oN-m9ShoP_xOT0OqHqwy1qVVPAA4chu3UDVQJBqnFUWuNERmb659m9x-KKwUJgHSZNCQPfPHfPWXGxRJQt6NsiTeLzNVMoSkPnSNzbEXuHjakR8IaURfakieDsv8Bqu9jVxg4wPDivwi6viCNJrR6YsfU6O9y4l-uzR7NJA4bNcBts4t8sE-FM HTTP/1.1
Host: img.cdn.house
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: image/webp
content-length: 3804
last-modified: Sun, 21 Jan 2024 10:29:36 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Comic+Neue&display=swap | 142.250.74.74 | 200 OK | 2.0 MB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Comic+Neue&display=swap IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Size2.0 MB (1992093 bytes) Hashd75d4d9414c10611b1917a085b6ef92c 86c66880f9a22e268d7b323237439be49762f61d 487fa8164e92d5f155d5fa82105f7de6441e65a8f3e7a80310798f0bd99da9a0
GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 22:38:49 GMT
date: Fri, 26 Apr 2024 22:38:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 12ezo5v60.com/chicken.gif?z=2020090&pb=e3b095ae927a082d55e764444744a2031714178330&psp=0iMJ8vHSqXBTlVby5TXlAUPHRMRyXLhQeMGl_4t7yrq4YhkoxM151G6uQXrSkmuQJiAOJOCQR7AcDbDUiwuTcMvDZ4U8zSu7w8JCtHIccMoBXHWpW0_aiVjcRdf3oEv4cvYFN-maSBN5k8HNQWzFnieDi0SKyLuEyCxDhqyA2PW6-1oa2LCeJtMsImd4vXNmGBvxAS-pwAYaXfsggcIdRrA5ARW0SnHUqzwOB7HGFaq43E8JDpwosxsUM0PJS-M2XmEPjj-ijoHtTggLHg2I3oYT48Vmi6CaHW1buU4uDTcpagNxDvO09NnSVfxF7VhIk31Se4Tnv1nAjSLHRk3hy7nWfs5ScjNNs3L28zQd-06gJl1WM30RIJTIjXsE2hunYQFG8nr_H_LI4ZLGOJ0O3BnxaLRmeUSoKtHZx13TdrgjpFdUDQIvFGXwMcHcVWHd7u_hrpUwlqx01z4ijxEbqkXT8YLeEmM_wLx3vXz1FLMvZIpipjpb4nuI1o62pI86XqgnhRQ09ekeZDhwcJPusI34kdA-C3sF8vL63C4PY1FbwHrX8DE9I3l6UYKaZ_s4UG5gA8bOyJifWfS7JGlN75y1FH2pCHet1b1-qjdXNuK6yP6lPcmUb5Pqz-nUTneFzGesrIGRVNOLOsMxOPhP0YtIXnUYVleaSXYZj9xZMbzU7YVu2ieKNUYpF6dDNqVXkjf1Po3W2eECdhoyNCtjvlBCq7QyFwqM-9eSP7Fd84n0bGKRtwCO8by6TpsbCX2sU8BlxPu0-xKrBStEMyIQczWbTjAsQj0YzcuqbIegbDMzRGvX6YxpjUMsAqBt3pgbWyxTxW3wrvneAKTy2Fibk2OQ7t1QulTm8rlKIqyN1VoqCE4WirbURZyeXST_vu50JleKy-ixMmbeekQYetVnSII-vB_iz3kDMNedsm2kPDiffl83VNG2mbjsZcBP0LZka9TjhFah_YZ5mIKLRxtRLkHUJgZkb471GZCXAe-vrkp2qtEqqF-B-A_mHupsNUhoyW1Npy4k_jMR3bSGOQ86U3PvSN4qwY5IP6TnhHCZhfukzOLcH4jD0ul210NgaSGEtUA9mi2XGmy8kS4NOuxkMnWIhO_HHfUAhFAk41U7cSfqZnDLE5ZR_OYvx2kAO55qgr6XxitCLoxKEpm_r3akK5zARYOzoJmmUxQjobzMd3ZZd_eLi8tESvkZFQ_vgHNGbpDNimNHKpiWwk_tyNVn2GUsYy-ejv_H6KNYrj-95bWKhJ4cJC7vjH22nnWocn3xqaB4qhCS5QIbeVu3gfKmTJ6j8jJl86laIZqzlQEwZYTOquRNpgKaHRnrS4l2Jo9Gx9xdRH9XM1axYQXeH4C6Acw9yjVNQg7MjF_rDEWuQ5N21zjoegW67NXAl8xkz05n9DDFPeHIBTpsm1R1qO64H0u64-25xypXVQHIt53Xm5n4ZtdMRMC5eISbDgwwBsA0ylbgu4j0Up8KmshFEMnfahbv1b8yactU--NxMDgXMGxZFWtb8W1D_We5lhOvNGDNzYQyvg_mvalf8kH_O9fviRuY4fhFdM9HEynyyva6S6L2gmZC5xh-WzUBr0gWcfGNk7tqAdTvTsEATuq8nLS0ADlr98liXaByX3YBsGuzYkX5EEhvh7b76U8JtPvIuOkPPmnCxI5G1TPnWTIFr0Kd0eSxCyCq&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304789406830080&eclog=0&im=1 | 212.117.190.202 | 200 OK | 43 B |
URL GET HTTP/212ezo5v60.com/chicken.gif?z=2020090&pb=e3b095ae927a082d55e764444744a2031714178330&psp=0iMJ8vHSqXBTlVby5TXlAUPHRMRyXLhQeMGl_4t7yrq4YhkoxM151G6uQXrSkmuQJiAOJOCQR7AcDbDUiwuTcMvDZ4U8zSu7w8JCtHIccMoBXHWpW0_aiVjcRdf3oEv4cvYFN-maSBN5k8HNQWzFnieDi0SKyLuEyCxDhqyA2PW6-1oa2LCeJtMsImd4vXNmGBvxAS-pwAYaXfsggcIdRrA5ARW0SnHUqzwOB7HGFaq43E8JDpwosxsUM0PJS-M2XmEPjj-ijoHtTggLHg2I3oYT48Vmi6CaHW1buU4uDTcpagNxDvO09NnSVfxF7VhIk31Se4Tnv1nAjSLHRk3hy7nWfs5ScjNNs3L28zQd-06gJl1WM30RIJTIjXsE2hunYQFG8nr_H_LI4ZLGOJ0O3BnxaLRmeUSoKtHZx13TdrgjpFdUDQIvFGXwMcHcVWHd7u_hrpUwlqx01z4ijxEbqkXT8YLeEmM_wLx3vXz1FLMvZIpipjpb4nuI1o62pI86XqgnhRQ09ekeZDhwcJPusI34kdA-C3sF8vL63C4PY1FbwHrX8DE9I3l6UYKaZ_s4UG5gA8bOyJifWfS7JGlN75y1FH2pCHet1b1-qjdXNuK6yP6lPcmUb5Pqz-nUTneFzGesrIGRVNOLOsMxOPhP0YtIXnUYVleaSXYZj9xZMbzU7YVu2ieKNUYpF6dDNqVXkjf1Po3W2eECdhoyNCtjvlBCq7QyFwqM-9eSP7Fd84n0bGKRtwCO8by6TpsbCX2sU8BlxPu0-xKrBStEMyIQczWbTjAsQj0YzcuqbIegbDMzRGvX6YxpjUMsAqBt3pgbWyxTxW3wrvneAKTy2Fibk2OQ7t1QulTm8rlKIqyN1VoqCE4WirbURZyeXST_vu50JleKy-ixMmbeekQYetVnSII-vB_iz3kDMNedsm2kPDiffl83VNG2mbjsZcBP0LZka9TjhFah_YZ5mIKLRxtRLkHUJgZkb471GZCXAe-vrkp2qtEqqF-B-A_mHupsNUhoyW1Npy4k_jMR3bSGOQ86U3PvSN4qwY5IP6TnhHCZhfukzOLcH4jD0ul210NgaSGEtUA9mi2XGmy8kS4NOuxkMnWIhO_HHfUAhFAk41U7cSfqZnDLE5ZR_OYvx2kAO55qgr6XxitCLoxKEpm_r3akK5zARYOzoJmmUxQjobzMd3ZZd_eLi8tESvkZFQ_vgHNGbpDNimNHKpiWwk_tyNVn2GUsYy-ejv_H6KNYrj-95bWKhJ4cJC7vjH22nnWocn3xqaB4qhCS5QIbeVu3gfKmTJ6j8jJl86laIZqzlQEwZYTOquRNpgKaHRnrS4l2Jo9Gx9xdRH9XM1axYQXeH4C6Acw9yjVNQg7MjF_rDEWuQ5N21zjoegW67NXAl8xkz05n9DDFPeHIBTpsm1R1qO64H0u64-25xypXVQHIt53Xm5n4ZtdMRMC5eISbDgwwBsA0ylbgu4j0Up8KmshFEMnfahbv1b8yactU--NxMDgXMGxZFWtb8W1D_We5lhOvNGDNzYQyvg_mvalf8kH_O9fviRuY4fhFdM9HEynyyva6S6L2gmZC5xh-WzUBr0gWcfGNk7tqAdTvTsEATuq8nLS0ADlr98liXaByX3YBsGuzYkX5EEhvh7b76U8JtPvIuOkPPmnCxI5G1TPnWTIFr0Kd0eSxCyCq&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304789406830080&eclog=0&im=1 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=2020090&pb=e3b095ae927a082d55e764444744a2031714178330&psp=0iMJ8vHSqXBTlVby5TXlAUPHRMRyXLhQeMGl_4t7yrq4YhkoxM151G6uQXrSkmuQJiAOJOCQR7AcDbDUiwuTcMvDZ4U8zSu7w8JCtHIccMoBXHWpW0_aiVjcRdf3oEv4cvYFN-maSBN5k8HNQWzFnieDi0SKyLuEyCxDhqyA2PW6-1oa2LCeJtMsImd4vXNmGBvxAS-pwAYaXfsggcIdRrA5ARW0SnHUqzwOB7HGFaq43E8JDpwosxsUM0PJS-M2XmEPjj-ijoHtTggLHg2I3oYT48Vmi6CaHW1buU4uDTcpagNxDvO09NnSVfxF7VhIk31Se4Tnv1nAjSLHRk3hy7nWfs5ScjNNs3L28zQd-06gJl1WM30RIJTIjXsE2hunYQFG8nr_H_LI4ZLGOJ0O3BnxaLRmeUSoKtHZx13TdrgjpFdUDQIvFGXwMcHcVWHd7u_hrpUwlqx01z4ijxEbqkXT8YLeEmM_wLx3vXz1FLMvZIpipjpb4nuI1o62pI86XqgnhRQ09ekeZDhwcJPusI34kdA-C3sF8vL63C4PY1FbwHrX8DE9I3l6UYKaZ_s4UG5gA8bOyJifWfS7JGlN75y1FH2pCHet1b1-qjdXNuK6yP6lPcmUb5Pqz-nUTneFzGesrIGRVNOLOsMxOPhP0YtIXnUYVleaSXYZj9xZMbzU7YVu2ieKNUYpF6dDNqVXkjf1Po3W2eECdhoyNCtjvlBCq7QyFwqM-9eSP7Fd84n0bGKRtwCO8by6TpsbCX2sU8BlxPu0-xKrBStEMyIQczWbTjAsQj0YzcuqbIegbDMzRGvX6YxpjUMsAqBt3pgbWyxTxW3wrvneAKTy2Fibk2OQ7t1QulTm8rlKIqyN1VoqCE4WirbURZyeXST_vu50JleKy-ixMmbeekQYetVnSII-vB_iz3kDMNedsm2kPDiffl83VNG2mbjsZcBP0LZka9TjhFah_YZ5mIKLRxtRLkHUJgZkb471GZCXAe-vrkp2qtEqqF-B-A_mHupsNUhoyW1Npy4k_jMR3bSGOQ86U3PvSN4qwY5IP6TnhHCZhfukzOLcH4jD0ul210NgaSGEtUA9mi2XGmy8kS4NOuxkMnWIhO_HHfUAhFAk41U7cSfqZnDLE5ZR_OYvx2kAO55qgr6XxitCLoxKEpm_r3akK5zARYOzoJmmUxQjobzMd3ZZd_eLi8tESvkZFQ_vgHNGbpDNimNHKpiWwk_tyNVn2GUsYy-ejv_H6KNYrj-95bWKhJ4cJC7vjH22nnWocn3xqaB4qhCS5QIbeVu3gfKmTJ6j8jJl86laIZqzlQEwZYTOquRNpgKaHRnrS4l2Jo9Gx9xdRH9XM1axYQXeH4C6Acw9yjVNQg7MjF_rDEWuQ5N21zjoegW67NXAl8xkz05n9DDFPeHIBTpsm1R1qO64H0u64-25xypXVQHIt53Xm5n4ZtdMRMC5eISbDgwwBsA0ylbgu4j0Up8KmshFEMnfahbv1b8yactU--NxMDgXMGxZFWtb8W1D_We5lhOvNGDNzYQyvg_mvalf8kH_O9fviRuY4fhFdM9HEynyyva6S6L2gmZC5xh-WzUBr0gWcfGNk7tqAdTvTsEATuq8nLS0ADlr98liXaByX3YBsGuzYkX5EEhvh7b76U8JtPvIuOkPPmnCxI5G1TPnWTIFr0Kd0eSxCyCq&freq=0&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304789406830080&eclog=0&im=1 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=24042617388aeb80f496a4447b96065ec601
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.167.186 | | 0 B |
IP104.17.167.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10cbdeec56b5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| c.adsco.re/ | 104.17.167.186 | | 28 kB |
IP104.17.167.186:0
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 27 May 2024 22:38:52 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 704575
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10cb6e9856b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.amdahost.com/cdn-cgi/rum? | 104.21.40.89 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1084
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=837b71035c
Cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff; cf_clearance=pI7kURTBECJV0jkVKoneqLyZL3xlnhnrwStr_MrCUDw-1714171131-1.0.1.1-EYKZpi8DtyM3pQjz8Il0OEAjrYF5dq.8M1VF6rqIpVj7n2k8lIg9cdrVulIE75DwQZp8Y8x3tOOxro3D.3Kalw; a=ie8hCUJtydlonKuFLGR1PTv7fptFgfGq; zone-cap-5263454=1; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQLyAAAAAAAACZUAAmMjUl7ZDMaqdxbf_gEsjcVoheYpmJg5gZlwscV4a4O7ktHk9sfHWhU57xelM37rEycPOjOuLRPXEZvM1re7hWXfitH2mwJnueOZ7SsUEQtbzI2dPLg1UiScH-jm6F6SGaIas36aDPzqsewKxytVBhhR-HeYysKNcFFdRiAn8mFhdY5HqRR9cC0XFsZow89tJUva-FrNO0edWNu_BSAgxujddLZrquJPWDXBCe-sq7UdFMUkJ_LNbYn4864bnSJVz9aZTrhER2CdPlQmgzh6AaPt-ASZKR0aG7E2Z8nP4UbkrsfoYnobP-FUSo9zds76FS0nuc0T7k9GMU87s1XfhqWGFiG57XLgdYvBbDDbnaH3ZxAMCMSi4MpJX4F5e8Fto71ScJIUTegdmvFQUH4zPx80AQLJk3a8XrXjWxzmWzeb0E7QfQ--eVnyF4k813XxuhfVETJ066GSkNjW-wLNJI8e8_EWUy4Cls2lnXiaW8PsSHP1W2wOIf0CtZqGFlSpBbl_6DrMmCyeysbV9H_bjU13byB-8uDH1DAmiF2leIO0Prl6A44gpw1q1GIB6B1UEZAZAE5GbwnR8PCYD_lEt3IlWp9ift136VEl9bVwrzJXDdDyO9534QV6pP87dYqtgGO0L7T8dGQnTy4jCAU_SDkN4MNCI5eT7wMd_yVGOrQUlzbouvL2l1fWkpbGbkHXFabxOiKvGA8tbgXr81eQ6FMduOKNyxBvjdNAsXrX6Oz447ibK42x_UjEf5qrwelUEMsAUx8lIvDwFShhvaDCnCfSxgYSk4FVq6IPIjiFGl4UPU0M1J-YXUZax0T-VTSW6DGb7z-VJVKgv0jMw4BSLzjjwBw6FLTjoOl4E8LNsnCHnd68bkHgVDEubs-oKry2ZsCQqynfLEe8O7ERSJTrKpNVVDL1_WblVYXOgzYTVz6LdvSZG5CSV5baam9bgE_Lzb5_X7R68qcOZ371RVF7IiTvclMOJ762eYGkyFEkz7cG
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 22:38:52 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87aa10cc5d09569b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| pogothere.xyz/ | 188.114.97.1 | 200 OK | 28 B |
IP188.114.97.1:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
File typeASCII text, with no line terminators Hashf70667f7910037fcdb79f4a84b4b62ed f45272204808c6b11003dc47688c3813fe995ad1 03a656dc044ab838659023001174785ad69d918bd7dec0e348e8310ae545e467
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:51 GMT
content-type: text/plain
set-cookie: csu=920930921271780@1@1714171131; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFMYMCKLhVATy1TqPH2EHdrWs7DOWoNuPLweb%2BU%2B5WkSMdc7SuEzm4TzhJybKfak1IFhnFLs%2FXzN4WSawRWwckUXKHqKXe7W8nF28LXzON7QjDXA1Pbpp85LML9pwsBV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa10c1afd956c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Fri, 26 Apr 2024 22:38:52 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.amdahost.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| 0c0be7a0c2.0ab9f67572.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjk1MTI5OTAzNjk2MTk1NjAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoyLjAyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 | 45.133.44.53 | 200 OK | 0 B |
URL GET HTTP/20c0be7a0c2.0ab9f67572.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjk1MTI5OTAzNjk2MTk1NjAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoyLjAyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subject0c0be7a0c2.0ab9f67572.com Fingerprint1E:76:86:5C:33:12:91:B3:DB:48:95:9C:34:E9:19:B7:9C:E5:BE:83 ValidityTue, 23 Apr 2024 04:00:22 GMT - Mon, 22 Jul 2024 04:00:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjk1MTI5OTAzNjk2MTk1NjAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2MTg1NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoyLjAyLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9 HTTP/1.1
Host: 0c0be7a0c2.0ab9f67572.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=161855 | 157.90.84.242 | 204 No Content | 58 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=161855 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash87385fcd2a67fc74d2fa67366ba68ea2 a604cdbb1d31ce257e8643eee9219c9c724c200c 9307cbb21345500294eae459b18a8ffb2bd2fcccd928a09efbc1e324fa9c9995
POST /fp?tag_id=161855 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1837
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 26 Apr 2024 22:38:53 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.amdahost.com
Set-Cookie: id=14217892250134137961; Expires=Sat, 26 Apr 2025 22:38:53 GMT; Secure; SameSite=None
Vary: Origin
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/3accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:ISVn_0D18eQYNBim2jmtI9k_CVov2w:-7hHvwZIHQiGZpYI; Expires=Sun, 26-Apr-2026 22:38:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyhwCGauSX9vMP4Daz6Tc7R7SwwPtpzRhEtvax_TH_xJYMGgk3ubYLJBRI44NfawcRUQve5xg
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-UU9wUbR1-yQNlPaxherkcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cf9c86d5de.f33207dc6c.com/c37eb03648abae911c8ba86cf51fd9e6.js | 45.133.44.52 | 200 OK | 47 kB |
URL GET HTTP/2cf9c86d5de.f33207dc6c.com/c37eb03648abae911c8ba86cf51fd9e6.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectcf9c86d5de.f33207dc6c.com Fingerprint07:43:06:4D:DB:B9:3C:31:4D:0B:61:89:FB:65:A1:AA:78:A1:36:FD ValidityTue, 23 Apr 2024 02:30:49 GMT - Mon, 22 Jul 2024 02:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash43bbdae87d79dcd4004a10032d2705fa 90da46e06cd98886954333888f561a61af7660c3 81579e7a056e1ec6dcc779f80d3a61509b10d5d96c832829cda488f8a40d329a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /c37eb03648abae911c8ba86cf51fd9e6.js HTTP/1.1
Host: cf9c86d5de.f33207dc6c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 25 Apr 2024 13:18:02 GMT
etag: W/"662a580a-29278"
content-encoding: gzip
expires: Fri, 26 Apr 2024 22:43:52 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| storage.multstorage.com/log/count.html | 104.21.30.242 | 200 OK | 434 B |
URL GET HTTP/2storage.multstorage.com/log/count.html IP104.21.30.242:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectmultstorage.com Fingerprint63:F0:24:29:21:22:E5:42:33:61:B5:20:05:1B:EF:36:81:F5:7B:0A ValiditySun, 17 Mar 2024 08:38:54 GMT - Sat, 15 Jun 2024 08:38:53 GMT
File typeHTML document, ASCII text, with very long lines (700) Hashb728ca9cd183d1b7c3f72116b19b22a3 c1fd73f6b02cf00b8bc60b09cc99495e8494b739 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
vary: Accept-Encoding
x-request-id: b8aa49cf89d2bb55f2131195794ab17d
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiaToQqpfm0BiaV6LodaYjTAspIGVagLGuqTqB8LHImkcm%2FObmnPghPzwih4mLXRR%2BCbBAbi6ENNnzejtXUR1BpQhiIPTdbkuereds4uIh3aszRCD%2BcmAc1y7ILKIGeEsvcqIJu%2FMwZf8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa10cc7c5c56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/get/ | 94.130.197.240 | 200 OK | 4.6 kB |
IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashbf68569dfaccbfedbbd71f1999fce295 ca474b96e548ad4a37919809ac2126e63c9f0fe0 2a9ed33172e086b13e6c13b667450343355408619f0539d73325e347b2e10292
POST /get/ HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1408
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.16.0
date: Fri, 26 Apr 2024 22:38:53 GMT
content-type: application/json
content-length: 4558
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| t0jma5qluoqn.s4.adsco.re/ | 185.200.116.51 | 200 OK | 0 B |
URL POST HTTP/2t0jma5qluoqn.s4.adsco.re/ IP185.200.116.51:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subject*.s4.adsco.re Fingerprint6C:EA:F6:8F:57:34:25:F9:39:76:98:E0:61:B8:C8:86:AD:CC:68:0A ValidityFri, 19 Apr 2024 09:12:40 GMT - Thu, 18 Jul 2024 09:12:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: t0jma5qluoqn.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:54 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/3accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:A6p0ba8uO-tkzA8rQiYs69eZivD5Tg:97ZNB8tjiaBVE3UT; Expires=Sun, 26-Apr-2026 22:38:57 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:57 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw1-Uid328_8IEBBqybOVVVDpyIv7lc1ogeo8R773j4fZvbpuy0ZSh5htxhRAD0JzEX471M_A
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-9T5HKI-IBpt6EYFH_ZOViA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| nereserv.com/in/dip?site=native-push&wl=1&event_id=95b4bdbe-3c5f-4e6c-b43a-cafb0a95730e&subid=1511354673&sid=3734910784&spot_id=529500&created_at=2024-04-26&timezone=0&ver=8.159.0&is_native=1 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2nereserv.com/in/dip?site=native-push&wl=1&event_id=95b4bdbe-3c5f-4e6c-b43a-cafb0a95730e&subid=1511354673&sid=3734910784&spot_id=529500&created_at=2024-04-26&timezone=0&ver=8.159.0&is_native=1 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/dip?site=native-push&wl=1&event_id=95b4bdbe-3c5f-4e6c-b43a-cafb0a95730e&subid=1511354673&sid=3734910784&spot_id=529500&created_at=2024-04-26&timezone=0&ver=8.159.0&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 22:38:58 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw1-Uid328_8IEBBqybOVVVDpyIv7lc1ogeo8R773j4fZvbpuy0ZSh5htxhRAD0JzEX471M_A | 74.125.131.84 | 302 Found | 425 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw1-Uid328_8IEBBqybOVVVDpyIv7lc1ogeo8R773j4fZvbpuy0ZSh5htxhRAD0JzEX471M_A IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeHTML document, ASCII text, with very long lines (403) Hash8abfc51c7ec2002844fde8cfa01c580d d8d3cc06c11367296d510bba95497ea769548f6e d94f9406d00b788e151d035bc960c3f54d90158982c366d041f1634ea901d6ef
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw1-Uid328_8IEBBqybOVVVDpyIv7lc1ogeo8R773j4fZvbpuy0ZSh5htxhRAD0JzEX471M_A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:bHxql_Pt5QwoQMtLwETbUbz1IdGKsQ:P91YW43lRawRuKL0;Path=/;Expires=Sun, 26-Apr-2026 22:38:58 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:58 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwvqO_IgJB1i3U81gKRHjOaTFdcMGRQWGozvTPNS7Oou6-J9A2rh6TALEY6FZ-57ZPilHIE&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1745413404%3A1714171138245672&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ihJZ_NppibbP9gC9HoO38w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 116f21a281.7fbe2fd8a8.com/in/multy | 157.90.84.246 | 204 No Content | 0 B |
URL OPTIONS HTTP/2116f21a281.7fbe2fd8a8.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subject7fbe2fd8a8.com FingerprintD4:8A:8B:7A:EF:BA:99:9B:9C:3A:45:2E:A7:88:D0:9D:CD:84:97:E8 ValidityTue, 23 Apr 2024 03:53:21 GMT - Mon, 22 Jul 2024 03:53:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: 116f21a281.7fbe2fd8a8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx/1.20.1
date: Fri, 26 Apr 2024 22:38:59 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwvqO_IgJB1i3U81gKRHjOaTFdcMGRQWGozvTPNS7Oou6-J9A2rh6TALEY6FZ-57ZPilHIE&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1745413404%3A1714171138245672&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 4.8 kB |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwvqO_IgJB1i3U81gKRHjOaTFdcMGRQWGozvTPNS7Oou6-J9A2rh6TALEY6FZ-57ZPilHIE&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1745413404%3A1714171138245672&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typegzip compressed data, max compression Hash168771559f3cf29c68f94d9607b71caa 36302f8bb25dbb2e196575b8ff6b8ad08eb44eba 4235745e43ba12c8fa36599f1aa39651f69d551536e879eaa0eeaa73f641dd4e
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwvqO_IgJB1i3U81gKRHjOaTFdcMGRQWGozvTPNS7Oou6-J9A2rh6TALEY6FZ-57ZPilHIE&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1745413404%3A1714171138245672&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:58 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-UyO5U8tGfgYNqOe9MpQ8dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 116f21a281.7fbe2fd8a8.com/in/multy | 157.90.84.246 | 204 No Content | 4.3 kB |
URL OPTIONS HTTP/2116f21a281.7fbe2fd8a8.com/in/multy IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subject7fbe2fd8a8.com FingerprintD4:8A:8B:7A:EF:BA:99:9B:9C:3A:45:2E:A7:88:D0:9D:CD:84:97:E8 ValidityTue, 23 Apr 2024 03:53:21 GMT - Mon, 22 Jul 2024 03:53:20 GMT
Hash8f97b28f5bb79b53641968b74fc28acc 416a6accc5c37cccd1f5fb22eb9ea236a39d2f95 77ef9ae18c6f99fac79f77a1f77a44c4a361591c03f48dcdc2f06e61d879329f
POST /in/multy HTTP/1.1
Host: 116f21a281.7fbe2fd8a8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2172
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 22:38:59 GMT
content-type: application/json
content-length: 4279
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 116f21a281.7fbe2fd8a8.com/in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D837b71035c&refdom=www.amdahost.com&auction_time=1714171139&subid=1511354673&sid=3734910784&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=51.71441052866651&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D837b71035c%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D837b71035c%26idzone%3D0%26sid%3D1886&icons=AfBCpGQVs13-2UYsEawvjN6IgfWxQhtZG9xrsUlklOTgnYMKLOeVaMakm30h4mzKq9UfSqwQjVC1r5CXzEd0DDWwKiwLg-fGNhF3VfghcCrwLtvHPecXDuoiV9KAORfZdm9OgdRM26lX0K5Vq9DacXDPb0nCNL3W4FQ0bKb-HHTroXOGhg&ext_cid=0&px_id=529500&min_cpm=0.0034691290873911642&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4342300150929365863&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0013121986628946978&cpm=0&verify_hash=539ac4a02faf06dfbc71ce00df286e89&is_native=4&real_bid=0.0003802923414613512&original_bid_usd=0.001005399&original_bid=0.001005399&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.001005399&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001005399&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=86273dc6-6761-4f17-a8b9-0c07ac4b9c70&prev_step_diff=1785 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2116f21a281.7fbe2fd8a8.com/in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D837b71035c&refdom=www.amdahost.com&auction_time=1714171139&subid=1511354673&sid=3734910784&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=51.71441052866651&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D837b71035c%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D837b71035c%26idzone%3D0%26sid%3D1886&icons=AfBCpGQVs13-2UYsEawvjN6IgfWxQhtZG9xrsUlklOTgnYMKLOeVaMakm30h4mzKq9UfSqwQjVC1r5CXzEd0DDWwKiwLg-fGNhF3VfghcCrwLtvHPecXDuoiV9KAORfZdm9OgdRM26lX0K5Vq9DacXDPb0nCNL3W4FQ0bKb-HHTroXOGhg&ext_cid=0&px_id=529500&min_cpm=0.0034691290873911642&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4342300150929365863&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0013121986628946978&cpm=0&verify_hash=539ac4a02faf06dfbc71ce00df286e89&is_native=4&real_bid=0.0003802923414613512&original_bid_usd=0.001005399&original_bid=0.001005399&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.001005399&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001005399&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=86273dc6-6761-4f17-a8b9-0c07ac4b9c70&prev_step_diff=1785 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subject7fbe2fd8a8.com FingerprintD4:8A:8B:7A:EF:BA:99:9B:9C:3A:45:2E:A7:88:D0:9D:CD:84:97:E8 ValidityTue, 23 Apr 2024 03:53:21 GMT - Mon, 22 Jul 2024 03:53:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D837b71035c&refdom=www.amdahost.com&auction_time=1714171139&subid=1511354673&sid=3734910784&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=51.71441052866651&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D837b71035c%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D837b71035c%26idzone%3D0%26sid%3D1886&icons=AfBCpGQVs13-2UYsEawvjN6IgfWxQhtZG9xrsUlklOTgnYMKLOeVaMakm30h4mzKq9UfSqwQjVC1r5CXzEd0DDWwKiwLg-fGNhF3VfghcCrwLtvHPecXDuoiV9KAORfZdm9OgdRM26lX0K5Vq9DacXDPb0nCNL3W4FQ0bKb-HHTroXOGhg&ext_cid=0&px_id=529500&min_cpm=0.0034691290873911642&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=4342300150929365863&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.0013121986628946978&cpm=0&verify_hash=539ac4a02faf06dfbc71ce00df286e89&is_native=4&real_bid=0.0003802923414613512&original_bid_usd=0.001005399&original_bid=0.001005399&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=114,20,27,108,0&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.001005399&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.000001005399&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=86273dc6-6761-4f17-a8b9-0c07ac4b9c70&prev_step_diff=1785 HTTP/1.1
Host: 116f21a281.7fbe2fd8a8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 22:38:59 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| 116f21a281.7fbe2fd8a8.com/in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D837b71035c&refdom=www.amdahost.com&auction_time=1714171139&subid=1511354673&sid=3734910784&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=51.71441052866651&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D837b71035c%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DvBEwDLROmF6xuv5aVBO91zC4GamKYiOwQOhBdDvg58ebJXX_DArpamu7yd-Z93lSWS1aaY59a-wqi84LabDGHznmdvJxmEQk6zYoQnI6TbHk2eXTYI7VaDtZiXpVBcezMcv2GKfaPBMbT4pBGFsioDBizAAwaWC5LnMPO7cfcB1I28hv4hwPOnOA1pRGiyB8fOaGJyTILX7pPEWueC3K6bo67iAkqFerdblCoBnOW5JM-P4UNuls4ElJcjuHIA9CJ8R2z_y3lFjbAkgUXxTeQQkwWms4OJu6E79TZjLZv_Iy5X4KCnew4RAFFfyJRYbVl1IhtFm1B6hVJw0Vsz-SzWNBHA80ex8DfF23qNS33DJdZtz6X5dLHQEnkKoti3XGkxEJOlxxycfzTMscQJpU-vrDnUm0WG_pHBPf6-7ND9QIXCDqN2CBZEkkbXeS4YqRvZxd149kR4CEKw2ObmvAYc2k2HwbG3iaQs-QkeLu4qePhqKPc2kBUnGuz6Gsd5rIukmYvlDpu4jU7cDoRmpMW3YstTKv3Vg69dFbbZ0YAlxuh1-rQ1yekEmXos04GZ2Ww-_8ftH8&icons=vZga6OlWXiWfu5pSon5rLUgrNE11jWa0r8o6cpizCyTSIh30UvTGrVcmBQVMButWdTPltAVzXD1hVGYyDxbLRyGGz3O2pgDAaxQP4j2kcsStzWVUZzowp2zzNjN0c2l0bbi5G9_r84SycVDDK37vArKYRAcdt7HYeuQbk0hCtdx8-NOcWK1ksuL-z7PcIYuLVUMMQ9HV2SHEfxRWTalmb60zNmAemPVXFzgHi24fsr2vi2rMqvijNitaXv6JakST6tnd8VWJbR6u8FRFjInsMnw9IFeZBNg0nYnqMRL4VR9IG9fSBVNMZ_aC6bYt_SFdhrDf-KRgW3_BttJHBGRpFjO340CcPeq58cNBxFME1WmvsBp6ZWWSlnvT0Aq0LjIX5e1_3nQvnvUQipud-U1JreW-T5jgetGjqt9c70NtUCgP_c8xvaGC0f9TxlMBJS96dS9JLZsMaU3t1l2MKvq9TjfW5pkxgY8Jl4ycxDB7zVOtQYcedsyNKCQpynpiQ4XxPraM1As82BPYhzZKFPEo5WQl6itFAAH9Ye-effm-WgHBRd6CfmkbPBbvo9OLoPcA9JIT20sEMs45HapsIIMhsN_BRXsZ43Qazo2tYaVYehcgFJzZJIFha_Onf2fOjRPVZaxeu7GAZvBvSgmo7HouQgLEwWFil54LvyX5lW0aqgK7jrJ792DrvyRS-Ce9R14z-v67s2k&ext_cid=0&px_id=31529500&min_cpm=0.03386361324041812&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=4342300150929365863&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.11055618342829855&cpm=0&verify_hash=0829b080d4a6808bf805b98774205eaf&is_native=1&real_bid=0.0032823749631643124&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=93,101,4,11&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1714228739&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F2483444%2F551813_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000375&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=f7afe541-f10e-46f1-91b4-a59395600838&prev_step_diff=1784 | 157.90.84.246 | 200 OK | 0 B |
URL GET HTTP/2116f21a281.7fbe2fd8a8.com/in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D837b71035c&refdom=www.amdahost.com&auction_time=1714171139&subid=1511354673&sid=3734910784&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=51.71441052866651&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D837b71035c%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DvBEwDLROmF6xuv5aVBO91zC4GamKYiOwQOhBdDvg58ebJXX_DArpamu7yd-Z93lSWS1aaY59a-wqi84LabDGHznmdvJxmEQk6zYoQnI6TbHk2eXTYI7VaDtZiXpVBcezMcv2GKfaPBMbT4pBGFsioDBizAAwaWC5LnMPO7cfcB1I28hv4hwPOnOA1pRGiyB8fOaGJyTILX7pPEWueC3K6bo67iAkqFerdblCoBnOW5JM-P4UNuls4ElJcjuHIA9CJ8R2z_y3lFjbAkgUXxTeQQkwWms4OJu6E79TZjLZv_Iy5X4KCnew4RAFFfyJRYbVl1IhtFm1B6hVJw0Vsz-SzWNBHA80ex8DfF23qNS33DJdZtz6X5dLHQEnkKoti3XGkxEJOlxxycfzTMscQJpU-vrDnUm0WG_pHBPf6-7ND9QIXCDqN2CBZEkkbXeS4YqRvZxd149kR4CEKw2ObmvAYc2k2HwbG3iaQs-QkeLu4qePhqKPc2kBUnGuz6Gsd5rIukmYvlDpu4jU7cDoRmpMW3YstTKv3Vg69dFbbZ0YAlxuh1-rQ1yekEmXos04GZ2Ww-_8ftH8&icons=vZga6OlWXiWfu5pSon5rLUgrNE11jWa0r8o6cpizCyTSIh30UvTGrVcmBQVMButWdTPltAVzXD1hVGYyDxbLRyGGz3O2pgDAaxQP4j2kcsStzWVUZzowp2zzNjN0c2l0bbi5G9_r84SycVDDK37vArKYRAcdt7HYeuQbk0hCtdx8-NOcWK1ksuL-z7PcIYuLVUMMQ9HV2SHEfxRWTalmb60zNmAemPVXFzgHi24fsr2vi2rMqvijNitaXv6JakST6tnd8VWJbR6u8FRFjInsMnw9IFeZBNg0nYnqMRL4VR9IG9fSBVNMZ_aC6bYt_SFdhrDf-KRgW3_BttJHBGRpFjO340CcPeq58cNBxFME1WmvsBp6ZWWSlnvT0Aq0LjIX5e1_3nQvnvUQipud-U1JreW-T5jgetGjqt9c70NtUCgP_c8xvaGC0f9TxlMBJS96dS9JLZsMaU3t1l2MKvq9TjfW5pkxgY8Jl4ycxDB7zVOtQYcedsyNKCQpynpiQ4XxPraM1As82BPYhzZKFPEo5WQl6itFAAH9Ye-effm-WgHBRd6CfmkbPBbvo9OLoPcA9JIT20sEMs45HapsIIMhsN_BRXsZ43Qazo2tYaVYehcgFJzZJIFha_Onf2fOjRPVZaxeu7GAZvBvSgmo7HouQgLEwWFil54LvyX5lW0aqgK7jrJ792DrvyRS-Ce9R14z-v67s2k&ext_cid=0&px_id=31529500&min_cpm=0.03386361324041812&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=4342300150929365863&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.11055618342829855&cpm=0&verify_hash=0829b080d4a6808bf805b98774205eaf&is_native=1&real_bid=0.0032823749631643124&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=93,101,4,11&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1714228739&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F2483444%2F551813_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000375&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=f7afe541-f10e-46f1-91b4-a59395600838&prev_step_diff=1784 IP157.90.84.246:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subject7fbe2fd8a8.com FingerprintD4:8A:8B:7A:EF:BA:99:9B:9C:3A:45:2E:A7:88:D0:9D:CD:84:97:E8 ValidityTue, 23 Apr 2024 03:53:21 GMT - Mon, 22 Jul 2024 03:53:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/show/?tag_ab=a&site_id=31529500&adblock=0&testab=0&auction_host=apply&mm=0&yc=0&render_type=mq&pr=&banner_width=300&banner_height=250&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=all,dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.amdahost.com%2Fwatch_direct.php%3Fid%3D837b71035c&refdom=www.amdahost.com&auction_time=1714171139&subid=1511354673&sid=3734910784&tcid=0&ver=8.159.0&ver_c=&spot_id=529500&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-04-26&iabcat=IAB25-3&keywords=adult&user_fp=4401471644825250461&score=51.71441052866651&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1511354673%26spot_id%3D529500%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.amdahost.com%252Fwatch_direct.php%253Fid%253D837b71035c%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=107563&crtid=2c48922f67f3db239f07842af569ad8e&url=http%3A%2F%2Fargodol.com%2Fie%3Fv%3D4%26c%3DvBEwDLROmF6xuv5aVBO91zC4GamKYiOwQOhBdDvg58ebJXX_DArpamu7yd-Z93lSWS1aaY59a-wqi84LabDGHznmdvJxmEQk6zYoQnI6TbHk2eXTYI7VaDtZiXpVBcezMcv2GKfaPBMbT4pBGFsioDBizAAwaWC5LnMPO7cfcB1I28hv4hwPOnOA1pRGiyB8fOaGJyTILX7pPEWueC3K6bo67iAkqFerdblCoBnOW5JM-P4UNuls4ElJcjuHIA9CJ8R2z_y3lFjbAkgUXxTeQQkwWms4OJu6E79TZjLZv_Iy5X4KCnew4RAFFfyJRYbVl1IhtFm1B6hVJw0Vsz-SzWNBHA80ex8DfF23qNS33DJdZtz6X5dLHQEnkKoti3XGkxEJOlxxycfzTMscQJpU-vrDnUm0WG_pHBPf6-7ND9QIXCDqN2CBZEkkbXeS4YqRvZxd149kR4CEKw2ObmvAYc2k2HwbG3iaQs-QkeLu4qePhqKPc2kBUnGuz6Gsd5rIukmYvlDpu4jU7cDoRmpMW3YstTKv3Vg69dFbbZ0YAlxuh1-rQ1yekEmXos04GZ2Ww-_8ftH8&icons=vZga6OlWXiWfu5pSon5rLUgrNE11jWa0r8o6cpizCyTSIh30UvTGrVcmBQVMButWdTPltAVzXD1hVGYyDxbLRyGGz3O2pgDAaxQP4j2kcsStzWVUZzowp2zzNjN0c2l0bbi5G9_r84SycVDDK37vArKYRAcdt7HYeuQbk0hCtdx8-NOcWK1ksuL-z7PcIYuLVUMMQ9HV2SHEfxRWTalmb60zNmAemPVXFzgHi24fsr2vi2rMqvijNitaXv6JakST6tnd8VWJbR6u8FRFjInsMnw9IFeZBNg0nYnqMRL4VR9IG9fSBVNMZ_aC6bYt_SFdhrDf-KRgW3_BttJHBGRpFjO340CcPeq58cNBxFME1WmvsBp6ZWWSlnvT0Aq0LjIX5e1_3nQvnvUQipud-U1JreW-T5jgetGjqt9c70NtUCgP_c8xvaGC0f9TxlMBJS96dS9JLZsMaU3t1l2MKvq9TjfW5pkxgY8Jl4ycxDB7zVOtQYcedsyNKCQpynpiQ4XxPraM1As82BPYhzZKFPEo5WQl6itFAAH9Ye-effm-WgHBRd6CfmkbPBbvo9OLoPcA9JIT20sEMs45HapsIIMhsN_BRXsZ43Qazo2tYaVYehcgFJzZJIFha_Onf2fOjRPVZaxeu7GAZvBvSgmo7HouQgLEwWFil54LvyX5lW0aqgK7jrJ792DrvyRS-Ce9R14z-v67s2k&ext_cid=0&px_id=31529500&min_cpm=0.03386361324041812&out_id=0&campaign_type=mq&aid=291&cid=2928&uniq=&mid=4342300150929365863&skin_id=71&vertical_id=11&skin_test=0&from_cache=0&ecpm=0.11055618342829855&cpm=0&verify_hash=0829b080d4a6808bf805b98774205eaf&is_native=1&real_bid=0.0032823749631643124&original_bid_usd=0.00375&original_bid=0.00375&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=93,101,4,11&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=1714228739&image_url=https%3A%2F%2Fimg.vmmcdn.com%2Fget%2F2483444%2F551813_image.jpg&site=native-push-adult&price=0.00375&hostname=auc-inpage-hz-7-a&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.00000375&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=f7afe541-f10e-46f1-91b4-a59395600838&prev_step_diff=1784 HTTP/1.1
Host: 116f21a281.7fbe2fd8a8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 22:38:59 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=4da3f383-f146-4ec8-8773-112f499d88d5&prev_step_diff=1784 | 45.133.44.25 | 200 OK | 486 B |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=4da3f383-f146-4ec8-8773-112f499d88d5&prev_step_diff=1784 IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashceeb4e8840c24621c0e0352b42b38a5b 03cbceb0134a39267014595938705e2916580644 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.15&cpa=4da3f383-f146-4ec8-8773-112f499d88d5&prev_step_diff=1784 HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:59 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-1e6"
expires: Sat, 26 Apr 2025 22:38:59 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a.pemsrv.com/popunder1000.js | 185.76.9.19 | 200 OK | 38 kB |
URL GET HTTP/2a.pemsrv.com/popunder1000.js IP185.76.9.19:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
File typegzip compressed data, from Unix Hashbaed0bdabab6a7aad73ee3dcef71d557 088ee53dfc4b17bd1f824f3300d314e27774ca00 ddcccda7fc239d288eef21adad4b290ae53b60a4a4c1b48c797cf02fe0d29977
GET /popunder1000.js HTTP/1.1
Host: a.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"d9d3b543c03e218b51fa2081f01"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 24 Apr 2024 18:06:12 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3nBUAAAwBuUwKEwH3EQAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: c0a4cc283510c333fa2c2c663bcc5f0f
x-accel-expires: @1714176398
x-accel-date: 1714165598
x-77-cache: HIT
x-77-age: 5532
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 5532
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| imgsdn.com/ie?v=4&c=ejsINKFx0gxREIir0HNY9xbJ1BTaLKAa937-CKYnfxUq95IhtjmhyjKYjVSKVbF7KxOSlvlbiXLuC8Fvu7MfkTsVt0IA4liLn7-WgQCzMTYmPKY4uRTzMnv3Hh0fWHeWORLHckbOJNR8aj2WgD8sef1RhqdiEHYAFoj8A5ZykOr8znmOAjB5fIp-xQCtR-5tyJnmMbf8n0Xkf6B54yFRPhohfUlit5ZRvnWo7_4maesNhHgNuIFSzLurACUet9SNAtZGwijryIGtWLy8O_2mvHHkudX6V4h394-2X7YB4bZf_RMUVFk-d8Rmoy8Ss9oYyW28fJZ-hnvNIDIWqUa73ZkUp6ASGdZsk4fsEqRbAWJmGTMft9iudxVeDiqqNFcfucVQLP7Y_3iflF0dnXfPEPAalTQggskBSkseUGBWnrcBtMTHATfEyAy_LJAMPQ==&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=9175f53b-cb32-433d-914c-e48cf8500349&prev_step_diff=1784 | 157.90.94.146 | 301 Moved Permanently | 0 B |
URL GET HTTP/1.1imgsdn.com/ie?v=4&c=ejsINKFx0gxREIir0HNY9xbJ1BTaLKAa937-CKYnfxUq95IhtjmhyjKYjVSKVbF7KxOSlvlbiXLuC8Fvu7MfkTsVt0IA4liLn7-WgQCzMTYmPKY4uRTzMnv3Hh0fWHeWORLHckbOJNR8aj2WgD8sef1RhqdiEHYAFoj8A5ZykOr8znmOAjB5fIp-xQCtR-5tyJnmMbf8n0Xkf6B54yFRPhohfUlit5ZRvnWo7_4maesNhHgNuIFSzLurACUet9SNAtZGwijryIGtWLy8O_2mvHHkudX6V4h394-2X7YB4bZf_RMUVFk-d8Rmoy8Ss9oYyW28fJZ-hnvNIDIWqUa73ZkUp6ASGdZsk4fsEqRbAWJmGTMft9iudxVeDiqqNFcfucVQLP7Y_3iflF0dnXfPEPAalTQggskBSkseUGBWnrcBtMTHATfEyAy_LJAMPQ==&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=9175f53b-cb32-433d-914c-e48cf8500349&prev_step_diff=1784 IP157.90.94.146:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectnimrute.com FingerprintFE:11:FD:FB:69:FC:E9:22:01:AE:4B:9D:F5:85:C9:1C:FF:4D:44:D4 ValidityMon, 12 Feb 2024 14:13:04 GMT - Sun, 12 May 2024 14:13:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=ejsINKFx0gxREIir0HNY9xbJ1BTaLKAa937-CKYnfxUq95IhtjmhyjKYjVSKVbF7KxOSlvlbiXLuC8Fvu7MfkTsVt0IA4liLn7-WgQCzMTYmPKY4uRTzMnv3Hh0fWHeWORLHckbOJNR8aj2WgD8sef1RhqdiEHYAFoj8A5ZykOr8znmOAjB5fIp-xQCtR-5tyJnmMbf8n0Xkf6B54yFRPhohfUlit5ZRvnWo7_4maesNhHgNuIFSzLurACUet9SNAtZGwijryIGtWLy8O_2mvHHkudX6V4h394-2X7YB4bZf_RMUVFk-d8Rmoy8Ss9oYyW28fJZ-hnvNIDIWqUa73ZkUp6ASGdZsk4fsEqRbAWJmGTMft9iudxVeDiqqNFcfucVQLP7Y_3iflF0dnXfPEPAalTQggskBSkseUGBWnrcBtMTHATfEyAy_LJAMPQ==&v1=531&v2=107563&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.15&cpa=9175f53b-cb32-433d-914c-e48cf8500349&prev_step_diff=1784 HTTP/1.1
Host: imgsdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Fri, 26 Apr 2024 22:38:59 GMT
content-length: 0
location: https://img.vmmcdn.com/get/36247733/551813_icon.png
x-app-id: 13
|
|
| img.vmmcdn.com/get/2483444/551813_image.jpg | 46.4.121.113 | 200 OK | 12 kB |
URL GET HTTP/2img.vmmcdn.com/get/2483444/551813_image.jpg IP46.4.121.113:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectimg.vmmcdn.com Fingerprint35:E7:50:83:81:F0:56:72:43:78:A5:4D:BF:00:F7:2C:AD:25:0F:C4 ValiditySat, 13 Apr 2024 08:24:46 GMT - Fri, 12 Jul 2024 08:24:45 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 720x480, components 3 Hashee921bcd225785444d8ab128ca1d0941 e92f5588c738df6912e3658d883aeb66b486560b 4da4a312766a4b2e3cb69b5d7188a4b073e757ae350687ac22b3dfa81fccf15c
GET /get/2483444/551813_image.jpg HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 26 Apr 2024 22:39:00 GMT
content-type: image/jpeg
content-length: 12075
last-modified: Wed, 27 Mar 2024 08:33:26 GMT
cache-control: public, max-age=604800
etag: "6603d9d6-2f2b"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| img.vmmcdn.com/get/36247733/551813_icon.png | 46.4.121.113 | 200 OK | 16 kB |
URL GET HTTP/2img.vmmcdn.com/get/36247733/551813_icon.png IP46.4.121.113:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectimg.vmmcdn.com Fingerprint35:E7:50:83:81:F0:56:72:43:78:A5:4D:BF:00:F7:2C:AD:25:0F:C4 ValiditySat, 13 Apr 2024 08:24:46 GMT - Fri, 12 Jul 2024 08:24:45 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash2c9db85a888d82918d6b5e7b8aaf034c e131dbff858f82c0289c9393890ae37df6f7536c fe6e93a4fb0a7890f7bddd5f9e3a0cb011a7bdfdeed14e1d48d896a9eedb22f9
GET /get/36247733/551813_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 26 Apr 2024 22:39:00 GMT
content-type: image/png
content-length: 15575
last-modified: Wed, 27 Mar 2024 08:33:26 GMT
cache-control: public, max-age=604800
etag: "6603d9d6-3cd7"
x-proxy-cache: HIT
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: x-requested-with
access-control-allow-headers: x-requested-with
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/cdn-cgi/rum? | 104.21.40.89 | 204 No Content | 0 B |
URL POST HTTP/3www.amdahost.com/cdn-cgi/rum? IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 520
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=837b71035c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 22:39:15 GMT
access-control-allow-origin: https://www.amdahost.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87aa11587f93569b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| fonts.googleapis.com/css2?family=Bebas+Neue&display=swap | 142.250.74.74 | 200 OK | 799 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bebas+Neue&display=swap IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (817), with no line terminators Hashc493231efba2219e3348f16e938d7380 95b2c3d6221a58cbd7e96f2c05c40d03f53fb16c ff65de3252fffb1650fca0c23a1a87351bf5b2385dc11e35e19b94c3495e4cf0
GET /css2?family=Bebas+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 22:38:49 GMT
date: Fri, 26 Apr 2024 22:38:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cf9c86d5de.f33207dc6c.com/1db907bfe28934810665eeb126926cf9.js | 45.133.44.52 | 200 OK | 97 kB |
URL GET HTTP/2cf9c86d5de.f33207dc6c.com/1db907bfe28934810665eeb126926cf9.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectcf9c86d5de.f33207dc6c.com Fingerprint07:43:06:4D:DB:B9:3C:31:4D:0B:61:89:FB:65:A1:AA:78:A1:36:FD ValidityTue, 23 Apr 2024 02:30:49 GMT - Mon, 22 Jul 2024 02:30:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1db907bfe28934810665eeb126926cf9.js HTTP/1.1
Host: cf9c86d5de.f33207dc6c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Fri, 26 Apr 2024 22:43:52 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| t0jma5qluoqn.l4.adsco.re/ | 185.200.118.51 | 200 OK | 0 B |
URL POST HTTP/2t0jma5qluoqn.l4.adsco.re/ IP185.200.118.51:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subject*.l4.adsco.re FingerprintB2:51:02:63:F4:E6:E7:3A:98:79:B7:C5:F8:81:EC:E8:79:B9:BC:22 ValidityFri, 19 Apr 2024 09:12:52 GMT - Thu, 18 Jul 2024 09:12:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: t0jma5qluoqn.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cf9c86d5de.f33207dc6c.com/0d1d1d0ae3f06d802747776c90722fd4.js | 45.133.44.52 | 200 OK | 470 kB |
URL GET HTTP/2cf9c86d5de.f33207dc6c.com/0d1d1d0ae3f06d802747776c90722fd4.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectcf9c86d5de.f33207dc6c.com Fingerprint07:43:06:4D:DB:B9:3C:31:4D:0B:61:89:FB:65:A1:AA:78:A1:36:FD ValidityTue, 23 Apr 2024 02:30:49 GMT - Mon, 22 Jul 2024 02:30:48 GMT
Size470 kB (470121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0d1d1d0ae3f06d802747776c90722fd4.js HTTP/1.1
Host: cf9c86d5de.f33207dc6c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:57 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 12:49:54 GMT
etag: W/"661e73f2-72c69"
content-encoding: gzip
expires: Fri, 26 Apr 2024 22:43:57 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| a.magsrv.com/ad-provider.js | 185.76.9.14 | 200 OK | 165 kB |
URL GET HTTP/2a.magsrv.com/ad-provider.js IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typeJavaScript source, ASCII text, with very long lines (34846) Size165 kB (164895 bytes) Hasheb15e779d412d3391d2aae19aa7755d3 e85e090c7bd1847e2936d843e14e9f8b38cea47d 7d4f4482a232632c2c8aa4d37adcd5fb14e9fe2d707ae067df0d87596a2c6c9e
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:49 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e85e090c7bd1847e2936d843e14"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 24 Apr 2024 18:06:10 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3mxUAAAwBuUwKAQH3EQAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: c0a4cc2831082d25f92c2c66f43b5e00
x-accel-expires: @1714176398
x-accel-date: 1714165598
x-77-cache: HIT
x-77-age: 5531
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 5531
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Lobster&display=swap | 142.250.74.74 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lobster&display=swap IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (1825), with no line terminators Hash785af4cad14c8087afd0b4ca069742ba b81dc83d9ec505a925e3da6bac340491a13460af dc804cd560b63c44aea3659ce684d8b21a4ccbe7180f953716be1e3e1c4f5274
GET /css2?family=Lobster&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 22:38:49 GMT
date: Fri, 26 Apr 2024 22:38:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap | 142.250.74.74 | 200 OK | 789 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@600&display=swap IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (807), with no line terminators Hash6f717af0e726a10479b7e8bed93e5142 a115121febff939512aba08376c87856e8eb7d81 3f2d568b6fb6321a2e59f992275a60a22c904f5e8d84b7c6e43b1bb702ae86db
GET /css2?family=Poppins:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 22:38:49 GMT
date: Fri, 26 Apr 2024 22:38:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cf9c86d5de.f33207dc6c.com/1e6048537fd0bf07420ace8536306a3b/161855?version_name=a | 45.133.44.52 | 200 OK | 2.4 kB |
URL GET HTTP/2cf9c86d5de.f33207dc6c.com/1e6048537fd0bf07420ace8536306a3b/161855?version_name=a IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectcf9c86d5de.f33207dc6c.com Fingerprint07:43:06:4D:DB:B9:3C:31:4D:0B:61:89:FB:65:A1:AA:78:A1:36:FD ValidityTue, 23 Apr 2024 02:30:49 GMT - Mon, 22 Jul 2024 02:30:48 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2744), with no line terminators Hash57ed9e8789c799ac1c0cb88a331fc507 9499433765f97a3c779b7bd8bb0c6d61001bbe70 23725421b5fecd31ac898b0c3b41b8d7dfef35d750da060be73c3d6350b3e5ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1e6048537fd0bf07420ace8536306a3b/161855?version_name=a HTTP/1.1
Host: cf9c86d5de.f33207dc6c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Fri, 26 Apr 2024 22:43:50 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| quitesousefulhe.info/popunder.gif | 172.67.156.192 | 200 OK | 35 B |
URL GET HTTP/3quitesousefulhe.info/popunder.gif IP172.67.156.192:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectquitesousefulhe.info Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7 ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 162663
last-modified: Thu, 25 Apr 2024 01:27:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hU8CP%2FLMS%2BfRE9CVh%2Bj5H82a%2FCPMa3casqTYVb86rCsJcWY6h8BtABiS1Mv%2B9F2q6uT77mN5Ko3noKPxf%2FC5JyaioBCn%2BvckJQc7s%2FZU2t6mXlNvRwLfjmXzhKLz86Ml9C2IhuuwmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10cc9ac2b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyhwCGauSX9vMP4Daz6Tc7R7SwwPtpzRhEtvax_TH_xJYMGgk3ubYLJBRI44NfawcRUQve5xg | 74.125.131.84 | 302 Found | 0 B |
URL GET HTTP/3accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyhwCGauSX9vMP4Daz6Tc7R7SwwPtpzRhEtvax_TH_xJYMGgk3ubYLJBRI44NfawcRUQve5xg IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyhwCGauSX9vMP4Daz6Tc7R7SwwPtpzRhEtvax_TH_xJYMGgk3ubYLJBRI44NfawcRUQve5xg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:bJK_xx6tHH-f7EdazSj-rQ6Qm8l5IQ:H0xsf7HwIywIf4WV;Path=/;Expires=Sun, 26-Apr-2026 22:38:53 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:53 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwntiAylYjP2OcSqVZ56uOd8vNywmJiPGZjINv7T9UoVNNjc9UF1TAbhwFoK9_ST-wO8XEj2A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1812651663%3A1714171133339585&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-hJsHIL-qISAargLQUwtgCQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.tailwindcss.com/ | 172.67.41.16 | 302 Found | 366 kB |
IP172.67.41.16:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
Size366 kB (365681 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 22:38:48 GMT
cache-control: max-age=14400
location: /3.4.3
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::w4zjr-1714169885236-808d71908810
cf-cache-status: HIT
age: 799
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10b40d9eb4ee-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Black&display=swap | 142.250.74.74 | 200 OK | 819 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Archivo+Black&display=swap IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (837), with no line terminators Hashfa0b91b21b81c25b4d2bb89c6d9d84fb 1788d71d75cf429352999edca5573800814aba3f 5385a711b1675e90eb76b002d80f1c53e71449889caf26b5ee6ec34f3df23fa7
GET /css2?family=Archivo+Black&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 22:38:49 GMT
date: Fri, 26 Apr 2024 22:38:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t0jma5qluoqn.n4.adsco.re/ | 38.132.109.115 | 200 OK | 0 B |
URL POST HTTP/2t0jma5qluoqn.n4.adsco.re/ IP38.132.109.115:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subject*.n4.adsco.re Fingerprint45:6E:69:F7:75:1D:65:9E:20:3D:CF:CE:8B:F5:36:72:85:BD:76:EC ValidityFri, 19 Apr 2024 09:12:46 GMT - Thu, 18 Jul 2024 09:12:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: t0jma5qluoqn.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/media/favicon-16x16.png | 104.21.40.89 | 200 OK | 936 B |
URL GET HTTP/3www.amdahost.com/media/favicon-16x16.png IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashac0cd4d64276fa91e68993406abcd43d c9af1132645f2bccfb9295a4e45cc95e8e78b7b6 bf852eabb9e0bbeb89b360a2dc4ccc1b86f2ffea3dfa78f0c2bb8747be598382
GET /media/favicon-16x16.png HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=837b71035c
Cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:51 GMT
content-type: image/png
content-length: 936
last-modified: Sun, 17 Mar 2024 20:29:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3093
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vnLtLjCvkPiXZdyGxiCoCfWRyZ%2B7BGiXTzJA15u8G10hhqMzD0GNZ3nGOBZVFPl4oD0yYdjoAtb8k1HyBRCCOw%2FsWM9rpNnyMvNO0Xt5q0OtKZCsIp4s0NPBHD54gde7N6o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10c15cf6569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwF_Rfyk8LW4lEN_qehVAQA9eLwtMP7jpCvnX6Ah9uzB-v01BtfomaT4uA5M6fHE8fvXm9pFQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1527658459%3A1714171131355229&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwF_Rfyk8LW4lEN_qehVAQA9eLwtMP7jpCvnX6Ah9uzB-v01BtfomaT4uA5M6fHE8fvXm9pFQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1527658459%3A1714171131355229&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwF_Rfyk8LW4lEN_qehVAQA9eLwtMP7jpCvnX6Ah9uzB-v01BtfomaT4uA5M6fHE8fvXm9pFQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1527658459%3A1714171131355229&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:51 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-2Evj-w0jiLCgTDua3e1mJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| c.adsco.re/ | 104.17.167.186 | 200 OK | 82 kB |
IP104.17.167.186:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 27 May 2024 22:38:52 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 704575
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10c98d6b56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| a.magsrv.com/ad-provider.js | 185.76.9.14 | 200 OK | 165 kB |
URL GET HTTP/2a.magsrv.com/ad-provider.js IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typeJavaScript source, ASCII text, with very long lines (34846) Size165 kB (164895 bytes) Hasheb15e779d412d3391d2aae19aa7755d3 e85e090c7bd1847e2936d843e14e9f8b38cea47d 7d4f4482a232632c2c8aa4d37adcd5fb14e9fe2d707ae067df0d87596a2c6c9e
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e85e090c7bd1847e2936d843e14"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 24 Apr 2024 18:06:10 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3nBUAAAwBuUwKAQH3EQAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: c0a4cc2831082d25fa2c2c665495d408
x-accel-expires: @1714176398
x-accel-date: 1714165598
x-77-cache: HIT
x-77-age: 5532
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 5532
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwnboYFcI79_oWbx0UtiKrzmSqpxvMHglzivVbwQzSdjSwmnaN0lxt-0vKZiUrEuwDegi1BZg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S537448165%3A1714171131392252&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwnboYFcI79_oWbx0UtiKrzmSqpxvMHglzivVbwQzSdjSwmnaN0lxt-0vKZiUrEuwDegi1BZg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S537448165%3A1714171131392252&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwnboYFcI79_oWbx0UtiKrzmSqpxvMHglzivVbwQzSdjSwmnaN0lxt-0vKZiUrEuwDegi1BZg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S537448165%3A1714171131392252&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:51 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce-z3G6M0YdRQc6xp2GndyZlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 | 104.16.80.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP104.16.80.73:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19261), with no line terminators Hash3be93fd15d2f7dee2fc0c8981c6fa5c6 8cd88c36fad3e96641dbc4d781f5ddbe5123312f 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:48 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10b3b9a10b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/asd100.bin | 188.114.97.1 | 200 OK | 102 kB |
IP188.114.97.1:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
Size102 kB (102400 bytes) Hash4c6426ac7ef186464ecbb0d81cbfcb1e 5a6918eebd9d635e8f632e3ef34e3792b1b5ec13 f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:51 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.amdahost.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5415
last-modified: Fri, 26 Apr 2024 21:08:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhA3KEUkcdbNJU%2BQUn6N6LLLSl2vlUEnp%2BRIpQlDyeWwiPfxbrIdXiaxGOjthtEiz5j2paxuEMlz3nDlmEIXJSr4%2FjSpphgfZCk89NDscPg9B4H9hcEz5U8ICopwiwKT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10c19fcd56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cf9c86d5de.f33207dc6c.com/526afdf9b717924176eabd0c81f90a31.js | 45.133.44.52 | 200 OK | 109 kB |
URL GET HTTP/2cf9c86d5de.f33207dc6c.com/526afdf9b717924176eabd0c81f90a31.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectcf9c86d5de.f33207dc6c.com Fingerprint07:43:06:4D:DB:B9:3C:31:4D:0B:61:89:FB:65:A1:AA:78:A1:36:FD ValidityTue, 23 Apr 2024 02:30:49 GMT - Mon, 22 Jul 2024 02:30:48 GMT
Size109 kB (109340 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /526afdf9b717924176eabd0c81f90a31.js HTTP/1.1
Host: cf9c86d5de.f33207dc6c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab1c"
content-encoding: gzip
expires: Fri, 26 Apr 2024 22:43:50 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg | 185.76.9.18 | 200 OK | 19 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/6aef4fee473c54e96ff8.svg IP185.76.9.18:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typeSVG Scalable Vector Graphics image Hash805524b1fa0e091076d7afbf68e31133 ab696de0e85a7ce728cbe9b4131f5f4d528fb788 ad0276c58ec6a9875a2e1d39d972950763aac2e8f6262638d5868402ae2466fd
GET /v3/current/6aef4fee473c54e96ff8.svg HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:12 GMT
etag: W/"65fc34c0-4880"
expires: Fri, 22 Mar 2024 21:45:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3cQwAAAwBuUwKDAH3AAAAAAwBisclxAGzgVEBAA
x-77-nzt-ray: c0a4cc28da0b2925fa2c2c66fdd6120b
x-accel-expires: @1714254345
x-accel-date: 1714167945
x-77-cache: HIT
x-77-age: 3185
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 3185
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp | 45.133.44.25 | 200 OK | 1.1 kB |
URL GET HTTP/2static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp IP45.133.44.25:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectstatic.bookmsg.com FingerprintD1:F7:45:48:1F:97:95:82:21:67:D7:E5:0D:16:FA:F3:6C:7C:97:76 ValidityFri, 05 Apr 2024 03:01:07 GMT - Thu, 04 Jul 2024 03:01:06 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp Hash2a11e13b2bd67bb9a6cb347d7c73df13 b85460a33f9b229f42c08a6a94ae433a4d5c32ab 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:59 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
etag: "6572ed5b-42a"
expires: Sat, 26 Apr 2025 22:38:59 GMT
cache-control: max-age=31536000
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/aas/r45d/vki/2020088/3f23ef09.js | 212.117.190.201 | 200 OK | 106 kB |
URL GET HTTP/2ku42hjr2e.com/aas/r45d/vki/2020088/3f23ef09.js IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65106) Size106 kB (106460 bytes) Hash282e4211c6aa475b438a8af84a2d5f2a 236912a2a74165b3864a118f55461948e6a25e13 51a486924bfae60d6f89619eda1ea7ee9313d1d74039b03f98dc03536b0469fb
GET /aas/r45d/vki/2020088/3f23ef09.js HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:38:48 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-1a022"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Bungee+Spice&display=swap | 142.250.74.74 | 200 OK | 1.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Bungee+Spice&display=swap IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (1310), with no line terminators Hash6ed7e36a675f79912a60041296e6712c 90726391e4efdc836774a463094dbce3f980c761 59214048cf850c5c635c4bd6669db6222a200dd806e8ec2b2e8f504fa0b9393d
GET /css2?family=Bungee+Spice&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 22:38:49 GMT
date: Fri, 26 Apr 2024 22:38:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| show.revopush.com/api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult | 116.203.27.7 | 200 OK | 750 B |
URL GET HTTP/2show.revopush.com/api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult IP116.203.27.7:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoDaddy.com, Inc. Subjectshow.revopush.com Fingerprint14:6E:2A:BA:82:13:C7:FC:12:52:18:54:8C:98:74:9E:31:18:6B:94 ValidityFri, 22 Mar 2024 16:58:42 GMT - Sat, 22 Mar 2025 16:58:42 GMT
File typeUnicode text, UTF-8 text, with very long lines (763), with no line terminators Hashe07717b6186fef21de14b36c0635da62 d1d58a41ac2299adbf18298e97ceb57ad2cc4086 b1f1cca14e7a6a2a37a79703ac0b50be0e3a0324662e429a6bf55c4a0c76741c
GET /api/v1/inpage/show/?uid=180170&subacc=1222898310&sub1=&sub2=&sub3=&sub4=&adult=true&limit=1&traffic=adult HTTP/1.1
Host: show.revopush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Wow64
access-control-allow-origin: https://www.amdahost.com
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/images/close-icon.svg | 185.76.9.22 | 200 OK | 265 B |
URL GET HTTP/2s3t3d2y8.afcdn.net/images/close-icon.svg IP185.76.9.22:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectafcdn.net FingerprintCE:9F:A3:7C:BF:E1:80:9C:11:75:38:23:E8:D2:50:1A:E4:48:37:77 ValidityTue, 27 Feb 2024 16:27:12 GMT - Mon, 27 May 2024 16:27:11 GMT
File typeSVG Scalable Vector Graphics image Hash0e1e3b1614a46466d9535037923e7c34 f8d10a742cd0197a10a041cf447d0dbd3371d07c f66b1cc574e4967cf5417ef445ac663aa9a2ec3cf1c0d23eb1b4c59808237ee0
GET /images/close-icon.svg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:52 GMT
content-type: image/svg+xml
last-modified: Tue, 18 Oct 2022 10:37:29 GMT
etag: W/"634e81e9-109"
expires: Wed, 25 Oct 2023 02:23:43 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBuUwJFAH3d1yMAQ
x-77-nzt-ray: af585630ac349570fc2c2c66a9338721
x-accel-expires: @1719731205
x-accel-date: 1688195205
x-cache: HIT
x-age: 25975927
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 25975927
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/watch_direct.php?id=837b71035c | 104.21.40.89 | 200 OK | 40 kB |
URL User Request GET HTTP/2www.amdahost.com/watch_direct.php?id=837b71035c IP104.21.40.89:443
CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch_direct.php?id=837b71035c HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:48 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff; path=/; domain=.amdahost.com
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uqiucq8G%2FyZy0Kdwqlb%2F9XDLEZTTV1Po7%2FWm8U5IkTrG6dshKpBKALraYYetJPrKnHNO%2FA2fim%2BcDEwje48GV5XEi8KEsWt9eQEmdbOq6bJu4BZ6qNIOpbCYl%2B6e%2FKp7qcCo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa10afa91456be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| a.magsrv.com/ad-provider.js | 185.76.9.14 | 200 OK | 165 kB |
URL GET HTTP/2a.magsrv.com/ad-provider.js IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectmagsrv.com Fingerprint17:F9:9F:23:6D:90:C0:1A:81:DB:D1:AF:6A:07:37:42:2E:99:44:5C ValidityTue, 27 Feb 2024 16:45:44 GMT - Mon, 27 May 2024 16:45:43 GMT
File typeJavaScript source, ASCII text, with very long lines (34846) Size165 kB (164895 bytes) Hasheb15e779d412d3391d2aae19aa7755d3 e85e090c7bd1847e2936d843e14e9f8b38cea47d 7d4f4482a232632c2c8aa4d37adcd5fb14e9fe2d707ae067df0d87596a2c6c9e
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e85e090c7bd1847e2936d843e14"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 24 Apr 2024 18:06:10 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3nBUAAAwBuUwKAQH3EQAAAAwBJRPCNAH3BAAAAA
x-77-nzt-ray: c0a4cc2831082d25fa2c2c66afa11907
x-accel-expires: @1714176398
x-accel-date: 1714165598
x-77-cache: HIT
x-77-age: 5532
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 5532
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| www.amdahost.com/css/root.css | 104.21.40.89 | 200 OK | 3.2 kB |
URL GET HTTP/3www.amdahost.com/css/root.css IP104.21.40.89:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectamdahost.com Fingerprint29:4E:5C:52:EB:B2:9F:20:B3:FE:A0:0D:29:E2:5A:2D:9E:F6:E4:FF ValidityThu, 21 Mar 2024 09:21:34 GMT - Wed, 19 Jun 2024 09:21:33 GMT
File typeASCII text, with very long lines (3175), with no line terminators Hashb29e82a0b6fab49b186f1878409b49cf 632d7a94b851c7c879e29825bee06920d7b5cb99 5b7746d8aa2c0a8a908f6a5df646167afb319fc1d2a6ec08d275e195a275afdf
GET /css/root.css HTTP/1.1
Host: www.amdahost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/watch_direct.php?id=837b71035c
Cookie: PHPSESSID=ac29083627cbe5b9c30a0e58b5c341ff
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 22:38:48 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6128
last-modified: Tue, 27 Feb 2024 08:09:48 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2309
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=um0Ca3wL7i%2FUXtpypPVAACYlrxEi84f5%2F9VyVxj6YMD7o%2B1Ej8hRG9QdNBvG3s2Frl7arjlCpoFsbcEnreTbdXeO5PRB9sESj7sfsSOwHEnVAQcZ0EiY74ZT9SiKYCBqWzT1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa10b32a00569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.fluidplayer.com/v3/current/fluidplayer.min.js | 185.76.9.18 | 200 OK | 233 kB |
URL GET HTTP/2cdn.fluidplayer.com/v3/current/fluidplayer.min.js IP185.76.9.18:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subjectfluidplayer.com FingerprintCD:21:BA:85:8A:CA:A4:37:0F:0A:BD:F7:50:25:DA:75:9E:D3:FB:76 ValidityMon, 26 Feb 2024 13:51:53 GMT - Sun, 26 May 2024 13:51:52 GMT
File typeJavaScript source, ASCII text, with very long lines (65463) Size233 kB (232616 bytes) Hash9829e8e730a9125e695789512d85177a e20a0d55ab1722ef3ad13741a2b8975413d43909 7c38ede4727de973827091514a83d24a039bda1d0d4cac219eb20571a2cc3698
GET /v3/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:49 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Mar 2024 13:23:13 GMT
etag: W/"65fc34c1-38ca8"
expires: Fri, 22 Mar 2024 21:42:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3KA0AAAwBuUwKDAH3AAAAAAwBJRPCMQH3AAAAAA
x-77-nzt-ray: c0a4cc28da0b2925f92c2c6685fa5700
x-accel-expires: @1714254161
x-accel-date: 1714167761
x-77-cache: HIT
x-77-age: 3368
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 3368
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| www.xadsmart.com/PDgMwm/xJSLite.min.js | 185.76.9.24 | 200 OK | 37 kB |
URL GET HTTP/2www.xadsmart.com/PDgMwm/xJSLite.min.js IP185.76.9.24:443 ASN#60068 Datacamp Limited
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subject1376341044.rsc.cdn77.org Fingerprint9E:BC:DC:BC:06:2C:01:7D:11:A9:9F:DB:DC:7A:40:7B:9F:8F:B5:F8 ValidityTue, 20 Feb 2024 02:39:34 GMT - Mon, 20 May 2024 02:39:33 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hashd7dbed577604f50549a63b03bfa18401 1b5458668c7aecbee06b22b21ff6be9a96794393 8a336c5e8047e5d1ec3ace133f6312b27670d7b3d8f30d32b7a611f0a7714860
GET /PDgMwm/xJSLite.min.js HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.amdahost.com
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
popads-node: wb9
expires: Sat, 27 Apr 2024 00:15:03 GMT
access-control-allow-origin: https://www.amdahost.com
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJFAH3EiMJAAwBuUwKDAH30AAAAAwBJRPCLgH3EQAAAA
x-77-nzt-ray: af5856306d2dd554fa2c2c662e3cfe08
x-accel-expires: @1714176903
x-accel-date: 1713572328
x-77-cache: HIT
x-77-age: 598802
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 598802
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| 12ezo5v60.com/get/2020090?zoneid=2020090&jp=_clj5ptgc4ffcv7g6ed4xp9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304789406830080&eclog=0&im=1&freq=0&uf=0 | 212.117.190.202 | 200 OK | 6.7 kB |
URL GET HTTP/212ezo5v60.com/get/2020090?zoneid=2020090&jp=_clj5ptgc4ffcv7g6ed4xp9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304789406830080&eclog=0&im=1&freq=0&uf=0 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeASCII text, with very long lines (6859), with no line terminators Hashdb0197d679b6add187616ff70b19cb82 83afca789c21593f501c35170030a07c5c89e74e de64498480e79a0336e3895520cbc5a9ee2590e23d01b6207d2fd722c95402b3
GET /get/2020090?zoneid=2020090&jp=_clj5ptgc4ffcv7g6ed4xp9&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6304789406830080&eclog=0&im=1&freq=0&uf=0 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Fri, 30 May 2025 22:38:50 GMT; Secure; SameSite=None
UID=24042617388aeb80f496a4447b96065ec601; Path=/; Expires=Fri, 30 May 2025 22:38:50 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| news-galuzo.cc/process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 | 23.158.56.123 | 200 OK | 27 kB |
URL GET HTTP/2news-galuzo.cc/process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 IP23.158.56.123:443 ASN#63023 AS-GLOBALTELEHOST
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerLet's Encrypt Subject*.news-galuzo.cc Fingerprint29:96:67:1F:2C:DD:23:45:EA:5F:11:0B:F4:0B:E7:D5:0D:C3:D1:FB ValidityMon, 15 Apr 2024 08:11:44 GMT - Sun, 14 Jul 2024 08:11:43 GMT
File typeJavaScript source, ASCII text, with very long lines (26456) Hash3ca1d9b6632f576caadc17d642dbf80f ceb16c7352cfc0970638d15e2ac7a4fb9427bb07 486c48ff7bbdf342f02483559795dd5b97c4816bbe8551c301773f94fb7d3376
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /process.js?id=1222898310&p1=sub1&p2=sub2&p3=sub3&p4=sub4 HTTP/1.1
Host: news-galuzo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:38:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Karla&display=swap | 142.250.74.74 | 200 OK | 802 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Karla&display=swap IP142.250.74.74:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (820), with no line terminators Hash19b781ab6f09786f5d9e86ac26de083d 11ca72183489143542fafe4efb122b11f9b4c1d9 e17e04ca3c38fa955e6789b4818c7c24ffd3a99eae0830a01ca51ed8e968db8a
GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 22:38:49 GMT
date: Fri, 26 Apr 2024 22:38:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ku42hjr2e.com/get/2020088?zoneid=2020088&jp=_clf850oyxdmmz5m78donhl&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6867739360251904&eclog=0&im=1&uf=0 | 212.117.190.201 | 200 OK | 2.8 kB |
URL GET HTTP/2ku42hjr2e.com/get/2020088?zoneid=2020088&jp=_clf850oyxdmmz5m78donhl&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6867739360251904&eclog=0&im=1&uf=0 IP212.117.190.201:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerBuypass AS-983163327 Subject Fingerprint15:EC:3A:52:11:EC:ED:35:8E:60:38:E6:CC:79:A7:3E:A3:5B:B6:62 ValidityTue, 09 Jan 2024 12:43:23 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeASCII text, with very long lines (3141), with no line terminators Hash39034fc9cf80d3658aeb3919b496cd02 6755d7fcc3ab32986137885b5b487015d416d5e7 65d11f67b97af4004bd7cd03934f87a7aeadec38f9a190ff6148f1d0ada8f37c
GET /get/2020088?zoneid=2020088&jp=_clf850oyxdmmz5m78donhl&nojs=0&abvar=0&febuild=1.0.233&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=6867739360251904&eclog=0&im=1&uf=0 HTTP/1.1
Host: ku42hjr2e.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:38:50 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Fri, 30 May 2025 22:38:50 GMT; Secure; SameSite=None
UID=24042617385c360c9b3cc143d783f050ebc9; Path=/; Expires=Fri, 30 May 2025 22:38:50 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| cdn.tailwindcss.com/3.4.3 | 172.67.41.16 | 200 OK | 366 kB |
URL GET HTTP/2cdn.tailwindcss.com/3.4.3 IP172.67.41.16:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerCloudflare, Inc. Subjecttailwindcss.com Fingerprint5F:87:FB:92:D4:93:DA:09:E3:5B:EF:92:CE:2F:47:18:3A:8A:C7:49 ValidityTue, 07 Nov 2023 00:00:00 GMT - Tue, 05 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (52292) Size366 kB (365681 bytes) Hash4bdcdace639cc6c0f08a15c295482172 6fa7ad6e87d8b19bff7e2bd0becf87d87d57be31 d2c35bf03246b0634bb22cbdc74962c8368e5e13b656e7f3cc10029da79d2e5c
GET /3.4.3 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.amdahost.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 22:38:49 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::rn74h-1711569125689-ef02b3caf33b
last-modified: Wed, 27 Mar 2024 19:52:06 GMT
cf-cache-status: HIT
age: 2601734
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa10b70f5ab4ee-OSL
X-Firefox-Spdy: h2
|
|
| 12ezo5v60.com/bultykh/ipp24/7/bazinga/2020090 | 212.117.190.202 | 200 OK | 158 kB |
URL GET HTTP/212ezo5v60.com/bultykh/ipp24/7/bazinga/2020090 IP212.117.190.202:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerBuypass AS-983163327 Subject FingerprintDB:57:32:8B:71:3B:E2:BC:8C:B1:94:D1:8A:25:4E:EE:A7:BA:C5:59 ValidityTue, 09 Jan 2024 13:35:13 GMT - Sat, 06 Jul 2024 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65107) Size158 kB (158045 bytes) Hash3dfaf38c2289e292cc712a7019b2d145 4ef2d477f159e89f5ce4954eb2a8fdb0a727b323 e40fa397a311e3027f5bf108f54ec3ac18a94ea259c061e49840843010d84994
GET /bultykh/ipp24/7/bazinga/2020090 HTTP/1.1
Host: 12ezo5v60.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 22:38:48 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 17:06:20 GMT
vary: Accept-Encoding
etag: W/"662a8d8c-269a3"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| xadsmart.com/qxomuzxgzssg?YOPhoKVt=BQLyAAAAAAAACZUAAmMjUl7ZDMaqdxbf_gEsjcVoheYpmJg5gZlwscV4a4O7ktHk9sfHWhU57xelM37rEycPOjOuLRPXEZvM1re7hWXfitH2mwJnueOZ7SsUEQtbzI2dPLg1UiScH-jm6F6SGaIas36aDPzqsewKxytVBhhR-HeYysKNcFFdRiAn8mFhdY5HqRR9cC0XFsZow89tJUva-FrNO0edWNu_BSAgxujddLZrquJPWDXBCe-sq7UdFMUkJ_LNbYn4864bnSJVz9aZTrhER2CdPlQmgzh6AaPt-ASZKR0aG7E2Z8nP4UbkrsfoYnobP-FUSo9zds76FS0nuc0T7k9GMU87s1XfhqWGFiG57XLgdYvBbDDbnaH3ZxAMCMSi4MpJX4F5e8Fto71ScJIUTegdmvFQUH4zPx80AQLJk3a8XrXjWxzmWzeb0E7QfQ--eVnyF4k813XxuhfVETJ066GSkNjW-wLNJI8e8_EWUy4Cls2lnXiaW8PsSHP1W2wOIf0CtZqGFlSpBbl_6DrMmCyeysbV9H_bjU13byB-8uDH1DAmiF2leIO0Prl6A44gpw1q1GIB6B1UEZAZAE5GbwnR8PCYD_lEt3IlWp9ift136VEl9bVwrzJXDdDyO9534QV6pP87dYqtgGO0L7T8dGQnTy4jCAU_SDkN4MNCI5eT7wMd_yVGOrQUlzbouvL2l1fWkpbGbkHXFabxOiKvGA8tbgXr81eQ6FMduOKNyxBvjdNAsXrX6Oz447ibK42x_UjEf5qrwelUEMsAUx8lIvDwFShhvaDCnCfSxgYSk4FVq6IPIjiFGl4UPU0M1J-YXUZax0T-VTSW6DGb7z-VJVKgv0jMw4BSLzjjwBw6FLTjoOl4E8LNsnCHnd68bkHgVDEubs-oKry2ZsCQqynfLEe8O7ERSJTrKpNVVDL1_WblVYXOgzYTVz6LdvSZG5CSV5baam9bgE_Lzb5_X7R68qcOZ371RVF7IiTvclMOJ762eYGkyFEkz7cG&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 | 104.153.197.251 | 200 OK | 44 B |
URL GET HTTP/2xadsmart.com/qxomuzxgzssg?YOPhoKVt=BQLyAAAAAAAACZUAAmMjUl7ZDMaqdxbf_gEsjcVoheYpmJg5gZlwscV4a4O7ktHk9sfHWhU57xelM37rEycPOjOuLRPXEZvM1re7hWXfitH2mwJnueOZ7SsUEQtbzI2dPLg1UiScH-jm6F6SGaIas36aDPzqsewKxytVBhhR-HeYysKNcFFdRiAn8mFhdY5HqRR9cC0XFsZow89tJUva-FrNO0edWNu_BSAgxujddLZrquJPWDXBCe-sq7UdFMUkJ_LNbYn4864bnSJVz9aZTrhER2CdPlQmgzh6AaPt-ASZKR0aG7E2Z8nP4UbkrsfoYnobP-FUSo9zds76FS0nuc0T7k9GMU87s1XfhqWGFiG57XLgdYvBbDDbnaH3ZxAMCMSi4MpJX4F5e8Fto71ScJIUTegdmvFQUH4zPx80AQLJk3a8XrXjWxzmWzeb0E7QfQ--eVnyF4k813XxuhfVETJ066GSkNjW-wLNJI8e8_EWUy4Cls2lnXiaW8PsSHP1W2wOIf0CtZqGFlSpBbl_6DrMmCyeysbV9H_bjU13byB-8uDH1DAmiF2leIO0Prl6A44gpw1q1GIB6B1UEZAZAE5GbwnR8PCYD_lEt3IlWp9ift136VEl9bVwrzJXDdDyO9534QV6pP87dYqtgGO0L7T8dGQnTy4jCAU_SDkN4MNCI5eT7wMd_yVGOrQUlzbouvL2l1fWkpbGbkHXFabxOiKvGA8tbgXr81eQ6FMduOKNyxBvjdNAsXrX6Oz447ibK42x_UjEf5qrwelUEMsAUx8lIvDwFShhvaDCnCfSxgYSk4FVq6IPIjiFGl4UPU0M1J-YXUZax0T-VTSW6DGb7z-VJVKgv0jMw4BSLzjjwBw6FLTjoOl4E8LNsnCHnd68bkHgVDEubs-oKry2ZsCQqynfLEe8O7ERSJTrKpNVVDL1_WblVYXOgzYTVz6LdvSZG5CSV5baam9bgE_Lzb5_X7R68qcOZ371RVF7IiTvclMOJ762eYGkyFEkz7cG&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 IP104.153.197.251:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerSectigo Limited Subjectxadsmart.com FingerprintFC:E8:BA:57:31:46:6D:51:70:B5:42:35:6E:CF:97:6F:AF:38:C5:58 ValidityMon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashd5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /qxomuzxgzssg?YOPhoKVt=BQLyAAAAAAAACZUAAmMjUl7ZDMaqdxbf_gEsjcVoheYpmJg5gZlwscV4a4O7ktHk9sfHWhU57xelM37rEycPOjOuLRPXEZvM1re7hWXfitH2mwJnueOZ7SsUEQtbzI2dPLg1UiScH-jm6F6SGaIas36aDPzqsewKxytVBhhR-HeYysKNcFFdRiAn8mFhdY5HqRR9cC0XFsZow89tJUva-FrNO0edWNu_BSAgxujddLZrquJPWDXBCe-sq7UdFMUkJ_LNbYn4864bnSJVz9aZTrhER2CdPlQmgzh6AaPt-ASZKR0aG7E2Z8nP4UbkrsfoYnobP-FUSo9zds76FS0nuc0T7k9GMU87s1XfhqWGFiG57XLgdYvBbDDbnaH3ZxAMCMSi4MpJX4F5e8Fto71ScJIUTegdmvFQUH4zPx80AQLJk3a8XrXjWxzmWzeb0E7QfQ--eVnyF4k813XxuhfVETJ066GSkNjW-wLNJI8e8_EWUy4Cls2lnXiaW8PsSHP1W2wOIf0CtZqGFlSpBbl_6DrMmCyeysbV9H_bjU13byB-8uDH1DAmiF2leIO0Prl6A44gpw1q1GIB6B1UEZAZAE5GbwnR8PCYD_lEt3IlWp9ift136VEl9bVwrzJXDdDyO9534QV6pP87dYqtgGO0L7T8dGQnTy4jCAU_SDkN4MNCI5eT7wMd_yVGOrQUlzbouvL2l1fWkpbGbkHXFabxOiKvGA8tbgXr81eQ6FMduOKNyxBvjdNAsXrX6Oz447ibK42x_UjEf5qrwelUEMsAUx8lIvDwFShhvaDCnCfSxgYSk4FVq6IPIjiFGl4UPU0M1J-YXUZax0T-VTSW6DGb7z-VJVKgv0jMw4BSLzjjwBw6FLTjoOl4E8LNsnCHnd68bkHgVDEubs-oKry2ZsCQqynfLEe8O7ERSJTrKpNVVDL1_WblVYXOgzYTVz6LdvSZG5CSV5baam9bgE_Lzb5_X7R68qcOZ371RVF7IiTvclMOJ762eYGkyFEkz7cG&VjbiyKFO=4&IKHyiYBX=5085941&adZKufBH=0.001&qAFmDbBt=0,0&hXmcJsBp=&UHzxbETs=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.amdahost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
popads-node: wb9
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
set-cookie: PP_CV=yes; expires=Fri, 26 Apr 2024 23:38:53 GMT; Max-Age=3600
fraudcheck=401d2bc0e6b2b210053c29a02c7eb105; expires=Sun, 26 May 2024 22:38:53 GMT; Max-Age=2592000; path=/; domain=.popads.net
popads-ec: 5
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Fri, 26 Apr 2024 22:38:53 GMT
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwntiAylYjP2OcSqVZ56uOd8vNywmJiPGZjINv7T9UoVNNjc9UF1TAbhwFoK9_ST-wO8XEj2A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1812651663%3A1714171133339585&theme=mn&ddm=0 | 74.125.131.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwntiAylYjP2OcSqVZ56uOd8vNywmJiPGZjINv7T9UoVNNjc9UF1TAbhwFoK9_ST-wO8XEj2A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1812651663%3A1714171133339585&theme=mn&ddm=0 IP74.125.131.84:443
Requested byhttps://www.amdahost.com/watch_direct.php?id=837b71035c CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwntiAylYjP2OcSqVZ56uOd8vNywmJiPGZjINv7T9UoVNNjc9UF1TAbhwFoK9_ST-wO8XEj2A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1812651663%3A1714171133339585&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 22:38:53 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-sNRoGJ0nYCcAmqh9ohwvpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|